//Add role when user signs up.. too lazy to do now
public void Add(User entity)
{
//Idea: Maybe insert something to a junction table(booking or something), and make sure to implement the correct isolation level, to prevent overbooking,
//ADO and/or TransactionScope
TransactionOptions opt = new TransactionOptions();
//Could probably read if the user exists first to visualize that another transaction isolation level will be needed
//BUt in this case the email is unique, and it isnt needed here
opt.IsolationLevel = IsolationLevel.ReadCommitted;
using (TransactionScope scope = new TransactionScope(TransactionScopeOption.RequiresNew))
{
using (SqlConnection conn = new SqlConnection(CONNECTION_STRING))
{
conn.Open();
using (SqlCommand cmd = conn.CreateCommand())
{
string sql = "INSERT INTO [Users] (Email,Password,Salt) VALUES(@email,@password,@salt)";
cmd.CommandText = sql;
cmd.Parameters.AddWithValue("@email", entity.Email);
var newSalt = HashingManager.GenerateSalt();
var newHash = HashingManager.HashPassword(entity.Password, newSalt);
cmd.Parameters.AddWithValue("@password", newHash);
cmd.Parameters.AddWithValue("@salt", newSalt);
cmd.ExecuteNonQuery();
}
scope.Complete();
}
}
}