public RegisterUserCode HashClearTextPassword(string UserName)
{
BorrowerDAL dal = new BorrowerDAL(_connection);
Borrower b = dal.BorrowerFindByName(UserName);
if (b == null)
{
return(RegisterUserCode.UserNameNotFound);
}
BorrowerSecuredDAL sdal = new BorrowerSecuredDAL(_connection);
BorrowerSecured sb = sdal.BorrowerSecuredFindByID(b.BorrowerID);
if (sb == null)
{
return(RegisterUserCode.SecuredDataNotFound);
}
// when using cleartext the SALT Field contains "ClearText" instead of salt
// the cleartext password in in HASH
if (sb.Salt == "ClearText")
{
string salt = System.Web.Helpers.Crypto.GenerateSalt(20);
// when using cleartext, the HASH field contains the cleartext password
string pw = sb.Hash + salt;
string hash = System.Web.Helpers.Crypto.HashPassword(pw);
sdal.BorrowerSecuredUpdateJust(b.BorrowerID, hash, salt);
}
else
{
return(RegisterUserCode.SecuredAlready);
}
return(RegisterUserCode.Success);
}
public RegisterUserCode RegisterUser(string UserName, string EMail,
DateTime DOB, string Password)
{
BorrowerDAL dal = new BorrowerDAL(_connection);
Borrower theBorrower = dal.BorrowerFindByName(UserName);
if (theBorrower != null)
{
return(RegisterUserCode.UserNameExists);
}
theBorrower = dal.BorrowerFindByEmail(EMail);
if (theBorrower != null)
{
return(RegisterUserCode.EMailExists);
}
int BorrowerID = dal.BorrowerCreate(UserName, EMail, DOB, MagicConstants.DefaultRole);
BorrowerSecuredDAL securedDal = new BorrowerSecuredDAL(_connection);
string salt = System.Web.Helpers.Crypto.GenerateSalt(20);
string hashed = System.Web.Helpers.Crypto.HashPassword(Password + salt);
securedDal.BorrowerSecuredUpdateJust(BorrowerID, hashed, salt);
return(RegisterUserCode.Success);
}
public Borrower ValidateUserClearText(string UserName, string Password)
{
BorrowerSecured rv = null;
BorrowerSecuredDAL dal = new BorrowerSecuredDAL(_connection);
{
rv = dal.BorrowerSecuredFindByName(UserName);
if (rv == null)
{
return(null);
}
if (Password == rv.Hash)
{
return(rv);
}
}
return(null);
}
public Borrower ValidateUserHashed(string UserName, string Password)
{
BorrowerSecured rv = null;
BorrowerSecuredDAL dal = new BorrowerSecuredDAL(_connection);
{
rv = dal.BorrowerSecuredFindByName(UserName);
if (rv == null)
{
return(null);
}
string pw = Password + rv.Salt;
bool verified =
System.Web.Helpers.Crypto.VerifyHashedPassword(rv.Hash, pw);
if (verified)
{
return(rv);
}
}
return(null);
}
public int BorrowereSecuredUpdateJust(int BorrowerID, string Hash, string Salt)
{
BorrowerSecuredDAL dal = new BorrowerSecuredDAL(_connection);
return(dal.BorrowerSecuredUpdateJust(BorrowerID, Hash, Salt));
}
public BorrowerSecured BorrowerSecuredFindByEMail(string EMail)
{
BorrowerSecuredDAL dal = new BorrowerSecuredDAL(_connection);
return(dal.BorrowerSecuredFindByEMail(EMail));
}
public BorrowerSecured BorrowerSecuredFindByName(string Name)
{
BorrowerSecuredDAL dal = new BorrowerSecuredDAL(_connection);
return(dal.BorrowerSecuredFindByName(Name));
}
public BorrowerSecured BorrowerSecuredFindByID(int BorrowerID)
{
BorrowerSecuredDAL dal = new BorrowerSecuredDAL(_connection);
return(dal.BorrowerSecuredFindByID(BorrowerID));
}
