/// <summary> /// Ensure the user has the adminstrator role /// </summary> /// <param name="encrypeduser"></param> /// <param name="encryptedpassword"></param> /// <returns>True if user has admin role</returns> public bool AuthenticateAdminRole(string encrypteduser, string encryptedpassword) { UserDB db = new UserDB(); //the encrypted role of the user == the encryption of "administrator" using the decryption of the stored encrypted key as the passphrase. return db.getRole(encrypteduser, encryptedpassword) == cryptographer.EncryptString("administrator", cryptographer.DecryptString(key.EncryptedKey(), sharedPrivateKey)); }
/// <summary> /// Get the role of the user from the db /// </summary> /// <param name="encrypteduser"></param> /// <param name="encryptedpassword"></param> /// <returns></returns> public string getRole(string encrypteduser, string encryptedpassword) { UserDB db = new UserDB(); if (db.userExists(encrypteduser, encryptedpassword)) return db.getRole(encrypteduser, encryptedpassword); return null; }