Exemplo n.º 1
0
            public static UserAuthResult Authenticate(string userName, string password, string providerKey)
            {
                string Auth_GetUserByCredentials =
                @"SELECT u.ID,u.Name,u.Surname,u.Email,u.Password,u.About,u.BirthDate,u.DateCreated,u.LastLogin,u.DateUpdated,ul.LoginProvider 
                FROM User AS u
                INNER JOIN UserLogin AS ul 
                ON u.ID = ul.UserID
                WHERE  u.Email = '{1}'

                WHERE  ul.Providerkey = '{1}'";

                string connStr = ConfigurationManager.AppSettings["MasterSQLConnection"];
                SqlDatabase db = new SqlDatabase(connStr);
                UserAuthResult result = new UserAuthResult();
                result.AuthSuccess = false;
                User user = new User();
                string dbPassword = string.Empty;
                try
                {
                    string query = String.Format(Auth_GetUserByCredentials, userName);
                    using (DbCommand command = db.GetSqlStringCommand(query))
                    {

                        using (IDataReader reader = db.ExecuteReader(command))
                        {
                            if (reader.Read())
                            {
                                //Users.ID,Users.Name,Surname,IsAdmin,IsSuperAdmin,LoginType,Users.ActiveDirectoryDomain,Password
                                user.ID       = int.Parse(reader["ID"].ToString());
                                user.Password = reader["Password"].ToString();
                                user.Name     = reader["Name"].ToString();
                                user.Surname  = reader["Surname"].ToString();
                            }
                            else
                            {
                                result.AuthSuccess = false;
                                result.ErrorMsg = "Username or password is wrong";
                            }
                        }
                    }
                }
                finally
                {
                }


                if (!string.IsNullOrEmpty(password) && user.ID > 0 && password.Equals(user.Password))
                {
                    result.User = user;
                    result.AuthSuccess = true;
                }
                else
                {
                    result.ErrorMsg = "Username or password is wrong";
                }

                return result;

            }