How can I check if a user has written his username and password correctly?

Question

I'm using a Linq-to-SQL class called Scans.dbml.

In that class I've dragged a table called Users (username, password, role) onto the graphic area and now I can access User object via a UserRepository class:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;

namespace Scanner.Classes
{
    public class UserRepository
    {
        private ScansDataContext db = new ScansDataContext();

        public User getUser(string username)
        {
            return db.Users.SingleOrDefault(x => x.username == username);
        }

        public bool exists(string username)
        {

        }
    }
}

Now in my Login form, I want to use this Linq-to-SQL goodness to do all the data related activities.

    UserRepository users = new UserRepository();

    private void btnLogin_Click(object sender, EventArgs e)
    {
        loginToSystem();
    }

    private void loginToSystem()
    {
        if (users.getUser(txtUsername.Text))
        {

        }
        //If txtUsername exists && User.password == Salt(txtPassword)
        //then Show.MainForm() with User.accountType in constructor to set permissions.
    }

1. I need help with verifying that a user exists && that that users.password is equal to SALT(txtpassword.text).

Any guidance please?

Answer 1

In general: Hash whatever the user type and compare it to the stored hash.

However, if this is an asp.net project, I'd recommend using the 'SqlMembershipProvider'; it'll likely provide all of the functionality you need and you won't have to re-invent the wheel.