public DataAppUserModel GetUser(string username, string password)
{
DataAppUserModel user = new DataAppUserModel();
try
{
using (SqlConnection conn = new SqlConnection(connectionString))
{
conn.Open();
SqlCommand cmd = new SqlCommand(getUserWithUsernameAndPasswordSql, conn);
cmd.Parameters.AddWithValue("@username", username);
cmd.Parameters.AddWithValue("@password", password);
SqlDataReader reader = cmd.ExecuteReader();
while (reader.Read())
{
user.Username = Convert.ToString(reader["username"]);
user.Password = Convert.ToString(reader["password"]);
}
}
}
catch (SqlException ex)
{
throw;
}
return(user);
}
public ActionResult GetAuthenticatedUser()
{
DataAppUserModel model = null;
if (IsAuthenticated)
{
model = appUserDAO.GetUser(CurrentUser);
}
return(PartialView("_AuthenticationBar", model));
}
