public ClientWithPasswordModel GetClientByUsername(string username)
{
SqlDataReader reader = this.ExecuteReader(
@"SELECT c.Id,
c.Username,
c.PasswordHash,
c.PasswordSalt,
ct.Name AS RoleName
FROM Clients AS c
JOIN ClientTypes AS ct
ON c.ClientTypeId = ct.Id
WHERE Username = @username",
new Dictionary <string, object>
{
{ "@username", username }
});
ClientWithPasswordModel clientWithPassword = null;
using (reader)
{
while (reader.Read())
{
int id = reader.GetInt32(0);
string usernameFromDatabase = reader.GetString(1);
string passwordHash = reader.GetString(2);
string passwordSalt = reader.GetString(3);
string roleName = reader.GetString(4);
clientWithPassword = new ClientWithPasswordModel(id, usernameFromDatabase, roleName, passwordHash, passwordSalt);
}
}
return(clientWithPassword);
}
public ClientModel GetClient(ClientLoginBindingModel clientModel)
{
ClientWithPasswordModel clientWithPassword = this.clientRepository.GetClientByUsername(clientModel.Username);
if (clientWithPassword == null)
{
return(null);
}
string actualPasswordHash = PasswordUtilities.GeneratePasswordHash(clientModel.Password, clientWithPassword.PasswordSalt);
if (actualPasswordHash != clientWithPassword.PasswordHash)
{
return(null);
}
ClientModel client = new ClientModel(clientWithPassword.Id, clientWithPassword.Username, clientWithPassword.Role);
return(client);
}
