public EmployeeWithPasswordModel GetEmployeeWithPasswordByUsername(string username) { SqlDataReader reader = this.ExecuteReader( @"SELECT Id, Username, PasswordHash, PasswordSalt FROM Employees WHERE Username = @username", new Dictionary <string, object> { { "@username", username } }); using (reader) { while (reader.Read()) { int id = reader.GetInt32(0); string usernameFromDatabase = reader.GetString(1); string passwordHash = reader.GetString(2); string passwordSalt = reader.GetString(3); EmployeeWithPasswordModel employeeWithPassword = new EmployeeWithPasswordModel(id, usernameFromDatabase, passwordHash, passwordSalt); return(employeeWithPassword); } } return(null); }
public EmployeeModel GetEmployee(EmployeeLoginBindingModel employeeModel) { using (this.employeeRepository) { EmployeeWithPasswordModel employeeWithPassword = this.employeeRepository.GetEmployeeWithPasswordByUsername(employeeModel.Username); if (employeeWithPassword == null) { return(null); } string actualPasswordHash = PasswordUtilities.GeneratePasswordHash(employeeModel.Password, employeeWithPassword.PasswordSalt); if (actualPasswordHash != employeeWithPassword.PasswordHash) { return(null); } EmployeeModel employee = new EmployeeModel(employeeWithPassword.Id, employeeWithPassword.Username); return(employee); } }