public LoginResponse AuthenticateCredentials(string username, string password) { var response = new LoginResponse(); //authentication consists of: //1) checking if the user exists //2) if they exist, checking if entered password matches stored password //an accountId of -1 and RequestSuccess = false indicates a failure response.AccountId = _accountQueries.CheckIfUserExists(username); if (response.AccountId == -1) { response.Message = "Incorrect username or password.\n"; response.RequestSuccess = false; return(response); } if (!CheckIfPasswordsMatch(password, response.AccountId)) { response.Message = "Incorrect username or password.\n"; response.RequestSuccess = false; response.AccountId = -1; return(response); } response.Message = "Thank you for logging in. Please continue.\n"; response.RequestSuccess = true; return(response); }
public void TestWritingNewAccountToDatabase(string newUser, string password, string salt, int accountId) { var newAccount = new Account { Username = newUser, AccountId = accountId, Password = password, Salt = salt }; _testAccountQueries.WriteNewAccountCredentialsToDatabase(newAccount); var expectedAccountId = _testAccountQueries.CheckIfUserExists(newUser); Assert.Equal(accountId, expectedAccountId); }
public AccountCreationResponse ValidateCredentials(string username, string password, string reEnteredPassword) { //uses a request-response model to supply meaningul output to the user in the event their credentials are/are not valid var response = new AccountCreationResponse(); if (username == string.Empty) { response.RequestSuccess = false; response.Message = "Username cannot be blank.\n"; return(response); } if (_accountQueries.CheckIfUserExists(username) != -1) { response.RequestSuccess = false; response.Message = "User name already exists, please choose a different user name.\n"; return(response); } if (password == string.Empty) { response.RequestSuccess = false; response.Message = "Password cannot be blank.\n"; return(response); } if (!CheckIfPasswordsMatch(password, reEnteredPassword)) { response.RequestSuccess = false; response.Message = "Passwords do not match.\n"; return(response); } var finalCredentials = SetFinalAccountCredentials(username, password); CreateAccount(finalCredentials); response.RequestSuccess = true; response.Message = "Account created successfully. Please log in to continue.\n"; return(response); }