public AuthenticateUserResponseMessage AuthenticateUser(LoginRequestType type, string username, string password)
{
// go into data access get connection ( userdao )
UserDao = new UserDao();
// go into data access open connection, bring query, fill in datatable
DataTable resultDataTable = UserDao.GetUser("select * from WAE_LTU_USER where username='******'");
if (resultDataTable.Rows.Count == 1)
{
DataRow userRecord = resultDataTable.Rows[0];
string retrievedUsername = (string)userRecord.ItemArray[1];
string retrievedPassword = (string)userRecord.ItemArray[2];
User user = new User{ UserId = userRecord.ItemArray[0].ToString(), Username = (string)userRecord.ItemArray[1], Password = (string)userRecord.ItemArray[2], Name = (string)userRecord.ItemArray[3], Email = (string)userRecord.ItemArray[4], UserType = (string)userRecord.ItemArray[6] };
if (userRecord.ItemArray[5] != System.DBNull.Value) user.StudentId = (string)userRecord.ItemArray[5];
if (type == LoginRequestType.OtherLoginRequest)
{
if (username == retrievedUsername && password == retrievedPassword)
{
return new AuthenticateUserResponseMessage { IsValidUser = true, User = user };
}
}
if (type == LoginRequestType.AdminLoginRequest)
{
if (username == retrievedUsername && password == retrievedPassword && user.UserType == "Admin")
{
return new AuthenticateUserResponseMessage { IsValidUser = true, User = user };
}
}
}
return new AuthenticateUserResponseMessage { IsValidUser = false };
}
