public void ChangePassword(IConnectToDB _Connect, Guid?uuid, string password) { _DynamicOutputProcedures DynamicOutput = new _DynamicOutputProcedures(); List <DynamicModels.RootReportFilter> Filters = new List <DynamicModels.RootReportFilter>(); ER_Sec er_sec = new ER_Sec(); add addHelp = new add(); Filters.Add(new DynamicModels.RootReportFilter { FilterName = "IDENTITIES_UUID_", DBType = SqlDbType.UniqueIdentifier, ParamValue = uuid }); DataTable TempDataTable = DynamicOutput.DynoProcSearch(_Connect, "Custom Query", "SP_S_VW__ID_PASSWORD_SEARCH", new DataTableDotNetModelMetaData { columns = "ID_PASSWORD_ID,RENDITION,IDENTITIES_ID", length = -1, order = "1 asc", start = 0, verify = "T" }, Filters); DataColumnCollection _dccColumnID = TempDataTable.Columns; if (_dccColumnID.Contains("ID_PASSWORD_ID") && TempDataTable.Rows.Count > 0) { //Update Password Values.UpdateIDPassword IDPasswordModel = null; string hash = ER_Sec.ComputeHash(password, "SHA512", null); IDPasswordModel = addHelp.UPDATE_ENTRY_Identities_Password(_Connect, new Values.UpdateIDPassword { I_ID_PASSWORD_ID = TempDataTable.Rows[0].Field <long?>("ID_PASSWORD_ID"), I_OBJECT_TYPE = "Password", I_RENDITION = TempDataTable.Rows[0].Field <long?>("RENDITION"), I_PASSWORD = er_sec.EncryptStringToBytes_Aes(hash, er_sec.GetCryptPairforID(_Connect, TempDataTable.Rows[0].Field <long?>("IDENTITIES_ID"), new ER_CRYPT_PAIR())) }); } }
public DataTable GetUser(IConnectToDB _Connect, DataTable _DT, string Username, string SubmittedPassword) { ER_Query er_query = new ER_Query(); IdentityHelper ih = new IdentityHelper(); _DT = new DataTable(); DataTable usernamedt = ih.FindIdentity(_Connect, Username); if (usernamedt.Rows.Count == 1) { foreach (DataRow _DR in usernamedt.Rows) { if (_DR.Field <string>("User_name").ToLower() == Username.ToLower() || _DR.Field <string>("Email").ToLower() == Username.ToLower()) { List <DynamicModels.RootReportFilter> passwordFilters = new List <DynamicModels.RootReportFilter>(); passwordFilters.Add(new DynamicModels.RootReportFilter { FilterName = "IDENTITIES_ID_", ParamValue = _DR.Field <long?>("identities_id") }); DataTable passdt = _DynamicOutputProcedures._DynoProcSearch(_Connect, "Custom Query", "SP_S_" + "VW__ID_PASSWORD" + "_SEARCH", new DataTableDotNetModelMetaData { length = -1, order = "1 asc", start = 0, verify = "T" }, passwordFilters); if (passdt.Rows.Count != 0) { byte[] EncryptedPassword = (byte[])passdt.Rows[0]["Password"]; long? IDENTITIES_ID = (long?)passdt.Rows[0]["IDENTITIES_ID"]; ER_Sec er_sec = new ER_Sec(); string DecryptedPasswordHash = er_sec.DecryptStringFromBytes_Aes(EncryptedPassword, er_sec.GetCryptPairforID(_Connect, IDENTITIES_ID, new ER_CRYPT_PAIR())); if (passdt.Rows.Count != 0 && ER_Sec.VerifyHash(SubmittedPassword, "SHA512", DecryptedPasswordHash)) { _DT = usernamedt; } } else { _DT = usernamedt; } break; } } } return(_DT); }
public void ResetPassword(IConnectToDB _Connect, string VerifyUUID, string password) { ER_Sec er_sec = new ER_Sec(); ER_DML er_dml = new ER_DML(); _DynamicOutputProcedures DynamicOutput = new _DynamicOutputProcedures(); List <DynamicModels.RootReportFilter> verifyIdentityFilters = new List <DynamicModels.RootReportFilter>(); List <DynamicModels.RootReportFilter> idPasswordFilters = new List <DynamicModels.RootReportFilter>(); verifyIdentityFilters.Add(new DynamicModels.RootReportFilter { FilterName = "UUID_", DBType = SqlDbType.VarChar, ParamValue = VerifyUUID }); DataTable verifyIdentityTable = DynamicOutput.DynoProcSearch(_Connect, "Custom Query", "SP_S_VW__VERIFY_SEARCH", new DataTableDotNetModelMetaData { columns = "IDENTITIES_ID", length = -1, order = "1 asc", start = 0, verify = "T" }, verifyIdentityFilters); idPasswordFilters.Add(new DynamicModels.RootReportFilter { FilterName = "Identities_ID_", DBType = SqlDbType.BigInt, ParamValue = verifyIdentityTable.Rows[0].Field <long?