Beispiel #1
0
        //Register
        public static Boolean Register(AccountViewModel_Registration view, string ConnectionString, SecurityLogic security)
        {
            try
            {
                DataAccess dataAccess = new DataAccess(ConnectionString, "spAccounts_Registration");
                dataAccess.SetParamater_Input("@Username", view.username, SqlDbType.VarChar, 100);
                dataAccess.SetParamater_Input("@Email", view.email, SqlDbType.VarChar, 100);
                dataAccess.SetParamater_Input("@FirstName", view.firstname, SqlDbType.VarChar, 100);
                dataAccess.SetParamater_Input("@LastName", view.lastname, SqlDbType.VarChar, 100);
                dataAccess.SetParamater_Input("@Hash", security.GenerateSaltedHash(view.password, Encoding.ASCII.GetBytes(view.salt)), SqlDbType.VarChar, 100);
                dataAccess.SetParamater_Input("@Salt", view.salt, SqlDbType.VarChar, 100);
                dataAccess.SetParamater_Output("@AccountID", SqlDbType.Int);
                dataAccess.SetParamater_Output("@EmailVerificationToken", SqlDbType.VarChar, 100);
                dataAccess.SetParamater_Output("@EmailVerificationKey", SqlDbType.VarChar, 100);
                dataAccess.ExecuteNonQuery();

                view.AccountID = (int?)(dataAccess.GetParamater("@AccountID"));
                view.EmailVerificationToken = (string)(dataAccess.GetParamater("@EmailVerificationToken"));
                view.EmailVerificationKey   = (string)(dataAccess.GetParamater("@EmailVerificationKey"));
                return(true);
            }
            catch (Exception ex)
            {
                view.Errors.Add(ex.Message);
                return(false);
            }
        }
Beispiel #2
0
 public static Boolean UpdatePassword(AccountViewModel_UpdatePassword view, string ConnectionString, SecurityLogic security)
 {
     try
     {
         DataAccess dataAccess = new DataAccess(ConnectionString, "spAccounts_UpdatePassword");
         dataAccess.SetParamater_Input("@AccountID", view.AccountID, SqlDbType.Int);
         dataAccess.SetParamater_Input("@CurPassword", security.GenerateSaltedHash(view.curpassword, Encoding.ASCII.GetBytes(view.cursalt)), SqlDbType.VarChar, 100);
         dataAccess.SetParamater_Input("@NewPassword", security.GenerateSaltedHash(view.newpassword, Encoding.ASCII.GetBytes(view.newsalt)), SqlDbType.VarChar, 100);
         dataAccess.SetParamater_Input("@NewSalt", view.newsalt, SqlDbType.VarChar, 100);
         dataAccess.ExecuteNonQuery();
         return(true);
     }
     catch (Exception ex)
     {
         view.Errors.Add(ex.Message);
         return(false);
     }
 }
Beispiel #3
0
        public static Boolean ResetPassword(AccountViewModel_ResetPassword resetPasswordView, AccountViewModel_VerifyPasswordResetToken verifyTokenView, string ConnectionString, SecurityLogic security)
        {
            try
            {
                DataAccess dataAccess = new DataAccess(ConnectionString, "spAccounts_ResetPassword");
                dataAccess.SetParamater_Input("@TokenID", verifyTokenView.TokenID, SqlDbType.VarChar, 100);
                dataAccess.SetParamater_Input("@TokenKey", security.GenerateSaltedHash(verifyTokenView.TokenKey, Encoding.ASCII.GetBytes(verifyTokenView.TokenSalt)), SqlDbType.VarChar, 100);
                dataAccess.SetParamater_Input("@Password", security.GenerateSaltedHash(resetPasswordView.password, Encoding.ASCII.GetBytes(resetPasswordView.passwordSalt)), SqlDbType.VarChar, 100);
                dataAccess.SetParamater_Input("@Salt", resetPasswordView.passwordSalt, SqlDbType.VarChar, 100);
                dataAccess.SetParamater_Output("@outAccountID", SqlDbType.Int);
                dataAccess.ExecuteNonQuery();

