public Account(string userName, string password, string firstname, string lastname) { Username = userName; Firstname = firstname; Lastname = lastname; if (!string.IsNullOrWhiteSpace(password)) { Salt = Salting.RandomString(new Random().Next(10, 25)); } PasswordHash = Hashing.ComputeSha256Hash(string.Concat(Salt, password)); }
private void BtnCreateUser_OnClick(object sender, RoutedEventArgs e) { string connectionString = @"Data Source=(localdb)\MSSQLLocalDB;Initial Catalog=SqlRUsers;Integrated Security=True;Connect Timeout=30;Encrypt=False;TrustServerCertificate=True;ApplicationIntent=ReadWrite;MultiSubnetFailover=False"; SqlConnection connection = new SqlConnection(connectionString); Salting salting = new Salting(); var salt = salting.GetSalt(); Hashing hashing = new Hashing(); var hash = hashing.GetHash(salt, txtCreatePassword.Password); var encryptedConnectionString = Crypting.Encrypt(txtConnectionString.Text); try { if (connection.State == ConnectionState.Closed && txtConfirmPassword.Password.Equals(txtCreatePassword.Password)) { connection.Open(); } else { MessageBox.Show("Confirm Password does not match Password."); } String query = "INSERT into Users (UserName,ConnectionString, Password, Salt) VALUES (@Username, @ConnectionString, @Password, @Salt)"; SqlCommand sqlCmd = new SqlCommand(query, connection); sqlCmd.CommandType = CommandType.Text; sqlCmd.Parameters.AddWithValue("@Username", txtCreateUsername.Text); sqlCmd.Parameters.AddWithValue("@ConnectionString", encryptedConnectionString); sqlCmd.Parameters.AddWithValue("@Password", hash); sqlCmd.Parameters.AddWithValue("@Salt", salt); if (sqlCmd.ExecuteNonQuery() != 0) { LoginScreen login = new LoginScreen(); login.Show(); this.Close(); } else { MessageBox.Show("Failed creating new user!"); } } catch (Exception ex) { MessageBox.Show(ex.Message); } finally { connection.Close(); } }