public bool IsValidUser(string username, string password, out string role) { role = string.Empty; User userFromDB = getUserByUsername(username); if (userFromDB == null) { return(false); } if (userFromDB.password.Equals(EncDecService.Encrypt(password))) { role = userFromDB.role; return(true); } return(false); }
/// <summary> /// Updates choosen user /// </summary> /// <param name="id">user id</param> /// <param name="user">user update info</param> /// <returns>updated user</returns> public async Task <User> PutByUsername(string username, User user) { _context = new MyFootballContext(); string encPass = EncDecService.Encrypt(user.password); StringBuilder query = new StringBuilder(); query.AppendFormat("Update webuser Set password = '******', email = '{1}', favouriteTeam = {2}" + " where username = '******'", encPass, user.email, user.favouriteTeam, username); using (MySqlConnection conn = _context.GetConnection()) { conn.Open(); string q = query.ToString(); MySqlCommand cmd = new MySqlCommand(q, conn); cmd.ExecuteNonQuery(); conn.Close(); user.password = encPass; return(user); } }
/// <summary> /// Inserts new user in database /// </summary> /// <param name="user">new user</param> /// <returns>user</returns> public async Task <User> Add(User user) { _context = new MyFootballContext(); StringBuilder query = new StringBuilder(); string encPass = EncDecService.Encrypt(user.password); query.AppendFormat("insert into webuser (username, password, role, email, favouriteTeam)" + " values ('{0}','{1}','{2}','{3}','{4}')", user.username, encPass, "User", user.email, user.favouriteTeam); using (MySqlConnection conn = _context.GetConnection()) { conn.Open(); string q = query.ToString(); MySqlCommand cmd = new MySqlCommand(q, conn); cmd.ExecuteNonQuery(); user.password = encPass; conn.Close(); } return(user); }