protected void SetSecurityFile(string password)
{
var crypto = new SimpleCrypto.PBKDF2();
string salt = crypto.GenerateSalt();
string hash = crypto.Compute(password, salt);
string path = Server.MapPath("~/App_Data/Security.txt");
File.WriteAllLines(path, new[] { salt, hash });
}
private void registerButton_Click(object sender, EventArgs e)
{
Controller.Controller con = new Controller.Controller();
string checkPnr = pnrTextBox.Text.Trim();
string forename = forenameTextBox.Text;
string surname = surnameTextBox.Text;
string mUsername = usernameTextBox.Text;
string password = passwordTextBox.Text;
string mRole = roleTextBox.Text;
string email = emailTextBox.Text;
string phoneNr = phoneNrTextBox.Text;
double num;
bool isPhoneNum = double.TryParse(phoneNr, out num);
bool isNum = double.TryParse(checkPnr, out num);
if (isNum && !forename.Equals("") && !surname.Equals("") && !mUsername.Equals("") && !password.Equals("") && !mRole.Equals("") && isPhoneNum && !email.Equals("") && !phoneNr.Equals(""))
{
int phoneNumber = Convert.ToInt32(phoneNr);
int pnr = Convert.ToInt32(pnrTextBox.Text);
var crypto = new SimpleCrypto.PBKDF2();
string passwordSalt = crypto.GenerateSalt();
string hashedPassword = crypto.Compute(password, passwordSalt);
Console.WriteLine(passwordSalt);
con.createUser(pnr, forename, surname, mUsername, hashedPassword, mRole, passwordSalt, "standard");
con.createEmailAndPhoneListForUser(pnr, email, phoneNumber);
this.Close();
}
else
{
MessageBox.Show("Pnr was in the wrong format, must be Numbers from 0 - 9");
}
}
public ActionResult Register(User user)
{
if (ModelState.IsValid)
{
var cryptoService = new SimpleCrypto.PBKDF2();
var userToSave = new User();
userToSave.Login = user.Login;
userToSave.PasswordSalt = cryptoService.GenerateSalt();
userToSave.Password = cryptoService.Compute(user.Password, userToSave.PasswordSalt);
userToSave.FirstName = user.FirstName;
userToSave.LastName = user.LastName;
userToSave.UniversityGroup = user.UniversityGroup;
userToSave.Role = RoleHelper.UserRole;
userRepository.Create(userToSave);
return(RedirectToAction("Index", "Search"));
}
else
{
ModelState.AddModelError("", "Registration data are incorrect.");
}
return(View(user));
}
public async Task Process()
{
try
{
Stream = _client.GetStream();
User user = null;
// Авторизація клієнта (поки не авторизується, далі не пустить, тому й в циклі
while (user == null && _client.Connected)
{
// Отримання логіну та паролю
string message = GetMessage();
if (message == "Disconnect")
{
throw new Exception();
}
else if (message.Length > 0)
{
Creds creds = null;
try { creds = JsonConvert.DeserializeObject <Creds>(message); }
catch (Exception) { Console.WriteLine($"User {this.Id}({UserName}) sent message with credantials strucrure promlem"); }
if (creds != null)
{
UserName = creds.Login;
Console.WriteLine($"User {this.Id}({UserName}) is trying to connect");
// Перевірка чи з'єднання є повторним (чи юзер зараз вже користується додатком на іншому пристрої)
if (_server.UserConnectionIsRepeated(UserName, this))
{
_server.BroadcastMessage("repeat", this);
Console.WriteLine($"User {this.Id}({UserName}) has already connected before");
continue;
}
// Перевірка логіну та паролю
user = await _dbHelper.CheckCredentials(creds.Login, creds.Password);
var userDTO = _mapper.Map <UserDTO>(user);
message = JsonConvert.SerializeObject(userDTO);
// Відправка відповіді
_server.BroadcastMessage(message, this);
// Логування
if (userDTO == null)
{
Console.WriteLine($"User {this.Id}({UserName}) authorization failed");
}
else
{
Accounts = user.Client.Accounts.ToList();
Console.WriteLine($"User {this.Id}({UserName}) has connected");
}
}
}
}
// Робота сесії клієнта
while (true)
{
try
{
// Постійне очікування на команду
string message = GetMessage();
// Якщо прийшла команда на переказ коштів
if (message.Substring(0, 10) == "operation ")
{
var res = "Successful";
var obj = message.Substring(10);
OperationDTO oper = JsonConvert.DeserializeObject <OperationDTO>(message.Substring(10));
try
{
var toAccount = (await _dbHelper.FindAccount(a => a.Number == oper.ToAccountNumber)).FirstOrDefault();
if (toAccount == null)
{
res = "Wrong: Recipient account not found";
}
var fromAccount = (await _dbHelper.FindAccount(a => a.Number == oper.FromAccountNumber)).FirstOrDefault();
if (fromAccount == null)
{
res = "Wrong: Sender account not found";
}
if (res == "Successful")
{
if (!fromAccount.WithdrawMoney(oper.Amount))
{
res = "Wrong: Not enough money";
}
else
{
