public void SwitchToken(uint tokenid, bool enabled)
{
SqlHelper sql = new SqlHelper();
SqlDataReader r = sql.GetReaderBySQL("if exists (select Id from UserMetaData join Users on UserMetaData.ClientId = Users.id where Users.Name != '" + HttpContext.Current.User.Identity.Name +
"' and TokenId = " + tokenid + ") RAISERROR ('Чужой токен',16,1) else "
+ "update UserMetaData set TokenActive = '" + enabled + "' where TokenId = " + tokenid);
r.Read();
}
public void RegisterToken(uint tokenid, string repairKey, string publicKey)
{
// позволяем привязку только новых или своих токенов
SqlHelper sql = new SqlHelper();
SqlDataReader r = sql.GetReaderBySQL("declare @ClientId int select @ClientId = id from Users where Name = '" + HttpContext.Current.User.Identity.Name + "' " +
"if not exists (select Id from UserMetaData where TokenId = " + tokenid + " and ClientId != @ClientId)" +
" begin delete from UserMetaData where TokenId = " + tokenid + " insert into UserMetaData (ClientId,TokenId,PublicKey,RepairKey,TokenActive) values " +
" (@ClientId," + tokenid + ",'" + publicKey + "','" + repairKey + "',1) select 1 end else RAISERROR ('Чужой токен',16,1)");
r.Read();
}
public void UnregisterToken(uint tokenid)
{
// позволяем отвязку только своих токенов
SqlHelper sql = new SqlHelper();
SqlDataReader r = sql.GetReaderBySQL("declare @ClientId int select @ClientId = id from Users where Name = '" + HttpContext.Current.User.Identity.Name + "' " +
"if not exists (select Id from UserMetaData where TokenId = " + tokenid + " and ClientId != @ClientId)" +
" begin delete from UserMetaData where TokenId = " + tokenid + " select 1 end else RAISERROR ('Чужой токен',16,1)");
r.Read();
}
public bool UserCanBeAuthenticated(uint tokenid)
{
SqlHelper sql = new SqlHelper();
SqlDataReader r = sql.GetReaderBySQL("select a.id,TokenId from Users a join UserMetaData b on a.id = b.ClientId where TokenId =" + tokenid + " and TokenActive = 1");
bool b = false;
if (r.Read())
{
b = !r.IsDBNull(0) && !r.IsDBNull(1);
}
return b;
}
public bool IsTokenSwitchedOn(uint tokenid)
{
SqlHelper sql = new SqlHelper();
SqlDataReader r = sql.GetReaderBySQL("select TokenActive from UserMetaData where TokenId = " + tokenid + "");
bool b = false;
while (r.Read())
{
b = !r.IsDBNull(0) && r.GetBoolean(0);
}
return b;
}
public bool IsTokenRegistered(uint tokenid)
{
SqlHelper sql = new SqlHelper();
SqlDataReader r = sql.GetReaderBySQL("select PublicKey,RepairKey from UserMetaData where TokenId = " + tokenid);
bool b = false;
if (r.Read())
{
b = !r.IsDBNull(0) && !r.IsDBNull(1);
}
return b;
}
protected void Register(object sender, EventArgs e)
{
SqlHelper sql = new SqlHelper();
SqlDataReader rCheck = sql.GetReaderBySQL("select Name from Users where Name ='" + login.Text + "'");
if (rCheck.HasRows)
{
lblResult.Text = "Пользователь с логином " + login.Text + " уже зарегистрирован.";
}
else
{
sql = new SqlHelper();
SqlDataReader rInsert =
sql.GetReaderBySQL("insert into Users(Name,Password) values ('" + login.Text + "','" + password.Text +
"')");
lblResult.Text = "Вы можете войти с указанными логином и паролем и привязать токен в личном кабинете.";
}
sql.CloseConnection();
}
public string GetPublicKey(uint nTokenID)
{
SqlHelper sql = new SqlHelper();
SqlDataReader r = sql.GetReaderBySQL("select PublicKey from UserMetaData where TokenId =" + nTokenID);
string key = string.Empty;
while (r.Read())
{
key = r.GetString(0);
}
return key;
}
public List<uint> GetUserTokens(string login)
{
var tokens = new List<uint>();
SqlHelper sql = new SqlHelper();
SqlDataReader r = sql.GetReaderBySQL("select TokenId from UserMetaData a join Users b on a.ClientId = b.id where Name = '" + login + "'");
while (r.Read())
{
tokens.Add(Convert.ToUInt32(r.GetValue(0)));
}
return tokens;
}
public bool SetUserAuthenticated(uint tokenid, string strSignature, string strSource)
{
SqlHelper sql = new SqlHelper();
SqlDataReader r = sql.GetReaderBySQL("select Name from UserMetaData a join Users b on a.ClientId = b.id where TokenId = " + tokenid);
string login = string.Empty;
while (r.Read())
{
login = r.GetString(0);
}
FormsAuthentication.SetAuthCookie(login, false);
return true;
}
public string GetRepairKey(string login)
{
SqlHelper sql = new SqlHelper();
SqlDataReader r = sql.GetReaderBySQL("select RepairKey from UserMetaData a join Users b on a.ClientId = b.id where Name = '" + login + "'");
string key = string.Empty;
while (r.Read())
{
key = r.GetString(0);
}
return key;
}
private bool Authenticate(string userName, string password)
{
SqlHelper sql = new SqlHelper();
SqlDataReader r = sql.GetReaderBySQL("select Name from Users where Name='"+ userName +"' and Password='******' ");
return r.HasRows;
}
