private void btnCreateAccount_Click(object sender, EventArgs e)
{
//Initialise registretion form tp create new account
using (Form_RegisterAccount createAccount = new Form_RegisterAccount())
{
//Show form and check the resul
if (createAccount.ShowDialog() == DialogResult.OK)
{
//Get the created user from the form
user = createAccount.User;
//Show panel to notify the user that an email is sending
panelEmail.Visible = true;
//Check if the multi factor authentication has been selected
if (user.MultiFactorAuthentication)
{
//Create query to take the user's id from the database
string query = "SELECT ID FROM users WHERE email = @email";
//Store returned data from database. Query database. Add parameter email
DataTable dt = db.QueryReader(query, p => { p.Add("email", DbType.String).Value = user.Email; });
//Check if there is any data returned
if (dt.Rows.Count != 0)
{
//Initialise the user's id with the id from database
user.Id = Convert.ToInt32(dt.Rows[0]["ID"].ToString());
}
//Create a random code
uniqueCode = CreateRandomCode(10);
//Create a time to determinate when the code was created
dateTimeCode = DateTime.Now;
//Create a query to insert the code into database
query = "INSERT INTO unique_codes (user_id, code, time) VALUES (@userID, @code, @time)";
//Query the database. add parameters
db.NonQuery(query, p =>
{
p.Add("@userID", DbType.Int32).Value = user.Id;
p.Add("@code", DbType.String).Value = uniqueCode;
p.Add("@time", DbType.DateTime).Value = dateTimeCode;
});
//Send email to the user with the created code
emailServices.SendEmail(encrypt.DecryptData(user.Email), uniqueCode);
//Initialse the multi factor authentication form
using (Form_MultiFactorAuthentication multiFactorAuth = new Form_MultiFactorAuthentication(uniqueCode, dateTimeCode))
{
//Show form and check the result
if (multiFactorAuth.ShowDialog() == DialogResult.OK)
{
//Check if the multi factor authentication has been succesfully created
if (!multiFactorAuth.AuthEnable)
{
//Create query to delete the code form database
query = "DELETE FROM unique_codes WHERE code = @code and user_id = @userID";
//Query database
db.NonQuery(query, p =>
{
p.Add("@code", DbType.String).Value = uniqueCode;
p.Add("@userID", DbType.Int32).Value = user.Id;
});
//Create query to update the user's multi factor authentication
query = "UPDATE users SET two_factor_authentication = false WHERE ID = @userID";
//Query the database
db.NonQuery(query, p => { p.Add("@userID", DbType.Int32).Value = user.Id; });
}
}
}
}
//Hide the information panel
panelEmail.Visible = false;
//Populat the field for login. Decrypt the user's data
txtEmail.Text = encrypt.DecryptData(user.Email);
txtPassword.Text = encrypt.DecryptData(user.Password);
}
}
}
private void btnAuthen_Click(object sender, EventArgs e)
{
//Create database
db = new Database();
//Check button state
if (btnAuthen.Text == "Enable")
{
//Create unique code
string uniqueCode = CreateRandomCode(10);
//Create the time for the code
DateTime datetimeCode = DateTime.Now;
//Create query for database
string query = "INSERT INTO unique_codes (user_id, code, time) VALUES (@userID, @code, @time)";
//Query database and add parameters
db.NonQuery(query, p =>
{
p.Add("@userID", DbType.Int32).Value = user.Id;
p.Add("@code", DbType.String).Value = uniqueCode;
p.Add("@time", DbType.DateTime).Value = datetimeCode;
});
//Create email services
emailServices = new EmailServices();
//Send the unique code to the user's email
emailServices.SendEmail(lblEmail.Text, uniqueCode);
//Show multi factor authentication form
using (Form_MultiFactorAuthentication multiFactorAuthentication = new Form_MultiFactorAuthentication(uniqueCode, datetimeCode, true))
{
//Check for result
if (multiFactorAuthentication.ShowDialog() == DialogResult.OK)
{
//Change controls for multi factor authentication
btnAuthen.Text = "Disable";
lblAuthen.Text = "Enable";
//Check if multi factor authentication has succesfully activated
if (!multiFactorAuthentication.AuthEnable)
{
//Create query to delete the unique code
query = "DELETE FROM unique_codes WHERE code = @code and user_id = @userID";
//Query the daabase
db.NonQuery(query, p =>
{
p.Add("@code", DbType.String).Value = uniqueCode;
p.Add("@userID", DbType.Int32).Value = user.Id;
});
//Create query to update user's multi factor authentication
query = "UPDATE users SET two_factor_authentication = false WHERE ID = @userID";
//Query the database
db.NonQuery(query, p => { p.Add("@userID", DbType.Int32).Value = user.Id; });
}
else
{
//Query database to updated the time of the unique code
query = "UPDATE unique_codes SET time = @time WHERE user_id = @userID ";
//Deduction 10 minutes from the time
datetimeCode = datetimeCode.AddMinutes(-10);
//Query the database and add parameters
db.NonQuery(query, p =>
{
p.Add("@time", DbType.DateTime).Value = datetimeCode;
p.Add("@userID", DbType.Int32).Value = user.Id;
});
//Query database to update the user's multi factor authentication to true
query = "UPDATE users SET two_factor_authentication = true WHERE ID = @userID";
//Query the database
db.NonQuery(query, p => { p.Add("@userID", DbType.Int32).Value = user.Id; });
}
}
}
}
else if (btnAuthen.Text == "Disable") // Displable multi factor authentication if enable
{
//Notify user to make sure that the multi factor authentication should be disable
DialogResult result = MessageBox.Show("Disabling Multifactor Authentication will make your account less secure.\nContinue? ",
"Multi Factor Authentication", MessageBoxButtons.YesNo, MessageBoxIcon.Information);
//Check user's input
if (result == DialogResult.Yes)
{
//Create string to update the multi factor authentication (disable)
string query = "UPDATE users SET two_factor_authentication = false WHERE ID = @userID";
//Query the database. Add parameters
db.NonQuery(query, p => { p.Add("@userID", DbType.Int32).Value = user.Id; });
//Notify user
MessageBox.Show("Multifactor Authentication has been disabled");
btnAuthen.Text = "Enable";
lblAuthen.Text = "Disable";
}
}
}
