public static List <AuthenticationDetailParameters> AutheticateUser(AuthenticationParameters filter) { List <AuthenticationDetailParameters> authuser = new List <AuthenticationDetailParameters>(); try { //sp_auth_user using (MySqlConnection conn = new MySqlConnection(connectionString)) { MySqlCommand cmd = new MySqlCommand("sp_auth_user", conn); cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.Add("@_user_code", MySqlDbType.String).Value = filter._user_code; cmd.Parameters.Add("@_password", MySqlDbType.String).Value = filter._password; conn.Open(); using (IDataReader dr = cmd.ExecuteReader()) { while (dr.Read()) { AuthenticationDetailParameters _AuthenticationDetailParameters = new AuthenticationDetailParameters(); string status = dr.IsNull <string>("status"); _AuthenticationDetailParameters.status = status; if (status != "success") { _AuthenticationDetailParameters.user_code = ""; } else { _AuthenticationDetailParameters.user_id = dr.IsNull <uint>("id"); _AuthenticationDetailParameters.user_code = dr.IsNull <string>("user_code"); _AuthenticationDetailParameters.password = dr.IsNull <string>("password"); _AuthenticationDetailParameters.privilege_name = dr.IsNull <string>("privilege_name"); _AuthenticationDetailParameters.role_name = dr.IsNull <string>("role_name"); _AuthenticationDetailParameters.UserName = dr.IsNull <string>("user_name"); } authuser.Add(_AuthenticationDetailParameters); } } } return(authuser); } catch (Exception e) { AuthenticationDetailParameters _AuthenticationDetailParameters = new AuthenticationDetailParameters(); string status = "failed with exception in code"; _AuthenticationDetailParameters.status = status; authuser.Add(_AuthenticationDetailParameters); return(authuser); } }
public static List <AuthenticationDetailParameters> AutheticateUserwithattempts(AuthenticationParameters filter) { List <AuthenticationDetailParameters> authuser = new List <AuthenticationDetailParameters>(); try { attempts = Convert.ToInt32(filter._attempt.ToString()); DataSet ds = new DataSet(); DataSet ds1 = new DataSet(); //sp_auth_user using (MySqlConnection conn = new MySqlConnection(connectionString)) { conn.Open(); MySqlCommand cmd = new MySqlCommand("select id,LoginAttempt from mst_users where user_code=@username", conn); cmd.Parameters.AddWithValue("@username", filter._user_code); cmd.Parameters.AddWithValue("@password", filter._password); MySqlDataAdapter da = new MySqlDataAdapter(cmd); da.Fill(ds); if (ds != null) { if (ds.Tables[0].Rows.Count > 0) { attempts = Convert.ToInt32(ds.Tables[0].Rows[0]["LoginAttempt"]); if (attempts == 3) { AuthenticationDetailParameters _AuthenticationDetailParameters = new AuthenticationDetailParameters(); string status = "Your Account Already Locked"; _AuthenticationDetailParameters.status = status; authuser.Add(_AuthenticationDetailParameters); // return authuser; } else { cmd = new MySqlCommand("sp_auth_user_attempt", conn); cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.Add("@_user_code", MySqlDbType.String).Value = filter._user_code; cmd.Parameters.Add("@_password", MySqlDbType.String).Value = filter._password; da = new MySqlDataAdapter(cmd); da.Fill(ds1); if (ds1 != null) { if (ds1.Tables[0].Rows.Count > 0 && ds1.Tables[0].Rows[0]["LoginAttempt"].ToString() != "") { filter._attempt = ds1.Tables[0].Rows[0]["LoginAttempt"].ToString(); if (Convert.ToInt32(filter._attempt.ToString()) != 3) { cmd = new MySqlCommand("update mst_users set LoginAttempt=0 where user_code=@username and password=@password", conn); cmd.Parameters.AddWithValue("@username", filter._user_code); cmd.Parameters.AddWithValue("@password", filter._password); cmd.ExecuteNonQuery(); AuthenticationDetailParameters _AuthenticationDetailParameters = new AuthenticationDetailParameters(); string status = ds1.Tables[0].Rows[0]["status"].ToString(); _AuthenticationDetailParameters.status = status; if (status != "success") { _AuthenticationDetailParameters.user_code = ""; } else { _AuthenticationDetailParameters.user_id = Convert.ToUInt32(ds1.Tables[0].Rows[0]["id"].ToString()); _AuthenticationDetailParameters.user_code = ds1.Tables[0].Rows[0]["user_code"].ToString(); _AuthenticationDetailParameters.password = ds1.Tables[0].Rows[0]["password"].ToString(); _AuthenticationDetailParameters.privilege_name = ds1.Tables[0].Rows[0]["privilege_name"].ToString(); _AuthenticationDetailParameters.role_name = ds1.Tables[0].Rows[0]["role_name"].ToString(); _AuthenticationDetailParameters.UserName = ds1.Tables[0].Rows[0]["user_name"].ToString(); } authuser.Add(_AuthenticationDetailParameters); // return authuser; } else { AuthenticationDetailParameters _AuthenticationDetailParameters = new AuthenticationDetailParameters(); string status = "Your Account Already Locked...Contact Administrator"; _AuthenticationDetailParameters.status = status; authuser.Add(_AuthenticationDetailParameters); // return authuser; } } else { AuthenticationDetailParameters _AuthenticationDetailParameters = new AuthenticationDetailParameters(); string strquery = string.Empty; if (attempts > 2) { strquery = "update mst_users set islocked=1, LoginAttempt=@attempts where user_code=@username and password=@password"; string status = "You Reached Maximum Attempts. Your account has been locked"; _AuthenticationDetailParameters.status = status; } else { attempts = attempts + 1; filter._attempt = attempts.ToString(); if (attempts == 3) { strquery = "update mst_users set islocked=1,LoginAttempt=@attempts where user_code=@username"; string status = "Your Account Locked"; _AuthenticationDetailParameters.status = status; } else { strquery = "update mst_users set LoginAttempt=@attempts where user_code=@username"; string status = "Your Password Wrong you have only " + (3 - attempts) + " attempts"; _AuthenticationDetailParameters.status = status; } } cmd = new MySqlCommand(strquery, conn); cmd.Parameters.AddWithValue("@username", filter._user_code); cmd.Parameters.AddWithValue("@password", filter._password); cmd.Parameters.AddWithValue("@attempts", attempts); cmd.ExecuteNonQuery(); authuser.Add(_AuthenticationDetailParameters); //return authuser; } } } } else { AuthenticationDetailParameters _AuthenticationDetailParameters = new AuthenticationDetailParameters(); string status = "UserName does not exist"; _AuthenticationDetailParameters.status = status; authuser.Add(_AuthenticationDetailParameters); // return authuser; } } else { AuthenticationDetailParameters _AuthenticationDetailParameters = new AuthenticationDetailParameters(); string status = "UserName does not exist"; _AuthenticationDetailParameters.status = status; authuser.Add(_AuthenticationDetailParameters); // return authuser; } } return(authuser); } catch (Exception e) { AuthenticationDetailParameters _AuthenticationDetailParameters = new AuthenticationDetailParameters(); string status = "failed with exception in code"; _AuthenticationDetailParameters.status = status; authuser.Add(_AuthenticationDetailParameters); return(authuser); } }