public static bool IsValidPassword(User user, SecureString entry)
{
Censorship security = new Censorship();
Password encryptedEntry = security.Sha256Encrypt(entry, user.Password.Salt);
return user.Password.Hash.SequenceEqual(encryptedEntry.Hash);
}
//---------2---------3---------4---------5---------6---------7---------8---------9
private void LoginButton_Click(object sender, RoutedEventArgs e)
{
if ((string)LoginButton.Content == "Login")
{
User user;
bool userExists = Source.TryGetUser(UsernameInput.Text, out user);
bool? isValidPassword = null;
if (userExists)
{
using (SecureString entry = PasswordInput.SecurePassword)
{
isValidPassword = Censorship.IsValidPassword(user, entry);
}
}
if (userExists & isValidPassword ?? false)
{
Home window = new Home(user);
window.Show();
}
else
{
MessageBox.Show("FAILED");
}
}
else // Create
{
Guid salt = Guid.NewGuid();
Password firstEntry;
Password secondEntry;
using (SecureString password = PasswordInput.SecurePassword)
{
Censorship security = new Censorship();
firstEntry = security.Sha256Encrypt(password, salt);
}
using (SecureString password = ReEnterPasswordInput.SecurePassword)
{
Censorship security = new Censorship();
secondEntry = security.Sha256Encrypt(password, salt);
}
bool passwordsMatch = firstEntry.Hash.SequenceEqual(secondEntry.Hash);
bool usernameExists = Source.UsernameExists(UsernameInput.Text);
if (passwordsMatch && !usernameExists)
{
User user = new User();
user.Username = UsernameInput.Text;
user.Password = firstEntry;
Source.AddUser(user);
Home window = new Home(user);
window.Show();
}
else
{
MessageBox.Show("Passwords do not match or user already exists.");
}
}
}