public string AddUser(NewUser model)
{
using (SqlConnection conn = new SqlConnection(_connectionString))
{
conn.Open();
SqlCommand cmd = new SqlCommand("dbo.AddUser", conn);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@name", model.Surname + " " + model.Name);
cmd.Parameters.AddWithValue("@login", model.Login);
cmd.Parameters.AddWithValue("@password", HelperRepository.EncryptPassword(model.Password));
cmd.Parameters.AddWithValue("@roleId", model.RoleId);
return(Convert.ToString(cmd.ExecuteScalar()));
}
}
public Response <UserModel> ValidateUser(LoginModel model)
{
Response <UserModel> response = new Response <UserModel>();
using (SqlConnection conn = new SqlConnection(_connectionString))
{
try
{
conn.Open();
SqlCommand cmd = new SqlCommand("dbo.ValidateUser", conn);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@userName", model.Login);
cmd.Parameters.AddWithValue("@password", HelperRepository.EncryptPassword(model.Password));
SqlDataReader reader = cmd.ExecuteReader();
if (!reader.HasRows)
{
throw new Exception("Неверный логин или пароль!");
}
response.Data = new UserModel();
while (reader.Read())
{
response.Data.Id = reader["Id"] != DBNull.Value ? Convert.ToInt32(reader["Id"]) : 0;
response.Data.Name = reader["Name"] != DBNull.Value ? Convert.ToString(reader["Name"]) : string.Empty;
response.Data.UserName = reader["UserName"] != DBNull.Value ? Convert.ToString(reader["UserName"]) : string.Empty;
response.Data.RoleGUID = reader["RoleGUID"] != DBNull.Value ? Convert.ToString(reader["RoleGUID"]) : string.Empty;
}
response.Code = 1;
response.Message = "success";
}
catch (Exception ex)
{
response.Code = -1;
response.Message = ex.Message;
}
}
return(response);
}