private void loginClick(object sender, RoutedEventArgs e)
        {
            var connect = System.Configuration.ConfigurationManager.ConnectionStrings["conn"].ConnectionString;

            // String connString = DbConnection.Connect();
            using (var conn = new NpgsqlConnection(connect))
            {
                try
                {
                    conn.Open();
                    Trace.WriteLine("conn opened!");
                    using (var cmd = new NpgsqlCommand("SELECT password FROM register WHERE name='" + Username + "';", conn))
                        using (var reader = cmd.ExecuteReader())

                            if (reader.HasRows)
                            {
                                while (reader.Read())
                                {
                                    String password = reader.GetString(0);
                                    // String encryptedPassword = Encrypt.Encryptdata(password);
                                    //   String decryptedPassword = Decrypt.Decryptdata(password);
                                    // Trace.WriteLine(decryptedPassword);
                                    String usertypedPassword = PasswordAuth.EncryptString(loginPasswordbox.Password.ToString());
                                    Trace.WriteLine(usertypedPassword);
                                    {
                                        if (password == usertypedPassword)
                                        {
                                            MessageBox.Show("Login success!");
                                            Register rg = new Register(usernamesmall);
                                            rg.Show();
                                            this.Close();
                                        }
                                        else
                                        {
                                            MessageBox.Show("password is wrong!!!!", "error");
                                            Register rg = new Register(usernamesmall);
                                            rg.Show();
                                            this.Close();
                                        }
                                    }
                                }
                            }
                            else
                            {
                                MessageBox.Show("User is not registered!");
                                Register rg = new Register(usernamesmall);
                                rg.Show();
                                this.Close();
                            }
                    conn.Close();
                }
                catch (Exception ex)
                {
                    MessageBox.Show(ex.Message);
                }
            }
        }
Exemple #2
0
        public ActionResult GenerateKey()
        {
            Answer output;

            try
            {
                var idParameters = (Identity)(new XmlSerializer(typeof(Identity))).Deserialize(Request.InputStream);

                if (idParameters.UserId == null && idParameters.UserLogin == null)
                {
                    output = new Answer(new Error("User missing"));
                    Response.StatusCode = 400; // Bad Request
                }
                else if (idParameters.Password == null)
                {
                    output = new Answer(new Error("Password missing"));
                    Response.StatusCode = 400; // Bad Request
                }
                else if (idParameters.ApplicationName == null)
                {
                    output = new Answer(new Error("ApplicationName missing"));
                    Response.StatusCode = 400; // Bad Request
                }
                else
                {
                    var userId = idParameters.UserId ?? Storage.User.GetId(idParameters.UserLogin);

                    // We catch the real password to verify if both are the same
                    var hashedPassword = Storage.User.GetPassword(userId);
                    var otherHash      = PasswordAuth.HashPassword(idParameters.Password);

                    // If both passwords are the same, we can generate the key
                    if (hashedPassword.SequenceEqual(otherHash))
                    {
                        var key = Storage.User.GenerateApiKey(userId, idParameters.ApplicationName);
                        // We set a cookie but we also return the key in the response body
                        Response.SetCookie(new HttpCookie("key=" + key));
                        output = new Answer(new NewObject(key));
                    }
                    else
                    {
                        output = new Answer(new Error("Authentication failed"));
                    }
                }
            }
            catch (UserNotFound)
            {
                output = new Answer(new Error("Authentication failed")); // Not a 404 error then
            }
            catch (Exception exception)
            {
                output = new Answer(HandleError(exception));
            }

            return(Serialize(output));
        }
        private void submitBtn(object sender, RoutedEventArgs e)
        {
            String password  = passwordBox.Password.ToString();
            String cpassword = cpasswordBox.Password.ToString();

            Trace.WriteLine(cpasswordBox.Password.ToString());

            var connect = System.Configuration.ConfigurationManager.ConnectionStrings["conn"].ConnectionString;

            using (var conn = new NpgsqlConnection(connect))
            {
                try
                {
                    conn.Open();
                    //Trace.WriteLine("connection opened!!");

                    using (var cmd = new NpgsqlCommand("SELECT * FROM register WHERE name='" + Username + "';", conn))
                        using (var reader = cmd.ExecuteReader())
                            if (reader.HasRows)
                            {
                                while (reader.Read())
                                {
                                    Guid   id   = reader.GetGuid(0);
                                    String name = reader.GetString(1);
                                    {
                                        if (Username == name)
                                        {
                                            Trace.WriteLine("user already present!!");
                                            var result = MessageBox.Show("User already exists try logging in.", "Info", MessageBoxButton.OK);
                                            if (result == MessageBoxResult.OK)
                                            {
                                                Register register = new Register(usernamesmall);
                                                register.Show();
                                                this.Close();
                                                // login.Show();
                                            }
                                        }
                                        else
                                        {
                                            Personaldetails pd = new Personaldetails(usernamesmall);
                                            pd.Show();
                                            this.Close();
                                        }
                                    }
                                }
                            }
                            else
                            {
                                reader.Close();

                                if (password != cpassword)
                                {
                                    //submitButton.Visibility = Visibility.Visible;
                                    notMatching1.Content = "passwords did not match";
                                }
                                else
                                {
                                    // String encryptedPassword = Encrypt.Encryptdata(password);
                                    //Trace.WriteLine(encryptedPassword);
                                    String encryptedPassword = PasswordAuth.EncryptString(password);
                                    Trace.WriteLine(encryptedPassword);

                                    var cmdInsert = new NpgsqlCommand("INSERT INTO register (name,password) VALUES ('" + Username + "','" + encryptedPassword + "');", conn);


                                    cmdInsert.ExecuteNonQuery();
                                    //  Trace.WriteLine("inserted!");
                                    //MessageBox.Show("registered!!");
                                    var result = MessageBox.Show("Registered", "Info", MessageBoxButton.OK);
                                    if (result == MessageBoxResult.OK)
                                    {
                                        Personaldetails pd = new Personaldetails(usernamesmall);
                                        pd.Show();
                                        this.Close();
                                    }
                                }
                            }

                    //  Trace.WriteLine("........");

                    conn.Close();
                }
                catch (Exception ex)
                {
                    MessageBox.Show(ex.Message);
                }
            }
        }