public Boolean CredentialNew(AuthBE authBE)
{
con.ConnectionString = conection.GetCon();
cmd.Connection = con;
cmd.CommandType = CommandType.StoredProcedure;
cmd.CommandText = "PERSONA.CredentialNew";
//string HashedPasswordString = Encoding.UTF8.GetString(authBE.HashedPassword);
string HashedPasswordString = Convert.ToBase64String(authBE.HashedPassword);
try {
cmd.Parameters.Clear();
cmd.Parameters.AddWithValue("@usuario", authBE.Usuario);
cmd.Parameters.AddWithValue("@password", HashedPasswordString);
cmd.Parameters.AddWithValue("@salt", authBE.Salt);
cmd.Parameters.AddWithValue("@active", authBE.Active);
cmd.Parameters.AddWithValue("@empleado", authBE.Empleado);
con.Open();
cmd.ExecuteNonQuery();
success = true;
} catch (SqlException x) {
success = false;
throw new Exception(x.Message);
} finally {
if (con.State == ConnectionState.Open)
{
con.Close();
}
cmd.Parameters.Clear();
}
return(success);
}
public Boolean CredentialActivate(AuthBE authBE)
{
con.ConnectionString = conection.GetCon();
cmd.Connection = con;
cmd.CommandType = CommandType.StoredProcedure;
cmd.CommandText = "PERSONA.crud_CREDENTIALActivate";
try {
cmd.Parameters.Clear();
cmd.Parameters.AddWithValue("@id_usuario", authBE.Id_usuario);
con.Open();
cmd.ExecuteNonQuery();
success = true;
} catch (SqlException x) {
success = false;
throw new Exception(x.Message);
} finally {
if (con.State == ConnectionState.Open)
{
con.Close();
}
cmd.Parameters.Clear();
}
return(success);
}
private void btnIngresar_Click(object sender, EventArgs e)
{
AuthBL authBL = new AuthBL();
AuthBE authBE = new AuthBE(txtUser.Text.Trim(), txtPassword.Text.Trim());
tries += 1;
try {
if (authBL.Authenticate(authBE) == true)
{
frmMain frmmain = new frmMain();
frmLogin frmlogin = new frmLogin();
frmmain.Show();
this.Hide();
//frmlogin.Close();
}
else
{
MessageBox.Show(this, "Error de autenticación ", "Atención", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
} catch (Exception ex) {
if (tries == 3)
{
MessageBox.Show(this, "Ya no tiene mas intentos", "Atención", MessageBoxButtons.OK, MessageBoxIcon.Error);
Application.Exit();
}
MessageBox.Show(this, "Error de autenticación: " + ex.Message, "Atención", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
private void btnGuardar_Click(object sender, EventArgs e)
{
AuthBE authBE = new AuthBE(txtUsuario.Text.Trim(), txtPwd.Text.Trim(), int.Parse(cboEmpleado.SelectedValue.ToString()), chkActivo.Checked);
AuthBL authBL = new AuthBL();
if (authBL.CredentialNew(authBE) == true)
{
MessageBox.Show(this, "Se agrego el usuario correctamente", "Alerta", MessageBoxButtons.OK, MessageBoxIcon.Information);
}
else
{
MessageBox.Show(this, "Ocurrió un error al agregar el usuario ", "Alerta", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
public Boolean CredentialNew(AuthBE authBE)
{
AuthBE EnteredAuthBE = new AuthBE(authBE.Usuario, authBE.Password, authBE.Empleado, authBE.Active);
AuthBE GeneratedAuthBE = new AuthBE();
GeneratedAuthBE.Active = EnteredAuthBE.Active;
GeneratedAuthBE.Empleado = EnteredAuthBE.Empleado;
GeneratedAuthBE.Usuario = EnteredAuthBE.Usuario;
GeneratedAuthBE.Password = EnteredAuthBE.Password;
GeneratedAuthBE.Salt = CreateSalt(32);
GeneratedAuthBE.HashedPassword = GenerateSaltedHash(Encoding.UTF32.GetBytes(GeneratedAuthBE.Password), Convert.FromBase64String(GeneratedAuthBE.Salt));
return(authado.CredentialNew(GeneratedAuthBE));
}
public AuthBE CredentialSelect(string username)
{
AuthBE authBE = new AuthBE();
try {
con.ConnectionString = conection.GetCon();
cmd.Connection = con;
cmd.CommandType = CommandType.StoredProcedure;
cmd.CommandText = "PERSONA.CredentialSelect";
cmd.Parameters.Clear();
cmd.Parameters.AddWithValue("@usuario", username);
con.Open();
SqlDataReader dtr = cmd.ExecuteReader();
if (dtr.HasRows == true)
{
dtr.Read();
authBE.Id_usuario = int.Parse(dtr["id_usuario"].ToString());
authBE.Empleado = int.Parse(dtr["empleado"].ToString());
authBE.Password = dtr["password"].ToString();
authBE.Usuario = dtr["usuario"].ToString();
authBE.Salt = dtr["salt"].ToString();
authBE.Active = bool.Parse(dtr["active"].ToString());
}
else
{
throw new Exception("El usuario no Existe");
}
dtr.Close();
} catch (Exception ex) {
throw new Exception("El usuario no existe: " + ex.Message);
} finally {
if (con.State == ConnectionState.Open)
{
con.Close();
}
cmd.Parameters.Clear();
}
return(authBE);
}
public bool Authenticate(AuthBE authBE)
{
string EnteredPwd = authBE.Password;
string EnteredUsr = authBE.Usuario;
AuthBE SelectedCredentials = new AuthBE();
SelectedCredentials = authado.CredentialSelect(EnteredUsr);
if (SelectedCredentials.Usuario.Length == 0)
{
return(false);
}
if (SelectedCredentials.Active == false)
{
return(false);
}
AuthBE GeneratedAuthBE = new AuthBE();
GeneratedAuthBE.Salt = SelectedCredentials.Salt;
GeneratedAuthBE.Password = EnteredPwd;
GeneratedAuthBE.HashedPassword = GenerateSaltedHash(Encoding.UTF32.GetBytes(GeneratedAuthBE.Password), Convert.FromBase64String(SelectedCredentials.Salt));
string HashedPasswordString = Convert.ToBase64String(GeneratedAuthBE.HashedPassword);
bool comparison = string.Equals(HashedPasswordString, SelectedCredentials.Password.Trim());
if (comparison == true)
{
return(true);
}
else
{
return(false);
}
}
protected void btnIngresar_Click(object sender, EventArgs e)
{
AuthBL authBL = new AuthBL();
AuthBE authBE = new AuthBE(txtUsuario.Text.Trim(), txtPassword.Text.Trim());
tries += 1;
try {
if (authBL.Authenticate(authBE) == true)
{
Response.Redirect("Overview.aspx");
}
else
{
lblMensaje.Text = "Credenciales incorrectas, intente nuevamente.";
}
} catch (Exception ex) {
if (tries == 3)
{
Response.Redirect("Error.aspx");
}
lblMensaje.Text = ex.Message;
}
}
public Boolean CredentialActivate(AuthBE authBE)
{
return(authado.CredentialActivate(authBE));
}