                resetPasswordView.AccountID = (int?)(dataAccess.GetParamater("@outAccountID"));
                return(true);
            }
            catch (Exception ex)
            {
                resetPasswordView.Errors.Add(ex.Message);
                return(false);
            }
        }
Beispiel #4
0
        //Login
        public static Boolean Login(AccountViewModel_Login view, AccountViewModel AccountView, string ConnectionString, SecurityLogic security)
        {
            if (!GetSalt(view, ConnectionString))
            {
                AccountView.Errors.Add(view.Errors.First());
                return(false);
            }
            else
            {
                if (view.salt != null)
                {
                    try
                    {
                        DataAccess dataAccess = new DataAccess(ConnectionString, "spAccounts_Login");


                        dataAccess.SetParamater_Input("@LoginID", view.Login, SqlDbType.VarChar, 100);
                        dataAccess.SetParamater_Input("@Hash", security.GenerateSaltedHash(view.password, Encoding.ASCII.GetBytes(view.salt)), SqlDbType.VarChar, 100);

                        dataAccess.SetParamater_Output("@outAccountID", SqlDbType.Int);
                        dataAccess.SetParamater_Output("@outUsername", SqlDbType.VarChar, 100);
                        dataAccess.SetParamater_Output("@outEmail", SqlDbType.VarChar, 100);
                        dataAccess.SetParamater_Output("@outFirstName", SqlDbType.VarChar, 100);
                        dataAccess.SetParamater_Output("@outLastName", SqlDbType.VarChar, 100);
                        dataAccess.SetParamater_Output("@outCretedOn", SqlDbType.DateTime);
                        dataAccess.SetParamater_Output("@outLastEditedOn", SqlDbType.DateTime);

                        dataAccess.ExecuteNonQuery();

                        AccountView.AccountID    = (int?)(dataAccess.GetParamater("@outAccountID"));
                        AccountView.username     = (string)(dataAccess.GetParamater("@outUsername"));
                        AccountView.email        = (string)(dataAccess.GetParamater("@outEmail"));
                        AccountView.firstname    = (string)(dataAccess.GetParamater("@outFirstName"));
                        AccountView.lastname     = (string)(dataAccess.GetParamater("@outLastName"));
                        AccountView.CreatedOn    = (DateTime?)(dataAccess.GetParamater("@outCretedOn"));
                        AccountView.LastEditedOn = (DateTime?)(dataAccess.GetParamater("@outLastEditedOn"));

                        return(true);
                    }
                    catch (Exception ex)
                    {
                        AccountView.Errors.Add(ex.Message);
                        return(false);
                    }
                }
                else
                {
                    AccountView.Errors.Add(view.Errors.First());
                    return(false);
                }
            }
        }
Beispiel #5
0
        //Reset Password
        public static Boolean GeneratePasswordResetToken(AccountViewModel_GeneratePasswordResetToken view, string ConnectionString, SecurityLogic security)
        {
            try
            {
                DataAccess dataAccess = new DataAccess(ConnectionString, "spAccounts_GeneratePasswordResetToken");
                dataAccess.SetParamater_Input("@LoginID", view.LoginID, SqlDbType.VarChar, 100);
                dataAccess.SetParamater_Input("@Key", security.GenerateSaltedHash(view.key, Encoding.ASCII.GetBytes(view.salt)), SqlDbType.VarChar, 100);
                dataAccess.SetParamater_Input("@Salt", view.salt, SqlDbType.VarChar, 100);
                dataAccess.SetParamater_Output("@outAccountID", SqlDbType.Int);
                dataAccess.SetParamater_Output("@outEmail", SqlDbType.VarChar, 100);
                dataAccess.SetParamater_Output("@outGUID", SqlDbType.VarChar, 100);
                dataAccess.ExecuteNonQuery();

                view.AccountID = (int?)(dataAccess.GetParamater("@outAccountID"));
                view.Email     = (string)(dataAccess.GetParamater("@outEmail"));
                view.GUID      = (string)(dataAccess.GetParamater("@outGUID"));
                return(true);
            }
            catch (Exception ex)
            {
                view.Errors.Add(ex.Message);
                return(false);
            }
        }