public void ResetPassword(IConnectToDB _Connect, string VerifyUUID, string password)
{
ER_Sec er_sec = new ER_Sec();
ER_DML er_dml = new ER_DML();
_DynamicOutputProcedures DynamicOutput = new _DynamicOutputProcedures();
List <DynamicModels.RootReportFilter> verifyIdentityFilters = new List <DynamicModels.RootReportFilter>();
List <DynamicModels.RootReportFilter> idPasswordFilters = new List <DynamicModels.RootReportFilter>();
verifyIdentityFilters.Add(new DynamicModels.RootReportFilter {
FilterName = "UUID_", DBType = SqlDbType.VarChar, ParamValue = VerifyUUID
});
DataTable verifyIdentityTable = DynamicOutput.DynoProcSearch(_Connect, "Custom Query", "SP_S_VW__VERIFY_SEARCH",
new DataTableDotNetModelMetaData {
columns = "IDENTITIES_ID", length = -1, order = "1 asc", start = 0, verify = "T"
},
verifyIdentityFilters);
idPasswordFilters.Add(new DynamicModels.RootReportFilter {
FilterName = "Identities_ID_", DBType = SqlDbType.BigInt, ParamValue = verifyIdentityTable.Rows[0].Field <long?>("IDENTITIES_ID")
});
DataTable idPasswordTable = DynamicOutput.DynoProcSearch(_Connect, "Custom Query", "SP_S_VW__ID_PASSWORD_SEARCH",
new DataTableDotNetModelMetaData {
columns = "ID_PASSWORD_ID", length = -1, order = "1 asc", start = 0, verify = "T"
},
idPasswordFilters);
//Update Password
string hash = ER_Sec.ComputeHash(password, "SHA512", null);
er_dml.OBJECT_DML(_Connect, "Update", "ID_PASSWORD", "PASSWORD", idPasswordTable.Rows[0].Field <long?>("ID_PASSWORD_ID"),
new Object_Value
{
_File = new File_Object
{
_FileBytes = er_sec.EncryptStringToBytes_Aes(hash,
er_sec.GetCryptPairforID(_Connect, verifyIdentityTable.Rows[0].Field <long?>("IDENTITIES_ID"), new ER_CRYPT_PAIR()))
}
});
//disable verification
VerificationHelper VH = new VerificationHelper();
VH.DisableVerificationsForID(_Connect, verifyIdentityTable.Rows[0].Field <long?>("IDENTITIES_ID"), "ResetPassword");
}
public DataTable GetPendingUser(IConnectToDB _Connect, DataTable _DT, string Username, string SubmittedPassword, string VerifyUUID)
{
ER_Query er_query = new ER_Query();
ER_Query.Parameter_Run SQlinUserName = new ER_Query.Parameter_Run();
ER_Query.Parameter_Run SQlinPassword = new ER_Query.Parameter_Run();
SQlinUserName._dbParameters = new List <DBParameters>
{
new DBParameters {
ParamName = "UUID", MSSqlParamDataType = SqlDbType.VarChar, ParamValue = VerifyUUID
},
new DBParameters {
ParamName = "USER_NAME", MSSqlParamDataType = SqlDbType.VarChar, ParamValue = Username.ToLower()
},
};
SQlinUserName.sqlIn = "Select a.* from CSA.IDENTITIES a inner join CSA.VW__VERIFY b on (a.IDENTITIES_ID = b.IDENTITIES_ID and b.UUID = @UUID) where LOWER(a.User_name) = @USER_NAME or LOWER(a.Email) = @USER_NAME";
DataTable usernamedt = er_query.RUN_PARAMETER_QUERY(_Connect, SQlinUserName);
if (usernamedt.Rows.Count == 1)
{
foreach (DataRow _DR in usernamedt.Rows)
{
if (_DR.Field <string>("User_name").ToLower() == Username.ToLower() || _DR.Field <string>("Email").ToLower() == Username.ToLower())
{
SQlinPassword._dbParameters = new List <DBParameters>
{
new DBParameters {
ParamName = "IDENTITIES_ID", MSSqlParamDataType = SqlDbType.BigInt, ParamValue = _DR.Field <long?>("identities_id")
}
};
SQlinPassword.sqlIn = "Select a.* from CSA.ID_PASSWORD a inner join CSA.ID_PASSWORD b on a.IDENTITIES_ID = b.IDENTITIES_ID and a.RENDITION in (select max(c.RENDITION) from CSA.ID_PASSWORD c where c.Identities_id = b.Identities_ID) where a.identities_id = @IDENTITIES_ID";
DataTable passdt = er_query.RUN_PARAMETER_QUERY(_Connect, SQlinPassword);
byte[] EncryptedPassword = (byte[])passdt.Rows[0]["Password"];
long? IDENTITIES_ID = (long?)passdt.Rows[0]["IDENTITIES_ID"];
ER_Sec er_sec = new ER_Sec();
string DecryptedPasswordHash = er_sec.DecryptStringFromBytes_Aes(EncryptedPassword, er_sec.GetCryptPairforID(_Connect, IDENTITIES_ID, new ER_CRYPT_PAIR()));
if (passdt.Rows.Count != 0 && ER_Sec.VerifyHash(SubmittedPassword, "SHA512", DecryptedPasswordHash)
)
{
_DT = usernamedt;
ER_DML er_dml = new ER_DML();
//er_dml.OBJECT_DML(_Connect, "Update", "Identities", "ENABLED", IDENTITIES_ID, new Object_Value { _String = "Y" }); Commented out because this is already being set to yes when the identity is created.
er_dml.OBJECT_DML(_Connect, "Update", "Identities", "ACTIVE", IDENTITIES_ID, new Object_Value {
_String = "Y"
});
er_dml.OBJECT_DML(_Connect, "Update", "Identities", "VERIFIED", IDENTITIES_ID, new Object_Value {
_String = "Y"
});
VerificationHelper VH = new VerificationHelper();
VH.DisableVerificationsForID(_Connect, IDENTITIES_ID, "CreateUser");
}
break;
}
}
}
return(_DT);
}
