private void loginClick(object sender, RoutedEventArgs e)
{
var connect = System.Configuration.ConfigurationManager.ConnectionStrings["conn"].ConnectionString;
// String connString = DbConnection.Connect();
using (var conn = new NpgsqlConnection(connect))
{
try
{
conn.Open();
Trace.WriteLine("conn opened!");
using (var cmd = new NpgsqlCommand("SELECT password FROM register WHERE name='" + Username + "';", conn))
using (var reader = cmd.ExecuteReader())
if (reader.HasRows)
{
while (reader.Read())
{
String password = reader.GetString(0);
// String encryptedPassword = Encrypt.Encryptdata(password);
// String decryptedPassword = Decrypt.Decryptdata(password);
// Trace.WriteLine(decryptedPassword);
String usertypedPassword = PasswordAuth.EncryptString(loginPasswordbox.Password.ToString());
Trace.WriteLine(usertypedPassword);
{
if (password == usertypedPassword)
{
MessageBox.Show("Login success!");
Register rg = new Register(usernamesmall);
rg.Show();
this.Close();
}
else
{
MessageBox.Show("password is wrong!!!!", "error");
Register rg = new Register(usernamesmall);
rg.Show();
this.Close();
}
}
}
}
else
{
MessageBox.Show("User is not registered!");
Register rg = new Register(usernamesmall);
rg.Show();
this.Close();
}
conn.Close();
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
}
}
public ActionResult GenerateKey()
{
Answer output;
try
{
var idParameters = (Identity)(new XmlSerializer(typeof(Identity))).Deserialize(Request.InputStream);
if (idParameters.UserId == null && idParameters.UserLogin == null)
{
output = new Answer(new Error("User missing"));
Response.StatusCode = 400; // Bad Request
}
else if (idParameters.Password == null)
{
output = new Answer(new Error("Password missing"));
Response.StatusCode = 400; // Bad Request
}
else if (idParameters.ApplicationName == null)
{
output = new Answer(new Error("ApplicationName missing"));
Response.StatusCode = 400; // Bad Request
}
else
{
var userId = idParameters.UserId ?? Storage.User.GetId(idParameters.UserLogin);
// We catch the real password to verify if both are the same
var hashedPassword = Storage.User.GetPassword(userId);
var otherHash = PasswordAuth.HashPassword(idParameters.Password);
// If both passwords are the same, we can generate the key
if (hashedPassword.SequenceEqual(otherHash))
{
var key = Storage.User.GenerateApiKey(userId, idParameters.ApplicationName);
// We set a cookie but we also return the key in the response body
Response.SetCookie(new HttpCookie("key=" + key));
output = new Answer(new NewObject(key));
}
else
{
output = new Answer(new Error("Authentication failed"));
}
}
}
catch (UserNotFound)
{
output = new Answer(new Error("Authentication failed")); // Not a 404 error then
}
catch (Exception exception)
{
output = new Answer(HandleError(exception));
}
return(Serialize(output));
}
private void submitBtn(object sender, RoutedEventArgs e)
{
String password = passwordBox.Password.ToString();
String cpassword = cpasswordBox.Password.ToString();
Trace.WriteLine(cpasswordBox.Password.ToString());
var connect = System.Configuration.ConfigurationManager.ConnectionStrings["conn"].ConnectionString;
using (var conn = new NpgsqlConnection(connect))
{
try
{
conn.Open();
//Trace.WriteLine("connection opened!!");
using (var cmd = new NpgsqlCommand("SELECT * FROM register WHERE name='" + Username + "';", conn))
using (var reader = cmd.ExecuteReader())
if (reader.HasRows)
{
while (reader.Read())
{
Guid id = reader.GetGuid(0);
String name = reader.GetString(1);
{
if (Username == name)
{
Trace.WriteLine("user already present!!");
var result = MessageBox.Show("User already exists try logging in.", "Info", MessageBoxButton.OK);
if (result == MessageBoxResult.OK)
{
Register register = new Register(usernamesmall);
register.Show();
this.Close();
// login.Show();
}
}
else
{
Personaldetails pd = new Personaldetails(usernamesmall);
pd.Show();
this.Close();
}
}
}
}
else
{
reader.Close();
if (password != cpassword)
{
//submitButton.Visibility = Visibility.Visible;
notMatching1.Content = "passwords did not match";
}
else
{
// String encryptedPassword = Encrypt.Encryptdata(password);
//Trace.WriteLine(encryptedPassword);
String encryptedPassword = PasswordAuth.EncryptString(password);
Trace.WriteLine(encryptedPassword);
var cmdInsert = new NpgsqlCommand("INSERT INTO register (name,password) VALUES ('" + Username + "','" + encryptedPassword + "');", conn);
cmdInsert.ExecuteNonQuery();
// Trace.WriteLine("inserted!");
//MessageBox.Show("registered!!");
var result = MessageBox.Show("Registered", "Info", MessageBoxButton.OK);
if (result == MessageBoxResult.OK)
{
Personaldetails pd = new Personaldetails(usernamesmall);
pd.Show();
this.Close();
}
}
}
// Trace.WriteLine("........");
conn.Close();
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
}
}