>("IDENTITIES_ID") }); DataTable idPasswordTable = DynamicOutput.DynoProcSearch(_Connect, "Custom Query", "SP_S_VW__ID_PASSWORD_SEARCH", new DataTableDotNetModelMetaData { columns = "ID_PASSWORD_ID", length = -1, order = "1 asc", start = 0, verify = "T" }, idPasswordFilters); //Update Password string hash = ER_Sec.ComputeHash(password, "SHA512", null); er_dml.OBJECT_DML(_Connect, "Update", "ID_PASSWORD", "PASSWORD", idPasswordTable.Rows[0].Field <long?>("ID_PASSWORD_ID"), new Object_Value { _File = new File_Object { _FileBytes = er_sec.EncryptStringToBytes_Aes(hash, er_sec.GetCryptPairforID(_Connect, verifyIdentityTable.Rows[0].Field <long?>("IDENTITIES_ID"), new ER_CRYPT_PAIR())) } }); //disable verification VerificationHelper VH = new VerificationHelper(); VH.DisableVerificationsForID(_Connect, verifyIdentityTable.Rows[0].Field <long?>("IDENTITIES_ID"), "ResetPassword"); }
public string VerifyUserByRegCode(IConnectToDB _Connect, string VerifyUUID) { ER_Query er_query = new ER_Query(); ER_Query.Parameter_Run SQlinUserName = new ER_Query.Parameter_Run(); ER_Query.Parameter_Run SQlinPassword = new ER_Query.Parameter_Run(); string DecryptedPassword = ""; SQlinUserName._dbParameters = new List <DBParameters> { new DBParameters { ParamName = "UUID", MSSqlParamDataType = SqlDbType.VarChar, ParamValue = VerifyUUID } }; SQlinUserName.sqlIn = "Select a.* from CSA.IDENTITIES a inner join CSA.VW__VERIFY b on (a.IDENTITIES_ID = b.IDENTITIES_ID and b.UUID = @UUID) where b.UUID = @UUID"; DataTable usernamedt = er_query.RUN_PARAMETER_QUERY(_Connect, SQlinUserName); if (usernamedt.Rows.Count == 1) { foreach (DataRow _DR in usernamedt.Rows) { SQlinPassword._dbParameters = new List <DBParameters> { new DBParameters { ParamName = "IDENTITIES_ID", MSSqlParamDataType = SqlDbType.BigInt, ParamValue = _DR.Field <long?>("identities_id").ToString() } }; SQlinPassword.sqlIn = "Select a.* from CSA.ID_PASSWORD a inner join CSA.ID_PASSWORD b on a.IDENTITIES_ID = b.IDENTITIES_ID and a.RENDITION in (select max(c.RENDITION) from " + "CSA.ID_PASSWORD c where c.Identities_id = b.Identities_ID) where a.identities_id = @IDENTITIES_ID"; DataTable passdt = er_query.RUN_PARAMETER_QUERY(_Connect, SQlinPassword); byte[] EncryptedPassword = (byte[])passdt.Rows[0]["Password"]; long IDENTITIES_ID = (long)passdt.Rows[0]["IDENTITIES_ID"]; ER_Sec er_sec = new ER_Sec(); DecryptedPassword = er_sec.DecryptStringFromBytes_Aes(EncryptedPassword, er_sec.GetCryptPairforID(_Connect, IDENTITIES_ID, new ER_CRYPT_PAIR())); if (passdt.Rows.Count != 0) { //ER_DML er_dml = new ER_DML(); //er_dml.OBJECT_DML(_Connect, "Update", "Identities", "ENABLED", IDENTITIES_ID, new Object_Value { _String = "Y" }); Commented out because this is already being set to yes when the identity is created. add addHelp = new add(); long?IdentitiesId = null; //er_dml.OBJECT_DML(_Connect, "Update", "Identities", "ACTIVE", IDENTITIES_ID, new Object_Value { _String = "Y" }); //er_dml.OBJECT_DML(_Connect, "Update", "Identities", "VERIFIED", IDENTITIES_ID, new Object_Value { _String = "Y" }); Values.UpdateIdentity IdentitiesModel = null; IdentitiesModel = addHelp.UPDATE_ENTRY_Identities(_Connect, new Values.UpdateIdentity { I_IDENTITIES_ID = _DR.Field <long?