Esempio n. 1
0
        public DataTable GetUser(IConnectToDB _Connect, DataTable _DT, string Username, string SubmittedPassword)
        {
            ER_Query       er_query = new ER_Query();
            IdentityHelper ih       = new IdentityHelper();

            _DT = new DataTable();

            DataTable usernamedt = ih.FindIdentity(_Connect, Username);

            if (usernamedt.Rows.Count == 1)
            {
                foreach (DataRow _DR in usernamedt.Rows)
                {
                    if (_DR.Field <string>("User_name").ToLower() == Username.ToLower() || _DR.Field <string>("Email").ToLower() == Username.ToLower())
                    {
                        List <DynamicModels.RootReportFilter> passwordFilters = new List <DynamicModels.RootReportFilter>();

                        passwordFilters.Add(new DynamicModels.RootReportFilter {
                            FilterName = "IDENTITIES_ID_", ParamValue = _DR.Field <long?>("identities_id")
                        });

                        DataTable passdt = _DynamicOutputProcedures._DynoProcSearch(_Connect, "Custom Query", "SP_S_" + "VW__ID_PASSWORD" + "_SEARCH",
                                                                                    new DataTableDotNetModelMetaData {
                            length = -1, order = "1 asc", start = 0, verify = "T"
                        },
                                                                                    passwordFilters);

                        if (passdt.Rows.Count != 0)
                        {
                            byte[] EncryptedPassword = (byte[])passdt.Rows[0]["Password"];
                            long?  IDENTITIES_ID     = (long?)passdt.Rows[0]["IDENTITIES_ID"];

                            ER_Sec er_sec = new ER_Sec();

                            string DecryptedPasswordHash = er_sec.DecryptStringFromBytes_Aes(EncryptedPassword, er_sec.GetCryptPairforID(_Connect, IDENTITIES_ID, new ER_CRYPT_PAIR()));
                            if (passdt.Rows.Count != 0 && ER_Sec.VerifyHash(SubmittedPassword, "SHA512", DecryptedPasswordHash))
                            {
                                _DT = usernamedt;
                            }
                        }
                        else
                        {
                            _DT = usernamedt;
                        }

                        break;
                    }
                }
            }

            return(_DT);
        }
Esempio n. 2
0
        public string VerifyUserByRegCode(IConnectToDB _Connect, string VerifyUUID)
        {
            ER_Query er_query = new ER_Query();

            ER_Query.Parameter_Run SQlinUserName = new ER_Query.Parameter_Run();
            ER_Query.Parameter_Run SQlinPassword = new ER_Query.Parameter_Run();
            string DecryptedPassword             = "";

            SQlinUserName._dbParameters = new List <DBParameters>
            {
                new DBParameters {
                    ParamName = "UUID", MSSqlParamDataType = SqlDbType.VarChar, ParamValue = VerifyUUID
                }
            };

            SQlinUserName.sqlIn = "Select a.* from CSA.IDENTITIES a inner join CSA.VW__VERIFY b on (a.IDENTITIES_ID = b.IDENTITIES_ID and b.UUID = @UUID) where b.UUID = @UUID";

            DataTable usernamedt = er_query.RUN_PARAMETER_QUERY(_Connect, SQlinUserName);

            if (usernamedt.Rows.Count == 1)
            {
                foreach (DataRow _DR in usernamedt.Rows)
                {
                    SQlinPassword._dbParameters = new List <DBParameters>
                    {
                        new DBParameters {
                            ParamName = "IDENTITIES_ID", MSSqlParamDataType = SqlDbType.BigInt, ParamValue = _DR.Field <long?>("identities_id").ToString()
                        }
                    };

                    SQlinPassword.sqlIn = "Select a.* from CSA.ID_PASSWORD a inner join CSA.ID_PASSWORD b on a.IDENTITIES_ID = b.IDENTITIES_ID and a.RENDITION in (select max(c.RENDITION) from " +
                                          "CSA.ID_PASSWORD c where c.Identities_id = b.Identities_ID) where a.identities_id = @IDENTITIES_ID";

                    DataTable passdt = er_query.RUN_PARAMETER_QUERY(_Connect, SQlinPassword);

                    byte[] EncryptedPassword = (byte[])passdt.Rows[0]["Password"];
                    long   IDENTITIES_ID     = (long)passdt.Rows[0]["IDENTITIES_ID"];

                    ER_Sec er_sec = new ER_Sec();

                    DecryptedPassword = er_sec.DecryptStringFromBytes_Aes(EncryptedPassword, er_sec.GetCryptPairforID(_Connect, IDENTITIES_ID, new ER_CRYPT_PAIR()));

                    if (passdt.Rows.Count != 0)
                    {
                        //ER_DML er_dml = new ER_DML();
                        //er_dml.OBJECT_DML(_Connect, "Update", "Identities", "ENABLED", IDENTITIES_ID, new Object_Value { _String = "Y" }); Commented out because this is already being set to yes when the identity is created.
                        add  addHelp      = new add();
                        long?IdentitiesId = null;

