in CustomSecuritySample/AuthenticationUtilities.cs [74:109]
internal static void StoreAccountDetails(string userName,
string passwordHash,
string salt)
{
// See "How To Use DPAPI (Machine Store) from ASP.NET" for
// information about securely storing connection strings.
using (SqlConnection conn= new SqlConnection(Properties.Settings.Default.Database_ConnectionString))
{
SqlCommand cmd = new SqlCommand("RegisterUser", conn);
cmd.CommandType = CommandType.StoredProcedure;
SqlParameter sqlParam = null;
sqlParam = cmd.Parameters.Add("@userName", SqlDbType.VarChar, 40);
sqlParam.Value = userName;
sqlParam = cmd.Parameters.Add(
"@passwordHash", SqlDbType.VarChar, 50);
sqlParam.Value = passwordHash;
sqlParam = cmd.Parameters.Add("@salt", SqlDbType.VarChar, 10);
sqlParam.Value = salt;
try
{
conn.Open();
cmd.ExecuteNonQuery();
}
catch (Exception ex)
{
// Code to check for primary key violation (duplicate account
// name) or other database errors omitted for clarity
throw new Exception(string.Format(CultureInfo.InvariantCulture,
CustomSecurity.AddAccountError + ex.Message));
}
}
}