public AuthenticationResult Login(LoginRequest request) { var salt = ""; using (var connection = new SqlConnection(_connStr)) using (var query = new SqlCommand()) { query.Connection = connection; connection.Open(); query.CommandText = "select Salt from Student where IndexNumber = @index"; query.Parameters.AddWithValue("index", request.Login); using (var dataReader = query.ExecuteReader()) { if (!dataReader.Read()) { return(null); } salt = dataReader["Salt"].ToString(); } query.CommandText = "select Role from Student where IndexNumber = @index and Password = @password;"; query.Parameters.AddWithValue("password", PasswordHandler.CreateHash(request.Password, salt)); return(Authenticate(query)); } }
public AuthenticationService Login(LoginRequest request) { using (var connection = new SqlConnection("Data Source = db - mssql; Initial Catalog = s16531; Integrated Security = True")) using (var command = new SqlCommand()) { command.Connection = connection; connection.Open(); command.CommandText = "select Salt from Student where IndexNumber = @index;"; command.Parameters.AddWithValue("index", request.Login); var salt = ""; using (var dataReader = command.ExecuteReader()) { if (!dataReader.Read()) { return(null); } salt = dataReader["Salt"].ToString(); } command.CommandText = "select Role from Student where IndexNumber = @index and Password = @password;"; command.Parameters.AddWithValue("password", PasswordHandler.CreateHash(request.Password, salt)); return(Authenticate(command)); } }