public static tbl_userdata FindUserByEmail(string emailAddress) { tbl_userdata foundUser = new tbl_userdata(); Dictionary <string, Object> dic = new Dictionary <string, Object>(); dic.Add("in_email", emailAddress); foundUser = (tbl_userdata)ProcedureCall <tbl_userdata> .ExecuteReader(dic, "FindUserByEmail"); return(foundUser); }
public static tbl_userdata FindUserById(int userId) { tbl_userdata foundUser = new tbl_userdata(); Dictionary <string, Object> dic = new Dictionary <string, Object>(); dic.Add("in_givenUserId", userId); foundUser = (tbl_userdata)ProcedureCall <tbl_userdata> .ExecuteReader(dic, "FindUserById"); return(foundUser); }
public static tbl_labourerdata FindLabourerById(string labourerId) { tbl_labourerdata foundLabourer = new tbl_labourerdata(); Dictionary <string, Object> dic = new Dictionary <string, Object>(); dic.Add("in_givenLabourerId", labourerId); foundLabourer = ProcedureCall <tbl_labourerdata> .ExecuteReader(dic, "FindLabourerById"); return(foundLabourer); }
public static tbl_servicedata FindServiceById(int serviceId) { tbl_servicedata foundService = new tbl_servicedata(); Dictionary <string, Object> dic = new Dictionary <string, Object>(); dic.Add("in_givenServiceId", serviceId); foundService = (tbl_servicedata)ProcedureCall <tbl_servicedata> .ExecuteReader(dic, "FindServiceById"); return(foundService); }
public static LoginModel UserLogin(LoginModel loginMdl) { //Check if user is found (return the password) Dictionary <string, Object> dic1 = new Dictionary <string, object>(); dic1.Add("in_emailAddress", loginMdl.EmailAddress); tbl_userdata user = ProcedureCall <tbl_userdata> .ExecuteReader(dic1, "auth_CheckUserExistsLogin"); string result = user.fld_password; if (result == null) { //Account was not found loginMdl.UserId = -1; return(loginMdl); } //Check if passwords match //First we convert the storedPassword to bytes if (result != null) { string storedPassword = result.ToString(); byte[] passwordBytes = Convert.FromBase64String(storedPassword); //We grab the salt byte[] salt = new byte[16]; Array.Copy(passwordBytes, 0, salt, 0, 16); //Hash the given password and grab the resulting hash Rfc2898DeriveBytes pbkdf2 = new Rfc2898DeriveBytes(loginMdl.Password, salt, 10000); byte[] givenHash = pbkdf2.GetBytes(20); //Compare the hashes of the stored password with the given password int success = 1; for (int i = 0; i < 20; i++) { if (passwordBytes[i + 16] != givenHash[i]) { loginMdl.UserId = 0; return(loginMdl); } } } //Lastly, we check if the account is verified. If it is, the procedure will return all relevant information for later usage if (user.fld_isactivated == 0) { loginMdl.UserId = -3; loginMdl.UserName = user.fld_username; return(loginMdl); } loginMdl.Admin = user.fld_adminPriv; loginMdl.UserName = user.fld_username; loginMdl.EmailAddress = user.fld_email; loginMdl.UserId = user.fld_userid; return(loginMdl); //Retrieve relevant info }