public static void Insert(Account value, out Guid code) { using (SqlConnection cn = new SqlConnection(ConnectionString)) { SqlCommand cmd = new SqlCommand { Connection = cn, CommandText = "spAccountCreate", CommandType = CommandType.StoredProcedure }; cmd.Parameters.Add("name", SqlDbType.NVarChar, 255).Value = value.name; cmd.Parameters.Add("email", SqlDbType.NVarChar, 255).Value = value.email; cmd.Parameters.Add("hash", SqlDbType.NVarChar, 100).Value = PasswordHash.CreateHash(value.hash); cmd.Parameters.Add("accountId", SqlDbType.UniqueIdentifier).Direction = ParameterDirection.Output; cmd.Parameters.Add("code", SqlDbType.UniqueIdentifier).Direction = ParameterDirection.Output; cn.Open(); cmd.ExecuteNonQuery(); value.id = (Guid)cmd.Parameters["accountId"].Value; code = (Guid)cmd.Parameters["code"].Value; cn.Close(); } }
public UserPrincipal(Account account, string clientId, Guid sessionId) { identityValue = new GenericIdentity(account.email); this.Account = account; this.ClientId = clientId; this.SessionId = sessionId; }
public static Account Authenticate(string email, string password) { string query = string.Format("SELECT * FROM viewAccounts WHERE email = '{0}'", email); using (SqlDataAdapter da = new SqlDataAdapter(query, ConnectionString)) { DataTable dt = new DataTable(); if (da.Fill(dt) == 1) { Account account = new Account(dt.Rows[0]); if (PasswordHash.ValidatePassword(password, account.hash)) { return account; } } } return null; }