public string ModifyPassword(string userName, string secretQuestion, string secretAnswer, string newPassword)
{
using (var client = new HttpClient())
{
var searchedUser = getUserByUsername(userName);
if (searchedUser.GetType().ToString() == "System.String")
{
return(searchedUser);
}
client.BaseAddress = new Uri("http://localhost:51209/api/Users");
var hash256 = SHA256.Create();
var hashedBytes = hash256.ComputeHash(Encoding.Default.GetBytes(newPassword));
newPassword = Encoding.Default.GetString(hashedBytes);
hashedBytes = hash256.ComputeHash(Encoding.Default.GetBytes(secretAnswer));
secretAnswer = Encoding.Default.GetString(hashedBytes);
hashedBytes = hash256.ComputeHash(Encoding.Default.GetBytes(secretQuestion));
secretQuestion = Encoding.Default.GetString(hashedBytes);
var cipher = new CesarCipherAlgorithm();
cipher.DictionaryAsembler("mriojeda");
var actualQuestion = cipher.DecipherCesar(searchedUser.Question, "mriojeda");
var actualAnswer = cipher.DecipherCesar(searchedUser.Answer, "mriojeda");
if (actualQuestion != secretQuestion || actualAnswer != secretAnswer)
{
return("Tu pregunta y o respuesta no son válidas >:(");
}
newPassword = cipher.CipherCesar(newPassword, "mriojeda");
var updatedUser = new UserNode()
{
Username = searchedUser.Username, Password = newPassword, Question = searchedUser.Question, Answer = searchedUser.Answer, PrivateKey = searchedUser.PrivateKey
};
var putTask = client.PutAsJsonAsync("Users/" + userName, updatedUser);
putTask.Wait();
var result = putTask.Result;
if (result.IsSuccessStatusCode)
{
return("200. Contraseña actualizada :D");
}
else
{
if ((int)result.StatusCode >= 400 && (int)result.StatusCode < 500)
{
return(result.StatusCode.ToString() + ". Revise los datos ingresados D:");
}
else
{
return(result.StatusCode.ToString() + ". Contacte a un desarrollador del sistema D:");
}
}
}
}
public string Validate(string userName, string password)
{
var searchedUser = getUserByUsername(userName);
if (searchedUser.GetType().ToString() == "System.String")
{
return(searchedUser);
}
var hash256 = SHA256.Create();
var hashedBytes = hash256.ComputeHash(Encoding.Default.GetBytes(password));
password = Encoding.Default.GetString(hashedBytes);
var cipher = new CesarCipherAlgorithm();
cipher.DictionaryAsembler("mriojeda");
if (cipher.DecipherCesar(searchedUser.Password, "mriojeda") != password)
{
return("Tu contraseña es incorrecta :(");
}
else
{
var sessionCreator = new Autentication();
var jwt = sessionCreator.GenerateJWT(userName);
HttpCookie objCookie = new HttpCookie("auth");
objCookie["jwt"] = jwt.Result; //valida la vigencia de la sesión
objCookie["username"] = userName; //adquiero datos
objCookie["pk"] = searchedUser.PrivateKey.ToString();
HttpContext.Current.Response.Cookies.Add(objCookie);
return("200");
}
}
public string DeleteMyAccount(string userName, string password)
{
var searchedUser = getUserByUsername(userName);
if (searchedUser.GetType().ToString() == "System.String")
{
return(searchedUser);
}
var hash256 = SHA256.Create();
var hashedBytes = hash256.ComputeHash(Encoding.Default.GetBytes(password));
password = Encoding.Default.GetString(hashedBytes);
var cipher = new CesarCipherAlgorithm();
cipher.DictionaryAsembler("mriojeda");
if (cipher.DecipherCesar(searchedUser.Password, "mriojeda") != password)
{
return("Tu contraseña es incorrecta :(");
}
else
{
using (var client = new HttpClient())
{
client.BaseAddress = new Uri("http://localhost:51209/api/Users");
var responseTask = client.DeleteAsync("Users/" + userName);
responseTask.Wait();
var result = responseTask.Result;
if (result.IsSuccessStatusCode)
{
return("Usuario eliminado correctamente");
}
else
{
return(result.StatusCode.ToString() + ". Contacte a un desarrollador del sistema D:");
}
}
}
}