public void testIncorrectPassword()
// incorrect password in checkUserID should return -2
{
signupForm testSignup = new signupForm();
testSignup.username = "******";
testSignup.password = "******";
testSignup.email = "*****@*****.**";
testSignup.phone = "123456789";
testSignup.name = "Test User";
userModel testModel = new userModel();
testModel.username = "******";
testModel.password = "******"; // wrong password
if (_ConnectionDB.checkIfUserExists("testuser") != -1)
{
_ConnectionDB.removeUser((_ConnectionDB.checkIfUserExists("testuser")));
}
int tempID = _ConnectionDB.createUser(testSignup);
var result = _ConnectionDB.checkUserID(testModel);
_ConnectionDB.removeUser(tempID);
Assert.True(result == -2, "Incorrect password should return -2");
}
public void testLogin()
// test login functionality
// after providing correct username and password, correct ID should be returned
{
signupForm testSignup = new signupForm();
testSignup.username = "******";
testSignup.password = "******";
testSignup.email = "*****@*****.**";
testSignup.phone = "123456789";
testSignup.name = "Test User";
userModel testModel = new userModel();
testModel.username = "******";
testModel.password = "******";
if (_ConnectionDB.checkIfUserExists("testuser") != -1)
{
_ConnectionDB.removeUser((_ConnectionDB.checkIfUserExists("testuser")));
}
int tempID = _ConnectionDB.createUser(testSignup);
var result = _ConnectionDB.checkUserID(testModel);
_ConnectionDB.removeUser(tempID);
Assert.True(result == tempID, "There should be a test user in database!");
}
public void testSignupUsernameConflict()
// Attempt to create user with username that already exists should return -1
{
signupForm testSignup = new signupForm();
testSignup.username = "******";
testSignup.password = "******";
testSignup.email = "*****@*****.**";
testSignup.phone = "123456789";
testSignup.name = "Test User";
int ID = _ConnectionDB.createUser(testSignup);
var result = _ConnectionDB.createUser(testSignup);
_ConnectionDB.removeUser(ID);
Assert.True(result == -1, "Username conflict should return -1");
}
public ActionResult SignUpAction(signupForm model)
{
//Debug.Write("Check1");
if (ModelState.IsValid)
{
ConnectionDB conn = HttpContext.RequestServices.GetService(typeof(WebApplication3.Baza.ConnectionDB)) as ConnectionDB;
int result = conn.createUser(model);
Console.WriteLine(result);
if (result > 0)
{
_logger.LogInformation("User {User} succesfully signed up at {Time}", model.username, DateTime.Now);
return(View("SignUpAction"));
}
else
{
_logger.LogError("Error while signing up.");
return(View("SignUpError"));
}
}
return(View());
}
public int createUser(signupForm form)
{
// TODO:
// → Repeat password field and check if they are the same
// → Captcha?? (api)
// → Catch MySQL exceptions (ex. empty field)
// → What about admins?? createAdmin()...
// → Redirect user somewhere based on success/error while creating account
int rowsCountReader = 0, rowsCountHash = 0, newUserID = 0;
string name = form.name;
string email = form.email;
string phone = form.phone;
string username = form.username;
string password = form.password;
using (MySqlConnection conn = GetConnection())
{
conn.Open();
String checkUsername = "******" + "\"" + username + "\"";
MySqlCommand checkUsernameCommand = new MySqlCommand(checkUsername, conn);
using (var reader1 = checkUsernameCommand.ExecuteReader())
{
while (reader1.Read())
{
newUserID = Convert.ToInt32(reader1["LoginID"]);
}
}
if (newUserID != 0)
{
// Error - user with this name already exist
return(-1);
}
String cmd1 = "SELECT COUNT(*) FROM reader";
String cmd2 = "SELECT COUNT(*) FROM hashlogininfo";
MySqlCommand cmd1check = new MySqlCommand(cmd1, conn);
using (var reader1 = cmd1check.ExecuteReader())
{
while (reader1.Read())
{
rowsCountReader = Convert.ToInt32(reader1["COUNT(*)"]);
}
}
MySqlCommand cmd2check = new MySqlCommand(cmd2, conn);
using (var reader2 = cmd2check.ExecuteReader())
{
while (reader2.Read())
{
rowsCountHash = Convert.ToInt32(reader2["COUNT(*)"]);
}
}
if (rowsCountHash != rowsCountReader)
{
// Database User ID conflict between Readers and hashLogin
return(-2);
}
else
{
newUserID = rowsCountReader + 1;
}
// construct mysql commands
String cmd3str = "INSERT INTO `new_schema`.`reader` (`ReaderID`, `Name`, `Email`, `PhoneNum`) VALUES (";
cmd3str += "\"" + newUserID.ToString() + "\",\"" + name + "\",\"" + email + "\",\"" + phone + "\")";
String cmd4str = "INSERT INTO `new_schema`.`hashlogininfo` (`LoginID`, `password`, `login`) VALUES (";
cmd4str += "\"" + newUserID.ToString() + "\",\"" + calculateMD5sum(password) + "\",\"" + username + "\")";
MySqlCommand cmd3 = new MySqlCommand(cmd3str, conn);
MySqlCommand cmd4 = new MySqlCommand(cmd4str, conn);
cmd3.ExecuteNonQuery();
cmd4.ExecuteNonQuery();
}
return(newUserID); // id of newly created user
}
