Ejemplos de Jitbit.Utils CryptoUtils en C# (CSharp)

Ejemplo n.º 1

Archivo: LoginUtils.cs Proyecto: ChrisDWilfong/TheSportsEngine2017

        public static bool VerifyAutoLogin(string username, string pswHash, string email, string userHash, string sharedSecret, out string result, Func <int> addUserMethod)
        {
            result = "";

            if (LoginUtils.IsBruteForce(System.Web.HttpContext.Current, true))
            {
                return(false);
            }

            if (username == null)             //username not passed - get out
            {
                LoginUtils.LogInvalidLoginAttempt(System.Web.HttpContext.Current, true);
                return(false);
            }

            if (pswHash == null && (email == null || userHash == null))             //pswHash not passwed AND email/userHash not passed - get out
            {
                LoginUtils.LogInvalidLoginAttempt(System.Web.HttpContext.Current, true);
                return(false);
            }

            //logging in an existing user with his password hash
            if (pswHash != null)
            {
                int    userId;
                string password;
                if (UserHelpers.GetUserIdAndPswByUsername(username, Instance.CurrentInstanceID, out userId, out password))
                {
                    if (CryptoUtils.MD5Hash(password).ToLower() == pswHash.ToLower() || password.ToLower() == pswHash.ToLower())
                    {
                        UserHelpers.CurrentUserID = userId;
                        LoginUtils.ResetBruteForceCounter(System.Web.HttpContext.Current, true);
                        LoginUtils.FormsAuthLogin(username, false, System.Web.HttpContext.Current);
                        return(true);
                    }
                    else
                    {
                        result = "Invalid parameters passed. Wait 5 minutes and try again.";
                    }
                }
                else
                {
                    result = "Invalid parameters passed. Wait 5 minutes and try again.";
                }
                LoginUtils.LogInvalidLoginAttempt(System.Web.HttpContext.Current, true);
                return(false);
            }

            //logging in a user (either new or existing) with the app "shared secret"
            if (email != null && userHash != null)
            {
                if (string.IsNullOrEmpty(sharedSecret))
                {
                    result = "No shared key specified.";
                    return(false);
                }
                string computedHash = CryptoUtils.MD5Hash(username + email + sharedSecret);
                if (userHash.ToLower() != computedHash.ToLower())
                {
                    LoginUtils.LogInvalidLoginAttempt(System.Web.HttpContext.Current, true);
                    result = "Invalid parameters passed. Wait 5 minutes and try again.";
                    return(false);
                }

                int userId = UserHelpers.GetUserIDByUsername(username, Instance.CurrentInstanceID);
                if (userId == 0)                 //user not found - lets add him (call delegate)
                {
                    try
                    {
                        userId = addUserMethod();
                    }
                    catch (Exception ex)
                    {
                        result = ex.Message;
                        return(false);
                    }
                }

                UserHelpers.CurrentUserID = userId;
                LoginUtils.ResetBruteForceCounter(System.Web.HttpContext.Current, true);
                LoginUtils.FormsAuthLogin(username, false, System.Web.HttpContext.Current);
                return(true);
            }

            return(false);
        }