private void CreateUser(string name, string password)
{
var cs = ConfigurationManager.AppSettings["UDB"];
using (var UDB = new UserDataContext(cs))
using (var PDB = new PasswordDataContext(cs))
using (var UserRolesDB = new UserRolesDataContext(cs))
using (var RolesDB = new RolesDataContext(cs))
{
var users = UDB.UserInfos.ToList();
var passwords = PDB.Passwords.ToList();
int?newID;
if (users.Any())
{
var UserWithTheSameName = (from u in users
where u.Username == name
select u);
if (UserWithTheSameName.Any())
{
Response.Write("User with this username already exists!</br>");
return;
}
var lastRecord = (from u in users
orderby u.ID descending
select u).First();
newID = lastRecord.ID + 1;
UDB.ExecuteCommand("INSERT INTO UserCatalog.dbo.UserInfo (ID, Username)" +
"VALUES ({0}, {1})", newID, name);
}
else // If there are no users, new ID must be equal to 1
{
newID = 1;
UDB.ExecuteCommand("INSERT INTO UserCatalog.dbo.UserInfo (ID, Username)" +
"VALUES ({0}, {1})", newID, name);
}
int Iterations = 10;
RIPEMD160 ripemd160 = RIPEMD160.Create();
string Salt = RandomString(15);
byte[] PasswordBytes = System.Text.Encoding.ASCII.GetBytes(password + Salt);
byte[] EncryptedBites = ripemd160.ComputeHash(PasswordBytes);
string EncryptedPassword = System.Text.Encoding.ASCII.GetString(EncryptedBites);
for (int i = 2; i <= Iterations; i++)
{
EncryptedBites = ripemd160.ComputeHash(System.Text.Encoding.ASCII.GetBytes(EncryptedPassword));
EncryptedPassword = System.Text.Encoding.ASCII.GetString(EncryptedBites);
}
PDB.ExecuteCommand("INSERT INTO UserCatalog.dbo.Password (ID, Salt, Value, Iterations, Date)" +
"VALUES ({0}, {1}, {2}, {3}, {4})", newID, Salt, EncryptedPassword, Iterations,
DateTime.Now);
Roles.AddUserToRole(name, "User");
}
}
private void Check(string name, string password)
{
var cs = ConfigurationManager.AppSettings["UDB"];
using (var UDB = new UserDataContext(cs))
using (var PDB = new PasswordDataContext(cs))
{
var users = UDB.UserInfos.ToList();
var passwords = PDB.Passwords.ToList();
var id = (from u in users
where u.Username == name
select u.ID);
if (id.Any())
{
RIPEMD160 ripemd160 = RIPEMD160.Create();
var salt = (from p in passwords
where p.ID == id.First()
select p.Salt);
var iterations = (from p in passwords
where p.ID == id.First()
select p.Iterations);
var userPassword = (from p in passwords
where p.ID == id.First()
select p.Value);
byte[] PasswordBytes = System.Text.Encoding.ASCII.GetBytes(password + salt.First());
byte[] EncryptedBites = ripemd160.ComputeHash(PasswordBytes);
string EncryptedPassword = System.Text.Encoding.ASCII.GetString(EncryptedBites);
for (int i = 2; i <= iterations.First(); i++)
{
EncryptedBites = ripemd160.ComputeHash(System.Text.Encoding.ASCII.GetBytes(EncryptedPassword));
EncryptedPassword = System.Text.Encoding.ASCII.GetString(EncryptedBites);
}
Response.Write(EncryptedPassword);
Response.Write("<br/>");
Response.Write(userPassword.First());
Response.Write("<br/>");
if (EncryptedPassword == userPassword.First())
{
Response.Write("TRUE");
}
}
Response.Write("FALSE");
}
}