                        //er_dml.OBJECT_DML(_Connect, "Update", "Identities", "ACTIVE", IDENTITIES_ID, new Object_Value { _String = "Y" });
                        //er_dml.OBJECT_DML(_Connect, "Update", "Identities", "VERIFIED", IDENTITIES_ID, new Object_Value { _String = "Y" });

                        Values.UpdateIdentity IdentitiesModel = null;
                        IdentitiesModel = addHelp.UPDATE_ENTRY_Identities(_Connect, new Values.UpdateIdentity
                        {
                            I_IDENTITIES_ID = _DR.Field <long?>("IDENTITIES_ID"),
                            I_OBJECT_TYPE   = _DR.Field <string>("OBJECT_TYPE"),
                            I_USER_NAME     = _DR.Field <string>("USER_NAME"),
                            I_EDIPI         = _DR.Field <string>("EDIPI"),
                            I_EMAIL         = _DR.Field <string>("EMAIL"),
                            I_ACTIVE        = "Y",
                            I_VERIFIED      = "Y",
                        });
                        IdentitiesId = IdentitiesModel.O_IDENTITIES_ID;

                        VerificationHelper VH = new VerificationHelper();
                        VH.MarkVerificationsForID(_Connect, IDENTITIES_ID, "CreateUser");
                        VH.DisableVerificationsForID(_Connect, IDENTITIES_ID, "CreateUser");
                    }
                    break;
                }
            }
            return(DecryptedPassword);
        }
Esempio n. 3
0
        public DataTable GetPendingUser(IConnectToDB _Connect, DataTable _DT, string Username, string SubmittedPassword, string VerifyUUID)
        {
            ER_Query er_query = new ER_Query();

            ER_Query.Parameter_Run SQlinUserName = new ER_Query.Parameter_Run();
            ER_Query.Parameter_Run SQlinPassword = new ER_Query.Parameter_Run();

            SQlinUserName._dbParameters = new List <DBParameters>
            {
                new DBParameters {
                    ParamName = "UUID", MSSqlParamDataType = SqlDbType.VarChar, ParamValue = VerifyUUID
                },
                new DBParameters {
                    ParamName = "USER_NAME", MSSqlParamDataType = SqlDbType.VarChar, ParamValue = Username.ToLower()
                },
            };

            SQlinUserName.sqlIn = "Select a.* from CSA.IDENTITIES a inner join CSA.VW__VERIFY b on (a.IDENTITIES_ID = b.IDENTITIES_ID and b.UUID = @UUID) where LOWER(a.User_name) = @USER_NAME or LOWER(a.Email) = @USER_NAME";

            DataTable usernamedt = er_query.RUN_PARAMETER_QUERY(_Connect, SQlinUserName);

            if (usernamedt.Rows.Count == 1)
            {
                foreach (DataRow _DR in usernamedt.Rows)
                {
                    if (_DR.Field <string>("User_name").ToLower() == Username.ToLower() || _DR.Field <string>("Email").ToLower() == Username.ToLower())
                    {
                        SQlinPassword._dbParameters = new List <DBParameters>
                        {
                            new DBParameters {
                                ParamName = "IDENTITIES_ID", MSSqlParamDataType = SqlDbType.BigInt, ParamValue = _DR.Field <long?>("identities_id")
                            }
                        };

                        SQlinPassword.sqlIn = "Select a.* from CSA.ID_PASSWORD a inner join CSA.ID_PASSWORD b on a.IDENTITIES_ID = b.IDENTITIES_ID and a.RENDITION in (select max(c.RENDITION) from CSA.ID_PASSWORD c where c.Identities_id = b.Identities_ID) where a.identities_id = @IDENTITIES_ID";

                        DataTable passdt = er_query.RUN_PARAMETER_QUERY(_Connect, SQlinPassword);

                        byte[] EncryptedPassword = (byte[])passdt.Rows[0]["Password"];
                        long?  IDENTITIES_ID     = (long?)passdt.Rows[0]["IDENTITIES_ID"];

                        ER_Sec er_sec = new ER_Sec();

                        string DecryptedPasswordHash = er_sec.DecryptStringFromBytes_Aes(EncryptedPassword, er_sec.GetCryptPairforID(_Connect, IDENTITIES_ID, new ER_CRYPT_PAIR()));

                        if (passdt.Rows.Count != 0 && ER_Sec.VerifyHash(SubmittedPassword, "SHA512", DecryptedPasswordHash)
                            )
                        {
                            _DT = usernamedt;

                            ER_DML er_dml = new ER_DML();

                            //er_dml.OBJECT_DML(_Connect, "Update", "Identities", "ENABLED", IDENTITIES_ID, new Object_Value { _String = "Y" }); Commented out because this is already being set to yes when the identity is created.
                            er_dml.OBJECT_DML(_Connect, "Update", "Identities", "ACTIVE", IDENTITIES_ID, new Object_Value {
                                _String = "Y"
                            });
                            er_dml.OBJECT_DML(_Connect, "Update", "Identities", "VERIFIED", IDENTITIES_ID, new Object_Value {
                                _String = "Y"
                            });

                            VerificationHelper VH = new VerificationHelper();
                            VH.DisableVerificationsForID(_Connect, IDENTITIES_ID, "CreateUser");
                        }

                        break;
                    }
                }
            }

            return(_DT);
        }