public string AddUser(NewUser model) { using (SqlConnection conn = new SqlConnection(_connectionString)) { conn.Open(); SqlCommand cmd = new SqlCommand("dbo.AddUser", conn); cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.AddWithValue("@name", model.Surname + " " + model.Name); cmd.Parameters.AddWithValue("@login", model.Login); cmd.Parameters.AddWithValue("@password", HelperRepository.EncryptPassword(model.Password)); cmd.Parameters.AddWithValue("@roleId", model.RoleId); return(Convert.ToString(cmd.ExecuteScalar())); } }
public Response <UserModel> ValidateUser(LoginModel model) { Response <UserModel> response = new Response <UserModel>(); using (SqlConnection conn = new SqlConnection(_connectionString)) { try { conn.Open(); SqlCommand cmd = new SqlCommand("dbo.ValidateUser", conn); cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.AddWithValue("@userName", model.Login); cmd.Parameters.AddWithValue("@password", HelperRepository.EncryptPassword(model.Password)); SqlDataReader reader = cmd.ExecuteReader(); if (!reader.HasRows) { throw new Exception("Неверный логин или пароль!"); } response.Data = new UserModel(); while (reader.Read()) { response.Data.Id = reader["Id"] != DBNull.Value ? Convert.ToInt32(reader["Id"]) : 0; response.Data.Name = reader["Name"] != DBNull.Value ? Convert.ToString(reader["Name"]) : string.Empty; response.Data.UserName = reader["UserName"] != DBNull.Value ? Convert.ToString(reader["UserName"]) : string.Empty; response.Data.RoleGUID = reader["RoleGUID"] != DBNull.Value ? Convert.ToString(reader["RoleGUID"]) : string.Empty; } response.Code = 1; response.Message = "success"; } catch (Exception ex) { response.Code = -1; response.Message = ex.Message; } } return(response); }