>("IDENTITIES_ID"), I_OBJECT_TYPE = _DR.Field <string>("OBJECT_TYPE"), I_USER_NAME = _DR.Field <string>("USER_NAME"), I_EDIPI = _DR.Field <string>("EDIPI"), I_EMAIL = _DR.Field <string>("EMAIL"), I_ACTIVE = "Y", I_VERIFIED = "Y", }); IdentitiesId = IdentitiesModel.O_IDENTITIES_ID; VerificationHelper VH = new VerificationHelper(); VH.MarkVerificationsForID(_Connect, IDENTITIES_ID, "CreateUser"); VH.DisableVerificationsForID(_Connect, IDENTITIES_ID, "CreateUser"); } break; } } return(DecryptedPassword); }
public DataTable GetPendingUser(IConnectToDB _Connect, DataTable _DT, string Username, string SubmittedPassword, string VerifyUUID) { ER_Query er_query = new ER_Query(); ER_Query.Parameter_Run SQlinUserName = new ER_Query.Parameter_Run(); ER_Query.Parameter_Run SQlinPassword = new ER_Query.Parameter_Run(); SQlinUserName._dbParameters = new List <DBParameters> { new DBParameters { ParamName = "UUID", MSSqlParamDataType = SqlDbType.VarChar, ParamValue = VerifyUUID }, new DBParameters { ParamName = "USER_NAME", MSSqlParamDataType = SqlDbType.VarChar, ParamValue = Username.ToLower() }, }; SQlinUserName.sqlIn = "Select a.* from CSA.IDENTITIES a inner join CSA.VW__VERIFY b on (a.IDENTITIES_ID = b.IDENTITIES_ID and b.UUID = @UUID) where LOWER(a.User_name) = @USER_NAME or LOWER(a.Email) = @USER_NAME"; DataTable usernamedt = er_query.RUN_PARAMETER_QUERY(_Connect, SQlinUserName); if (usernamedt.Rows.Count == 1) { foreach (DataRow _DR in usernamedt.Rows) { if (_DR.Field <string>("User_name").ToLower() == Username.ToLower() || _DR.Field <string>("Email").ToLower() == Username.ToLower()) { SQlinPassword._dbParameters = new List <DBParameters> { new DBParameters { ParamName = "IDENTITIES_ID", MSSqlParamDataType = SqlDbType.BigInt, ParamValue = _DR.Field <long?>("identities_id") } }; SQlinPassword.sqlIn = "Select a.* from CSA.ID_PASSWORD a inner join CSA.ID_PASSWORD b on a.IDENTITIES_ID = b.IDENTITIES_ID and a.RENDITION in (select max(c.RENDITION) from CSA.ID_PASSWORD c where c.Identities_id = b.Identities_ID) where a.identities_id = @IDENTITIES_ID"; DataTable passdt = er_query.RUN_PARAMETER_QUERY(_Connect, SQlinPassword); byte[] EncryptedPassword = (byte[])passdt.Rows[0]["Password"]; long? IDENTITIES_ID = (long?)passdt.Rows[0]["IDENTITIES_ID"]; ER_Sec er_sec = new ER_Sec(); string DecryptedPasswordHash = er_sec.DecryptStringFromBytes_Aes(EncryptedPassword, er_sec.GetCryptPairforID(_Connect, IDENTITIES_ID, new ER_CRYPT_PAIR())); if (passdt.Rows.Count != 0 && ER_Sec.VerifyHash(SubmittedPassword, "SHA512", DecryptedPasswordHash) ) { _DT = usernamedt; ER_DML er_dml = new ER_DML(); //er_dml.OBJECT_DML(_Connect, "Update", "Identities", "ENABLED", IDENTITIES_ID, new Object_Value { _String = "Y" }); Commented out because this is already being set to yes when the identity is created. er_dml.OBJECT_DML(_Connect, "Update", "Identities", "ACTIVE", IDENTITIES_ID, new Object_Value { _String = "Y" }); er_dml.OBJECT_DML(_Connect, "Update", "Identities", "VERIFIED", IDENTITIES_ID, new Object_Value { _String = "Y" }); VerificationHelper VH = new VerificationHelper(); VH.DisableVerificationsForID(_Connect, IDENTITIES_ID, "CreateUser"); } break; } } } return(_DT); }