public Account(string userName, string password, string firstname, string lastname)
{
Username = userName;
Firstname = firstname;
Lastname = lastname;
if (!string.IsNullOrWhiteSpace(password))
{
Salt = Salting.RandomString(new Random().Next(10, 25));
}
PasswordHash = Hashing.ComputeSha256Hash(string.Concat(Salt, password));
}
private void BtnCreateUser_OnClick(object sender, RoutedEventArgs e)
{
string connectionString =
@"Data Source=(localdb)\MSSQLLocalDB;Initial Catalog=SqlRUsers;Integrated Security=True;Connect Timeout=30;Encrypt=False;TrustServerCertificate=True;ApplicationIntent=ReadWrite;MultiSubnetFailover=False";
SqlConnection connection = new SqlConnection(connectionString);
Salting salting = new Salting();
var salt = salting.GetSalt();
Hashing hashing = new Hashing();
var hash = hashing.GetHash(salt, txtCreatePassword.Password);
var encryptedConnectionString = Crypting.Encrypt(txtConnectionString.Text);
try
{
if (connection.State == ConnectionState.Closed && txtConfirmPassword.Password.Equals(txtCreatePassword.Password))
{
connection.Open();
}
else
{
MessageBox.Show("Confirm Password does not match Password.");
}
String query =
"INSERT into Users (UserName,ConnectionString, Password, Salt) VALUES (@Username, @ConnectionString, @Password, @Salt)";
SqlCommand sqlCmd = new SqlCommand(query, connection);
sqlCmd.CommandType = CommandType.Text;
sqlCmd.Parameters.AddWithValue("@Username", txtCreateUsername.Text);
sqlCmd.Parameters.AddWithValue("@ConnectionString", encryptedConnectionString);
sqlCmd.Parameters.AddWithValue("@Password", hash);
sqlCmd.Parameters.AddWithValue("@Salt", salt);
if (sqlCmd.ExecuteNonQuery() != 0)
{
LoginScreen login = new LoginScreen();
login.Show();
this.Close();
}
else
{
MessageBox.Show("Failed creating new user!");
}
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
finally
{
connection.Close();
}
}
