SubSonic: Case sensitive test?

Question

Hey guys!

I'm curious if there's a way to do a case sensitive string comparison in SubSonic? I have the following statement:

return new Select()
               .From<Account>()
               .Where("email").IsEqualTo(email)
               .And("password").IsEqualTo(password)                   
               .ExecuteSingle<Account>();

However, it does not test against case for the password (which is what I need to do). Ideally, the password would be encrypted before storing, so this wouldn't be an issue. But, aside from using straight SQL, is there a way to do a case sensitive comparison (BINARY)?

Answer 1

SubSonic just creates the query - it doesn't handle the actual comparison, your DB does. You can set your DB to be case-sensitive if you want to (it's in the settings of just about every DB provider out there). I would recommend this.

If this isn't an option, then you can pull all records with the supplied email and then run a string comparison in code using String.Equals().

Encrypting isn't a good idea - salt/hash the password to do a one-way thing. If you can pull passwords and decrypt your system isn't secure.

You're still stuck with the same issue though - so set the case stuff in the DB or compare in code.

Answer 2

Not a good way but you can do your authentication on application level. You can get account with email and then compare password on application level. Performance killer but, it will do the trick.