public bool IsValidUser(string username, string password, out string role)
{
role = string.Empty;
User userFromDB = getUserByUsername(username);
if (userFromDB == null)
{
return(false);
}
if (userFromDB.password.Equals(EncDecService.Encrypt(password)))
{
role = userFromDB.role;
return(true);
}
return(false);
}
/// <summary>
/// Updates choosen user
/// </summary>
/// <param name="id">user id</param>
/// <param name="user">user update info</param>
/// <returns>updated user</returns>
public async Task <User> PutByUsername(string username, User user)
{
_context = new MyFootballContext();
string encPass = EncDecService.Encrypt(user.password);
StringBuilder query = new StringBuilder();
query.AppendFormat("Update webuser Set password = '******', email = '{1}', favouriteTeam = {2}"
+ " where username = '******'",
encPass, user.email, user.favouriteTeam, username);
using (MySqlConnection conn = _context.GetConnection())
{
conn.Open();
string q = query.ToString();
MySqlCommand cmd = new MySqlCommand(q, conn);
cmd.ExecuteNonQuery();
conn.Close();
user.password = encPass;
return(user);
}
}
/// <summary>
/// Inserts new user in database
/// </summary>
/// <param name="user">new user</param>
/// <returns>user</returns>
public async Task <User> Add(User user)
{
_context = new MyFootballContext();
StringBuilder query = new StringBuilder();
string encPass = EncDecService.Encrypt(user.password);
query.AppendFormat("insert into webuser (username, password, role, email, favouriteTeam)"
+ " values ('{0}','{1}','{2}','{3}','{4}')", user.username, encPass, "User", user.email, user.favouriteTeam);
using (MySqlConnection conn = _context.GetConnection())
{
conn.Open();
string q = query.ToString();
MySqlCommand cmd = new MySqlCommand(q, conn);
cmd.ExecuteNonQuery();
user.password = encPass;
conn.Close();
}
return(user);
}
