Beispiel #1
0
        public static string messageToOutterWorld     = ""; //#delete me
        public static bool LogIn(UserDataFetcher UDF, string username, string password)
        {
            string salt;

            if (!InputValidator.ValidatePassword(password))
            {
                return(error.SetErrorAndReturnFalse(ErrorCode.WRONG_PASSWORD | InputValidator.error.no));
            }
            //is it username?
            if (InputValidator.ValidateUsername(username))
            {
                //-yes. get salt
                salt = UDF.GetSalt(username);
            }
            //was it too short?
            else if (InputValidator.error.no != ErrorCode.TOO_SHORT)
            {
                //-yes. is it email?
                System.Net.Mail.MailAddress email;
                string Email = username;
                if (InputValidator.ValidateEmail(Email, out email))
                {
                    //--yes. get salt
                    salt = UDF.GetSalt(email);
                }
                //--no. return false but before set error
                else
                {
                    return(error.SetErrorAndReturnFalse(ErrorCode.INVALID_EMAIL | ErrorCode.INVALID_USERNAME));
                }
            }
            //it was not username nor email. Let the input validator say what was the problem
            else
            {
                return(error.SetErrorAndReturnFalse(InputValidator.error.no | ErrorCode.INVALID_USERNAME));
            }

            //we have a salt
            //or maybe we should have it

            if (salt == null)
            {
                return(error.SetErrorAndReturnFalse(ErrorCode.UNKNOWN));
            }

            if (salt.Length < 1)
            {
                return(error.SetErrorAndReturnFalse(ErrorCode.USER_NOT_FOUND));
            }

            //let us hash password

            password = hasher.Hash(password, salt);

            //and finally check it

            if (InputValidator.CheckPasswordMatch(UDF, password))
            {
                error.no = ErrorCode.OK;
                //set log in timestamp
                UserDataPusher.PushSessionFileUser(username);
                if (SetSession(UDF))
                {
                    Auth.SetCurrentUser(username, UDF);
                    SetIsLoggedIn(UDF);
                    return(true);
                }
                return(false);
            }

            error.no = ErrorCode.WRONG_PASSWORD;
            return(false);
        }//logIn