public bool Login(User model)
{
bool res = false;
string sqlConnectionString = ConfigurationManager.ConnectionStrings["DefaultConnection"].ConnectionString;
using (SqlConnection conn = new SqlConnection(sqlConnectionString))
{
conn.Open();
using (SqlCommand cmd = new SqlCommand("dbo.Users_SelectByEmail", conn))
{
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@Email", model.Email);
SqlDataReader reader = cmd.ExecuteReader();
if (reader.Read())
{
User responseModel = Mapper(reader);
int multOf4 = responseModel.Salt.Length % 4;
if (multOf4 > 0)
{
responseModel.Salt += new string('=', 4 - multOf4);
}
CryptographyService cryptSvc = new CryptographyService();
string passwordHash = cryptSvc.Hash(model.BasicPass, responseModel.Salt);
if (passwordHash == responseModel.EncryptedPass)
{
res = true;
}
}
}
conn.Close();
}
return(res);
}
public int Register(User model)
{
int res = 0;
CryptographyService cryptSvc = new CryptographyService();
model.Salt = cryptSvc.GenerateRandomString();
model.EncryptedPass = cryptSvc.Hash(model.BasicPass, model.Salt);
string sqlConnectionString = ConfigurationManager.ConnectionStrings["DefaultConnection"].ConnectionString;
using (SqlConnection conn = new SqlConnection(sqlConnectionString))
{
conn.Open();
using (SqlCommand cmd = new SqlCommand("dbo.Users_Insert", conn))
{
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@Email", model.Email);
cmd.Parameters.AddWithValue("@EncryptedPass", model.EncryptedPass);
cmd.Parameters.AddWithValue("@Salt", model.Salt);
SqlParameter param = new SqlParameter("@Id", SqlDbType.Int);
param.Direction = ParameterDirection.Output;
cmd.Parameters.Add(param);
cmd.ExecuteNonQuery();
res = (int)cmd.Parameters["@Id"].Value;
}
conn.Close();
}
return(res);
}