Exemple #1
0
        private static void ProcessSignup()
        {
            // TDB based off tokenizing pattern. When design is concluded,
            // variable dataStartLocation will indicate where the data portion is held in the array
            int dataStartLocation = 1;

            // Holds result of signup attempt
            bool isValidSignup = false;

            User u = new User();

            u.UserName = tokenizedMessage[dataStartLocation];


            // Checks if the username exists in the database
            if (!db.Users.Any(x => x.UserName == u.UserName))
            {
                byte[] salt     = SaltedHash.CreateSalt();                //Store this value in the database for each user
                string pw       = tokenizedMessage[2];                    //this needs to be the user entered password sent from client
                byte[] saltedpw = SaltedHash.CreateSaltedHash(salt, pw);  //They will then be passed into the method to convert to the saltedhash
                //both salt and saltedpw need to be stored in db for each user

                u.Active     = true;
                u.Salt       = salt;
                u.Password   = saltedpw;
                u.Start_Date = DateTime.Now;
                u.IP_Address = 0m;

                db.Users.Add(u);
                db.SaveChanges();

                isValidSignup = true;
            }

            string output = "<Signup>" + "|" + isValidSignup + "|" + "<EOF>";
            // Holds the current index value of the userList as it iterates
            int indexCount = 0;

            foreach (StateObject s in UserList.userList)
            {
                if (s.userID == u.UserName)
                {
                    if (checkSocketStatus(s.workSocket))
                    {
                        AsynchronousSocketListener.Send(s.workSocket, output);
                        break;
                    }
                    UserList.userList.RemoveAt(indexCount);
                }
                indexCount++;
            }
        }
Exemple #2
0
        private static void ProcessLogin()
        {
            // TDB based off tokenizing pattern. When design is concluded,
            // variable dataStartLocation will indicate where the data portion is held in the array
            int dataStartLocation = 1;

            // The bool that's returned to the client stating if the login has succeeded or failed.
            bool isValidLogin = false;

            // To list the user table to allow for easier access
            List <User> users = db.Users.ToList();

            foreach (User u in users)
            {
                if (u.UserName == tokenizedMessage[dataStartLocation])
                {
                    // TODO run password through salted hash system to see if there's a match on the password.
                    // Aaron, all I need is a method call where I can place the incoming password as a parameter
                    // so it's run through the salted hash functions and a return value is setup to
                    // receive the result of the crypto function for comparison to verify that this user
                    // has the correct password.
                    byte[] salt       = u.Salt;                                  //needs to be retrieved from database
                    string pw         = tokenizedMessage[dataStartLocation + 1]; //user entered password from client
                    byte[] saltedHash = u.Password;                              //needs to be retrieved from database
                    isValidLogin = SaltedHash.Validate(salt, pw, saltedHash);    //Pass in salt, user password, then salted hash. this should return true/false depending on if password validates
                    //These methods will need to be tested and tweaked if necessary. I'm not sure if they work 100% as I am not able to test them
                    break;
                }
            }

            foreach (StateObject s in UserList.userList)
            {
                if (s.userID == tokenizedMessage[dataStartLocation])
                {
                    string output = "<Login>" + "|" + isValidLogin + "<EOF>";
                    AsynchronousSocketListener.Send(s.workSocket, output);
                    break;
                }
            }
        }