var operation = _mapper.Map <Operation>(oper);
operation.ResultIsSuccess = true;
operation.Account = fromAccount;
fromAccount.Operations.Add(operation);
var operationTo = (Operation)operation.Clone();
operationTo.Account = toAccount;
toAccount.Amount += operationTo.Amount;
toAccount.Operations.Add(operationTo);
await _dbHelper.SaveChangesAsync();
var anotherTcpClient = _server.GetAccountFoOrherOperation(toAccount.Number, this);
if (anotherTcpClient != null)
{
var operationDTO = _mapper.Map <OperationDTO>(operationTo);
operationDTO.CurrentAccountNumber = toAccount.Number;
message = JsonConvert.SerializeObject(operationDTO);
_server.BroadcastMessage("operation " + message, anotherTcpClient);
}
}
}
Console.WriteLine($"User {this.Id}({UserName}) operation result:\n\t{oper.CurrentAccountNumber}: {res}");
}
catch (Exception ex)
{ Console.WriteLine($"User {this.Id}({UserName}) operation error:\n\t{oper.CurrentAccountNumber}: {ex.Message}"); }
_server.BroadcastMessage("operatRes " + res, this);
}
// Якщо прийшов запит на отримання всіх клієнтів
else if (message.Substring(0, 10) == "getClients")
{
try
{
var clients = (await _dbHelper.GetAllClients()).ToList();
var clientDTOs = _mapper.Map <List <ClientDTO> >(clients);
message = JsonConvert.SerializeObject(clientDTOs);
_server.BroadcastMessage("allClients" + message, this);
Console.WriteLine($"User {this.Id}({UserName}) get result:\n\temployee: clients are got successfully");
}
catch (Exception ex)
{ Console.WriteLine($"User {this.Id}({UserName}) get error:\n\temployee: {ex.Message}"); }
}
// Якщо прийшов запит на створення клієнта
else if (message.Substring(0, 10) == "clientAdd ")
{
var res = "Successful";
var clientDTO = JsonConvert.DeserializeObject <ClientDTO>(message.Substring(10));
try
{
var clientInDB = (await _dbHelper.FindClient(c => c.IPN == clientDTO.IPN)).FirstOrDefault();
if (clientInDB != null)
{
res = "Wrong: Client has already exist";
}
else
{
var client = _mapper.Map <Client>(clientDTO);
await _dbHelper.AddClient(client);
await _dbHelper.SaveChangesAsync();
}
Console.WriteLine($"User {this.Id}({UserName}) action result:\n\tclient created: {res}");
}
catch (Exception ex)
{ Console.WriteLine($"User {this.Id}({UserName}) action error:\n\tadd client: {ex.Message}"); }
_server.BroadcastMessage("operatRes " + res, this);
}
// Якщо прийшов запит на створення користувача (для змоги користуватися додатком)
else if (message.Substring(0, 10) == "userAdd ")
{
var res = "Successful";
var userDTO = JsonConvert.DeserializeObject <UserDTO>(message.Substring(10));
try
{
var clientInDB = (await _dbHelper.FindClient(c => c.IPN == userDTO.Client.IPN)).FirstOrDefault();
if (clientInDB == null)
{
res = "Wrong: Client hasn't found";
}
else
{
var userInDB = (await _dbHelper.FindUser(u => u.ClientId == clientInDB.Id)).FirstOrDefault();
if (userInDB != null)
{
res = "Wrong: User has already exist";
}
else
{
var userToAdd = _mapper.Map <User>(userDTO);
var clientRole = (await _dbHelper.FindRole(r => r.Name == "Client")).FirstOrDefault();
if (clientRole != null)
{
userToAdd.RoleId = clientRole.Id;
}
userToAdd.Client = clientInDB;
userToAdd.PasswordSalt = crypto.GenerateSalt();
userToAdd.PasswordHash = crypto.Compute(userDTO.PasswordHash, userToAdd.PasswordSalt);
await _dbHelper.AddUser(userToAdd);
await _dbHelper.SaveChangesAsync();
}
}
Console.WriteLine($"User {this.Id}({UserName}) action result:\n\tadd user: {res}");
}
catch (Exception ex)
{ Console.WriteLine($"User {this.Id}({UserName}) action error:\n\tadd user: {ex.Message}"); }
_server.BroadcastMessage("operatRes " + res, this);
}
// Якщо прийшов запитна створення рахунку
else if (message.Substring(0, 10) == "accountAdd")
{
var res = "Successful";
var ipn = message.Substring(10, 10);
var accountDTO = JsonConvert.DeserializeObject <AccountDTO>(message.Substring(20));
try
{
var clientInDB = (await _dbHelper.FindClient(c => c.IPN == ipn)).FirstOrDefault();
if (clientInDB == null)
{
res = "Wrong: Client hasn't found";
}
else
{
var accountToAdd = _mapper.Map <Account>(accountDTO);
accountToAdd.Client = clientInDB;
await _dbHelper.AddAccount(accountToAdd);
await _dbHelper.SaveChangesAsync();
}
Console.WriteLine($"User {this.Id}({UserName}) action result:\n\tadd account: {res}");
}
catch (Exception ex)
{ Console.WriteLine($"User {this.Id}({UserName}) action error:\n\tadd account: {ex.Message}"); }
_server.BroadcastMessage("operatRes " + res, this);
}
}
catch (Exception) { break; }
}
}
catch (Exception) {}
finally { Close(); }
}
