public Boolean CreatePassword(LoginRequest req)
{
var id = req.Login;
var pass = req.Haslo;
var salt = IStudentsDbService.CreateSalt();
var s = IStudentsDbService.Create(pass, salt);
using (SqlConnection con = new SqlConnection(ConnString))
using (SqlCommand com = new SqlCommand())
{
con.Open();
SqlTransaction trans = con.BeginTransaction();
com.Connection = con;
com.Transaction = trans;
try
{
com.CommandText = "update student set Salt = @salt, Password = @pass where IndexNumber = @id";
com.Parameters.AddWithValue("id", id);
com.Parameters.AddWithValue("salt", salt);
com.Parameters.AddWithValue("pass", s);
com.ExecuteNonQuery();
trans.Commit();
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
trans.Rollback();
return(false);
}
}
return(true);
}
public string CreatePassword(LoginRequestDto req)
{
string login = req.Login;
string haslo = req.Haslo;
string salt = IStudentsDbService.CreateSalt();
string pass = IStudentsDbService.Create(haslo, salt);
using (SqlConnection con = new SqlConnection(ConnString))
using (SqlCommand com = new SqlCommand())
{
con.Open();
SqlTransaction trans = con.BeginTransaction();
com.Connection = con;
com.Transaction = trans;
try
{
com.CommandText = "update student set Salt = @salt, Password = @password where IndexNumber = @login";
com.Parameters.AddWithValue("login", login);
com.Parameters.AddWithValue("salt", salt);
com.Parameters.AddWithValue("password", pass);
com.ExecuteNonQuery();
trans.Commit();
}
catch (Exception e)
{
trans.Rollback();
return("blad: " + e.ToString());
}
}
return("Ustawiono bezpieczne haslo");
}
public IActionResult RegisterAccount(Student student)
{
var salt = _dbService.CreateSalt();
var hash = _dbService.CreateHash(student.password, salt);
if (!_dbService.TryHash(student, salt, hash).GetType().Equals("BadRequestObjectResult"))
{
return(Ok());
}
return(Unauthorized());
}