I am having troubles authenticating users against an sql server database.
I have a table with UserID, Username (email address), Password (hashed) and a GUID field.
I have the following code which authenticates a user. This used to work before I hashed the passwords.
Login button code:
My problem is that it always comes back Login failed!
I have a table with UserID, Username (email address), Password (hashed) and a GUID field.
I have the following code which authenticates a user. This used to work before I hashed the passwords.
Code:
Function DBAuthenticate(ByVal strUsername As String, ByVal strPassword As String) As Integer
Dim conUsers As SqlConnection
Dim strConnection As String
Dim cmdSelect As SqlCommand
Dim parmReturnValue As SqlParameter
Dim intResult As Integer
strConnection = ConfigurationManager.ConnectionStrings("HostLinkConnectionString").ConnectionString
conUsers = New SqlConnection(strConnection)
cmdSelect = New SqlCommand("AuthenticateUser", conUsers)
cmdSelect.CommandType = CommandType.StoredProcedure
parmReturnValue = cmdSelect.Parameters.Add("RETURN_VALUE", SqlDbType.Int)
parmReturnValue.Direction = ParameterDirection.ReturnValue
cmdSelect.Parameters.AddWithValue("@Username", strUsername)
cmdSelect.Parameters.AddWithValue("@Password", strPassword)
conUsers.Open()
cmdSelect.ExecuteNonQuery()
intResult = cmdSelect.Parameters("RETURN_VALUE").Value
conUsers.Close()
If intResult < 0 Then
If intResult = -1 Then
lblMessage.Text = "Login failed"
Else
lblMessage.Text = "Login failed"
End If
End If
Return intResult
End FunctionLogin button code:
Code:
Protected Sub btnLogin_Click(sender As Object, e As System.EventArgs) Handles btnLogin.Click
If IsValid Then
If DBAuthenticate(txtUsername.Text, txtPassword.Text) > 0 Then
FormsAuthentication.RedirectFromLoginPage(txtUsername.Text, False)
Session("Username") = txtUsername.Text
Response.Redirect("dashboard.aspx")
End If
End If
End SubMy problem is that it always comes back Login failed!