public IActionResult createAccount(RequestAccount account)
{
if (_dbStudentServices.addAccount(account))
{
return(Ok("Account was added"));
}
return(NotFound("Wprowadzonno nie prawidlowy typ dannych "));
}
public bool addAccount(RequestAccount account)
{
// try
// {
using (SqlConnection connection = new SqlConnection(connectParametr))
using (SqlCommand command = new SqlCommand()) {
command.Connection = connection;
connection.Open();
string salt = PasswordHashing.CreateSalt();
string hashingPassword = PasswordHashing.Create(account.Password, salt);
// salt and password
command.CommandText = @" INSERT INTO Student (IndexNumber, FirstName, LastName, BirthDate, IdEnrollment, Password, Salt) " +
" VALUES(@indexNumber, @firstName, @secondName, @birthDate, @idEnrollment, @hashingPassword, @salt); ";
command.Parameters.AddWithValue("indexNumber", account.Student.IndexNumber);
command.Parameters.AddWithValue("firstName", account.Student.FirstName);
command.Parameters.AddWithValue("secondName", account.Student.LastName);
command.Parameters.AddWithValue("birthDate", account.Student.BirthDate);
command.Parameters.AddWithValue("idEnrollment", account.Student.IdEnrollment);
command.Parameters.AddWithValue("hashingPassword", hashingPassword);
command.Parameters.AddWithValue("salt", salt);
if (command.ExecuteNonQuery() == 0)
{
return(false);
}
return(true);
}
// }
// catch (SqlException sqlException) {
// return false;
// }
//return true;
}
