public AuthenticationResult Login(LoginRequest request)
{
var salt = "";
using (var connection = new SqlConnection(_connStr))
using (var query = new SqlCommand())
{
query.Connection = connection;
connection.Open();
query.CommandText = "select Salt from Student where IndexNumber = @index";
query.Parameters.AddWithValue("index", request.Login);
using (var dataReader = query.ExecuteReader())
{
if (!dataReader.Read())
{
return(null);
}
salt = dataReader["Salt"].ToString();
}
query.CommandText = "select Role from Student where IndexNumber = @index and Password = @password;";
query.Parameters.AddWithValue("password", PasswordHandler.CreateHash(request.Password, salt));
return(Authenticate(query));
}
}
public AuthenticationService Login(LoginRequest request)
{
using (var connection = new SqlConnection("Data Source = db - mssql; Initial Catalog = s16531; Integrated Security = True"))
using (var command = new SqlCommand())
{
command.Connection = connection;
connection.Open();
command.CommandText = "select Salt from Student where IndexNumber = @index;";
command.Parameters.AddWithValue("index", request.Login);
var salt = "";
using (var dataReader = command.ExecuteReader())
{
if (!dataReader.Read())
{
return(null);
}
salt = dataReader["Salt"].ToString();
}
command.CommandText = "select Role from Student where IndexNumber = @index and Password = @password;";
command.Parameters.AddWithValue("password", PasswordHandler.CreateHash(request.Password, salt));
return(Authenticate(command));
}
}
