public IActionResult EnrollStudent(EnrolmentReq request)
{
string salt = "";
byte[] randomBytes = new byte[256];
using (var generator = RandomNumberGenerator.Create())
{
generator.GetBytes(randomBytes);
salt = Convert.ToBase64String(randomBytes);
}
var valueBytes = KeyDerivation.Pbkdf2(
password: request.password,
salt: Encoding.UTF8.GetBytes(salt),
prf: KeyDerivationPrf.HMACSHA512,
iterationCount: 10000,
numBytesRequested: 256);
//hashed password
request.password = Convert.ToBase64String(valueBytes);
var resp = enrolmentDb.enrolStudent(request, salt);
if (resp == null)
{
return(BadRequest("nie istnieja studia lub taki student juz istnieje"));
}
return(CreatedAtAction("enrolemnt created", resp));
//return Ok(resp);
}
public IActionResult EnrollStudent(EnrolmentReq request)
{
String resp = entityStudent.enrollStudent(request);
if (resp == null)
{
return(BadRequest("problem wpisaniem studenta"));
}
return(Ok(resp));
}
public EnrolmentResp enrolStudent(EnrolmentReq req, string salt)
{
using (SqlConnection connection = new SqlConnection(SystemConsts.DB_ADDRESS))
using (SqlCommand command = new SqlCommand())
{
connection.Open();
SqlTransaction transaction = connection.BeginTransaction();
command.Connection = connection;
command.Transaction = transaction;
command.CommandText = SystemConsts.DB_GET_STUDY_ID_BY_STUDY_NAME;
command.Parameters.AddWithValue("@StudyName", req.Studies);
var reader = command.ExecuteReader();
int StudiesId = 0;
if (!reader.Read())
{
reader.Close();
transaction.Rollback();
return(null);
}
else
{
StudiesId = Int32.Parse(reader["IdStudy"].ToString());
}
reader.Close();
command.CommandText = SystemConsts.DB_SELECT_ALL_FROM_ENROLMENT_BY_SEMESTER_AND_STUDIES_ID;
command.Parameters.Clear();
command.Parameters.AddWithValue("@Semester", 1);
command.Parameters.AddWithValue("@IdStudies", StudiesId);
int IdEnrollment = 0;
reader = command.ExecuteReader();
if (reader.Read())
{
IdEnrollment = Int32.Parse(reader["IdEnrollment"].ToString());
}
else
{
command.CommandText = "select max(IdEnrollment) as EnrolmentMaxId from Enrollment where Semester = @Semester";
reader = command.ExecuteReader();
IdEnrollment = Int32.Parse(reader["EnrolmentMaxId"].ToString());
command.CommandText = SystemConsts.DB_INSERT_ENROLMENT;
DateTime todayDate = DateTime.Today;
command.Parameters.AddWithValue("@TodayDate", todayDate);
command.Parameters.AddWithValue("@EnrolmentId", IdEnrollment);
command.ExecuteNonQuery();
}
reader.Close();
command.CommandText = SystemConsts.DB_SELECT_ALL_FROM_STUDENTS_BY_INDEX_NUMBER;
command.Parameters.Clear();
SqlParameter param5 = new SqlParameter("@IndexNumber", req.IndexNumber);
command.Parameters.Add(param5);
reader = command.ExecuteReader();
if (reader.Read())
{
reader.Close();
transaction.Rollback();
return(null);
}
reader.Close();
command.CommandText = SystemConsts.DB_INSERT_STUDENT;
command.Parameters.Clear();
command.Parameters.AddWithValue("@index", req.IndexNumber);
command.Parameters.AddWithValue("@name", req.FirstName);
command.Parameters.AddWithValue("@LastName", req.LastName);
command.Parameters.AddWithValue("@BirthDate", req.BirthDate);
command.Parameters.AddWithValue("@EnrolemntId", IdEnrollment);
command.Parameters.AddWithValue("@Password", req.password);
command.Parameters.AddWithValue("@Salt", salt);
command.ExecuteNonQuery();
var response = new EnrolmentResp()
{
IdEnrollment = IdEnrollment,
Semester = 1
};
transaction.Commit();
return(response);
}
}
public String enrollStudent(EnrolmentReq request)
{
var studentToCheck = context.Student.Where(s => s.IndexNumber == request.IndexNumber).FirstOrDefault();
if (studentToCheck != null)
{
return(null);
}
string salt = "";
byte[] randomBytes = new byte[256];
using (var generator = RandomNumberGenerator.Create())
{
generator.GetBytes(randomBytes);
salt = Convert.ToBase64String(randomBytes);
}
var valueBytes = KeyDerivation.Pbkdf2(
password: request.password,
salt: Encoding.UTF8.GetBytes(salt),
prf: KeyDerivationPrf.HMACSHA512,
iterationCount: 10000,
numBytesRequested: 256);
//hashed password
request.password = Convert.ToBase64String(valueBytes);
var studies = context.Studies.Where(s => s.Name == request.Studies).FirstOrDefault();
if (studies == null)
{
return(null);
}
int maxenrolment = context.Enrollment.Max(e => e.IdEnrollment) + 1;
var enrolment = new Enrollment
{
IdEnrollment = maxenrolment,
IdStudy = studies.IdStudy,
Semester = 1,
StartDate = DateTime.Now
};
context.Enrollment.Add(enrolment);
context.SaveChanges();
Student student = new Student {
IndexNumber = request.IndexNumber,
FirstName = request.FirstName,
LastName = request.LastName,
BirthDate = request.BirthDate,
IdEnrollment = maxenrolment,
Password = request.password,
Salt = salt
};
try
{
context.Student.Add(student);
context.SaveChanges();
}
catch (Exception e)
{
Console.WriteLine(e.StackTrace);
return(null);
}
Console.WriteLine(student.ToString());
return("student o indexie " + student.IndexNumber + " utworzony");
}