internal static void login( long idUser_in, Guid sessionGuid_in, string login_forLogPurposes_in, string ip_forLogPurposes_in, bool andCheckPassword_in, string password_in, out long idUser_out, out string login_out, out long[] idPermissions_out, ref List <int> errorlist_ref ) { login( DO_CRD_User.getObject( idUser_in ), sessionGuid_in, login_forLogPurposes_in, ip_forLogPurposes_in, andCheckPassword_in, password_in, out idUser_out, out login_out, out idPermissions_out, ref errorlist_ref ); }
internal static long insObject_Registration( string login_in, string password_in, int idApplication_in, bool selectIdentity_in, ref List <int> errorlist_in, DBConnection con_in ) { long _output = -1L; // user registering // if (!Sessionuser.checkLogin(login_in, ref errorlist_in)) { return(_output); } bool _constraint; _output = DO_CRD_User.insObject( new SO_CRD_User( -1L, login_in, // ToDos: here! encrypt before sending... password_in, idApplication_in ), selectIdentity_in, out _constraint, con_in ); if (_constraint) { errorlist_in.Add(ErrorType.data__constraint_violation); } else { if (con_in == null) { // assuming NO other (internal) operations are going on errorlist_in.Add(ErrorType.user__successfully_created__WARNING); } } return(_output); }
internal static long insObject_CreateUser( Sessionuser sessionUser_in, string login_in, bool selectIdentity_in, ref List <int> errorlist_in, DBConnection con_in ) { long _output = -1L; // ToDos: here! must have permission to create user if (!sessionUser_in.hasPermission( PermissionType.User__insert )) { errorlist_in.Add(ErrorType.user__lack_of_permissions_to_write); return(_output); } if (!Sessionuser.checkLogin(login_in, ref errorlist_in)) { return(_output); } bool _constraint; _output = DO_CRD_User.insObject( new SO_CRD_User( -1L, login_in, // ToDos: here! encrypt before sending... login_in, // default: password = login sessionUser_in.IDApplication ), selectIdentity_in, out _constraint, con_in ); if (_constraint) { errorlist_in.Add(ErrorType.data__constraint_violation); } else { if (con_in == null) { // assuming NO other (internal) operations are going on errorlist_in.Add(ErrorType.user__successfully_created__WARNING); } } return(_output); }
public static void ChangePassword( string sessionGuid_in, string ip_forLogPurposes_in, string password_old_in, string password_new_in, out int[] errors_out ) { List <int> _errorlist; Guid _sessionguid; Sessionuser _sessionuser; #region check... if (!SBO_CRD_Authentication.isSessionGuid_valid( sessionGuid_in, ip_forLogPurposes_in, out _sessionguid, out _sessionuser, out _errorlist, out errors_out )) { //// no need! //errors_out = _errors.ToArray(); return; } SO_CRD_User _user = DO_CRD_User.getObject(_sessionuser.IDUser); if (_user == null) { _errorlist.Add(ErrorType.authentication__no_such_user); UserSession.Remove(_sessionguid); errors_out = _errorlist.ToArray(); return; } #endregion bool _constraint; if ( !SimpleHash.VerifyHash( password_old_in, SimpleHash.HashAlgotithm.SHA256, _user.Password ) ) { _errorlist.Add(ErrorType.authentication__change_password__wrong_password); } else if (string.IsNullOrEmpty(password_new_in)) { _errorlist.Add(ErrorType.authentication__change_password__invalid_password); } else { _user.Password = SimpleHash.ComputeHash( password_new_in, SimpleHash.HashAlgotithm.SHA256, null ); DO_CRD_User.updObject( _user, true, out _constraint ); } errors_out = _errorlist.ToArray(); }
public static void Login( string login_in, string password_in, string sessionGuid_in, string ip_forLogPurposes_in, int idApplication_in, out long idUser_out, out long[] idPermissions_out, out int[] errors_out ) { idPermissions_out = null; idUser_out = -1L; Guid _sessionguid; List <int> _errorlist; #region check... if (!SBO_CRD_Authentication.isSessionGuid_valid( sessionGuid_in, out _sessionguid, out _errorlist, out errors_out )) { //// no need! //errors_out = _errors.ToArray(); return; } if (string.IsNullOrEmpty(login_in)) { _errorlist.Add(ErrorType.authentication__invalid_login); errors_out = _errorlist.ToArray(); return; } #endregion string _login; login( DO_CRD_User.getObject_byLogin( login_in, idApplication_in ), _sessionguid, login_in, ip_forLogPurposes_in, true, password_in, out idUser_out, out _login, out idPermissions_out, ref _errorlist ); errors_out = _errorlist.ToArray(); }