private void createAccountButton_Click(object sender, RoutedEventArgs e)
{
string userHonorific = getHonorific();
if (userHonorific.Equals("null"))
{
MessageBox.Show("Title is a required field. Please select a Title", "Error! Account could not be created.");
return;
}
int?userGender = getGender();
if (userGender == -1)
{
MessageBox.Show("Gender is a required field. Please select a Gender", "Error! Account could not be created.");
return;
}
int?userAccountType = getAccountType();
if (userAccountType == -1)
{
MessageBox.Show("Account Type is a required field. Please select an Account Type", "Error! Account could not be created.");
return;
}
string firstname = getFirstname();
if (string.IsNullOrEmpty(firstname))
{
MessageBox.Show("First name is a required field. Please enter your first name", "Error! Account could not be created.");
return;
}
string middlename = getMiddlename();
string lastname = getLastname();
if (string.IsNullOrEmpty(lastname))
{
MessageBox.Show("Last name is a required field. Please enter your last name", "Error! Account could not be created.");
return;
}
string password = getPassword();
if (password.Equals("nomatch"))
{
MessageBox.Show("Passwords do not match.", "Error! Account could not be created.");
passwordBox.Clear(); passwordBox2.Clear();
return;
}
if (password.Equals("weak"))
{
MessageBox.Show("Cannot accept weak Password. Try using numbers and symbols to add complexity.", "Error! Account could not be created.");
passwordBox.Clear(); passwordBox2.Clear();
return;
}
if (string.IsNullOrEmpty(password))
{
MessageBox.Show("Password is a required field. Please enter a strong password", "Error! Account could not be created.");
passwordBox2.Clear();
return;
}
// will not exit function until unique username confirmed.
string username = createUsername(firstname, middlename, lastname);
MessageBox.Show("Account Username: "******"Account Successfully Created!", MessageBoxButton.OK, MessageBoxImage.Information);
string hashedPassword = BCrypt.Net.BCrypt.HashPassword(password);
//FORMAT FOR QRCODE
//Add video for how to add 2otp to personal device.
// COMPANY:USERNAME?SECRETKEY&issuer=COMPANY
//otpauth://totp/Meme:arlidio?secret=2FO4X6236KEHZKN4XGVIOH2MCCBDGLZF&issuer=Meme
var otpKey = KeyGeneration.GenerateRandomKey(20);
var otpKeyString = Base32Encoding.ToString(otpKey);
var otpKeyBytes = Base32Encoding.ToBytes(otpKeyString);
int accountType = Convert.ToInt32(userAccountType);
string gender = userGender == 0 ? "Female" : "Male";
addRecordToDB(username, hashedPassword, otpKeyString, gender, userHonorific,
firstname, middlename, lastname, accountType);
//Probably need another window to create and show the QR code & the video with instructions on how to
//add TOTP to app. ----- add past this point
ShowQRWindow ShowQRWindow = new ShowQRWindow(otpKeyString, username);
this.Hide();
this.Close();
ShowQRWindow.ShowDialog();
}
private void getTOTP(string fullname)
{
SQLiteConnection connection = OpenConnection();
string cmdString = ""; string middlename = ""; string lastname = "";
fullname = fullname.Remove(0, fullname.IndexOf(" ") + 1);
var names = fullname.Split(' ');
string firstname = names[0];
if (names.Length == 2)
{
lastname = names[1];
cmdString = @"SELECT COUNT(*) FROM Accounts WHERE Firstname = @fname AND Lastname = @lname";
}
else
{
middlename = names[1];
lastname = names[2];
cmdString = @"SELECT COUNT(*) FROM Accounts WHERE Firstname = @fname AND Middlename = @mname AND Lastname = @lname";
}
SQLiteCommand cmd = new SQLiteCommand(cmdString, connection);
cmd.Prepare();
cmd.Parameters.Add("@fname", DbType.String).Value = firstname;
if (names.Length == 3)
{
cmd.Parameters.Add("@mname", DbType.String).Value = middlename;
}
cmd.Parameters.Add("@lname", DbType.String).Value = lastname;
int userRecords = Convert.ToInt32(cmd.ExecuteScalar());
if (userRecords > 1)
{
string username = "";
MessageBox.Show("More than 1 Account was found with these credentials. Please type in the username of the account to confirm.", "Caution! Attention Required!");
bool foundAccount = false;
while (!foundAccount)
{
InputDialogBox inputDialog = new InputDialogBox("Enter The Account Username:"******"SELECT COUNT(*) FROM Accounts WHERE Username = @user AND Firstname = @fname" +
((!string.IsNullOrEmpty(middlename) ? " AND Middlename = @mname" : "")) + " AND Lastname = @lname", connection);
cmd.Prepare();
cmd.Parameters.Add("@user", DbType.String).Value = username;
cmd.Parameters.Add("@fname", DbType.String).Value = firstname;
if (!string.IsNullOrEmpty(middlename))
{
cmd.Parameters.Add("@mname", DbType.String).Value = middlename;
}
cmd.Parameters.Add("@lname", DbType.String).Value = lastname;
int userExists = Convert.ToInt32(cmd.ExecuteScalar());
if (userExists == 1)
{
foundAccount = true;
}
else
{
MessageBox.Show("User not found. Confirm username of the account and try again later.", "Error!");
return;
}
}
cmd = new SQLiteCommand(@"SELECT OTP_Token FROM Accounts WHERE Username = @Username", connection);
cmd.Prepare();
cmd.Parameters.Add("@Username", DbType.String).Value = username;
string totpToken = cmd.ExecuteScalar().ToString();
ShowQRWindow showQR = new ShowQRWindow(totpToken, username);
showQR.Show();
this.Close();
}
else
{
cmdString = cmdString.Replace("COUNT(*)", "OTP_Token, Username");
cmd = new SQLiteCommand(cmdString, connection);
cmd.Prepare();
cmd.Parameters.Add("@fname", DbType.String).Value = firstname;
if (names.Length == 3)
{
cmd.Parameters.Add("@mname", DbType.String).Value = middlename;
}
cmd.Parameters.Add("@lname", DbType.String).Value = lastname;
SQLiteDataReader reader = cmd.ExecuteReader();
string totpToken = ""; string username = "";
while (reader.Read())
{
totpToken = reader[0].ToString();
username = reader[1].ToString();
}
ShowQRWindow showQR = new ShowQRWindow(totpToken, username);
showQR.Show();
this.Close();
}
connection.Close();
}
