public AuthenticateUserResponseMessage AuthenticateUser(LoginRequestType type, string username, string password) { // go into data access get connection ( userdao ) UserDao = new UserDao(); // go into data access open connection, bring query, fill in datatable DataTable resultDataTable = UserDao.GetUser("select * from WAE_LTU_USER where username='******'"); if (resultDataTable.Rows.Count == 1) { DataRow userRecord = resultDataTable.Rows[0]; string retrievedUsername = (string)userRecord.ItemArray[1]; string retrievedPassword = (string)userRecord.ItemArray[2]; User user = new User{ UserId = userRecord.ItemArray[0].ToString(), Username = (string)userRecord.ItemArray[1], Password = (string)userRecord.ItemArray[2], Name = (string)userRecord.ItemArray[3], Email = (string)userRecord.ItemArray[4], UserType = (string)userRecord.ItemArray[6] }; if (userRecord.ItemArray[5] != System.DBNull.Value) user.StudentId = (string)userRecord.ItemArray[5]; if (type == LoginRequestType.OtherLoginRequest) { if (username == retrievedUsername && password == retrievedPassword) { return new AuthenticateUserResponseMessage { IsValidUser = true, User = user }; } } if (type == LoginRequestType.AdminLoginRequest) { if (username == retrievedUsername && password == retrievedPassword && user.UserType == "Admin") { return new AuthenticateUserResponseMessage { IsValidUser = true, User = user }; } } } return new AuthenticateUserResponseMessage { IsValidUser = false }; }