public LoginResponse AuthenticateCredentials(string username, string password)
{
var response = new LoginResponse();
//authentication consists of:
//1) checking if the user exists
//2) if they exist, checking if entered password matches stored password
//an accountId of -1 and RequestSuccess = false indicates a failure
response.AccountId = _accountQueries.CheckIfUserExists(username);
if (response.AccountId == -1)
{
response.Message = "Incorrect username or password.\n";
response.RequestSuccess = false;
return(response);
}
if (!CheckIfPasswordsMatch(password, response.AccountId))
{
response.Message = "Incorrect username or password.\n";
response.RequestSuccess = false;
response.AccountId = -1;
return(response);
}
response.Message = "Thank you for logging in. Please continue.\n";
response.RequestSuccess = true;
return(response);
}
public void TestWritingNewAccountToDatabase(string newUser, string password, string salt, int accountId)
{
var newAccount = new Account
{
Username = newUser,
AccountId = accountId,
Password = password,
Salt = salt
};
_testAccountQueries.WriteNewAccountCredentialsToDatabase(newAccount);
var expectedAccountId = _testAccountQueries.CheckIfUserExists(newUser);
Assert.Equal(accountId, expectedAccountId);
}
public AccountCreationResponse ValidateCredentials(string username, string password, string reEnteredPassword)
{
//uses a request-response model to supply meaningul output to the user in the event their credentials are/are not valid
var response = new AccountCreationResponse();
if (username == string.Empty)
{
response.RequestSuccess = false;
response.Message = "Username cannot be blank.\n";
return(response);
}
if (_accountQueries.CheckIfUserExists(username) != -1)
{
response.RequestSuccess = false;
response.Message = "User name already exists, please choose a different user name.\n";
return(response);
}
if (password == string.Empty)
{
response.RequestSuccess = false;
response.Message = "Password cannot be blank.\n";
return(response);
}
if (!CheckIfPasswordsMatch(password, reEnteredPassword))
{
response.RequestSuccess = false;
response.Message = "Passwords do not match.\n";
return(response);
}
var finalCredentials = SetFinalAccountCredentials(username, password);
CreateAccount(finalCredentials);
response.RequestSuccess = true;
response.Message = "Account created successfully. Please log in to continue.\n";
return(response);
}
