private bool ComparePasswords(User u, string suppliedPass)
{
bool goodUser = false;
NewPassword np = new NewPassword(suppliedPass);
np.Salt = u.Salt;
np = HashPassword(np);
if (u.Password.Equals(np.SaltedHashedPassword))
goodUser = true;
return goodUser;
}
public User GetUser(string userName)
{
SqlConnection conn = null;
SqlCommand cmd = null;
SqlDataReader rdr = null;
User u = null;
try
{
conn = new SqlConnection(connectionString);
cmd = conn.CreateCommand();
cmd.CommandText = MembershipSql.USER_EXISTS;
cmd.CommandType = System.Data.CommandType.Text;
cmd.Parameters.Add(new SqlParameter("@userName", userName));
cmd.Connection.Open();
rdr = cmd.ExecuteReader();
if (rdr.Read())
{
u = new User();
u.UserId = GetSafeInt(rdr[0]);
u.UserName = GetSafeString(rdr[1]);
u.Salt = GetSafeString(rdr[2]);
u.Password = GetSafeString(rdr[3]);
u.Email = GetSafeString(rdr[4]);
u.Token = GetSafeString(rdr[5]);
}
}
catch (Exception ex)
{
LogMsg(ex.Message);
}
finally
{
CloseDbObjects(conn, cmd, rdr);
}
return u;
}
public bool UserExists(User u, string suppliedPassword)
{
bool goodUser = ComparePasswords(u, suppliedPassword);
return goodUser;
}