/// <summary>
/// On validation, new user is registered.
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void btnRegister_Click(object sender, EventArgs e)
{
// Starting a connection with the CasinoDB for User and Record tables.
playerDAO = new PlayerDAO(connString);
recordDAO = new RecordDAO(connString);
// Condition checks for duplicate account registrations.
if (playerDAO.UserNameExists(txtUsername.Text))
{
txtUsername.Text = "Username already exists.";
if (playerDAO.UserEmailExists(txtEmail.Text))
{
txtEmail.Text = "Email already exists.";
}
}
else
{
// Creates salted hash password for new registered player.
GeneratePasswordSaltedHash(txtPass.Text);
// Sets the new registered players starting balance.
int balance = Player.STARTING_BALANCE;
// Creates new instances of Player and Record for DAO classes.
Player player = new Player(txtUsername.Text, txtFirstName.Text, txtLastName.Text, txtEmail.Text, base64Password, base64Salt, balance);
Record record = new Record(player.UserName, 0, 0, 0, 0);
// Adds a new registered Player to User table and create their new record.
playerDAO.AddPlayer(player);
recordDAO.AddNewRecord(record);
// Redirects to MainMenu page when registration is complete.
Response.Redirect("/MainMenu.aspx");
}
}
/// <summary>
/// On validation, new user is authenticated.
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void btnLogin_Click(object sender, EventArgs e)
{
// Starting a connection with the CasinoDB for User and Record tables.
playerDAO = new PlayerDAO(connString);
// Check if user is even registered.
if (playerDAO.UserNameExists(txtUsername.Text))
{
// Retrieve user through username from database.
Player player = playerDAO.SelectByUsername(txtUsername.Text);
// Retrieve B64Password and B64Salt from user.
string salt = player.B64Salt;
string secPwd = player.B64Password;
// Convert values to bytes.
byte[] saltBytes = Convert.FromBase64String(salt);
byte[] passwordBytes = Encoding.UTF8.GetBytes(txtPass.Text);
// Combine to single byte value.
byte[] combined = new byte[saltBytes.Length + passwordBytes.Length];
saltBytes.CopyTo(combined, 0);
passwordBytes.CopyTo(combined, saltBytes.Length);
// Compute hash for combined byte value.
SHA512 sha512 = SHA512.Create();
byte[] finalHashedBytes = sha512.ComputeHash(combined);
// Convert hashed byte to string for comparison.
string base64Password = Convert.ToBase64String(finalHashedBytes);
// Check if forms hashed password matches database hashed password.
if (base64Password.Equals(secPwd))
{
Session["Player"] = player;
FormsAuthentication.RedirectFromLoginPage($"{player.LastName}, {player.FirstName}", false);
}
else
{
txtUsername.BorderColor = Color.Red;
txtUsername.Text = "Username";
txtPass.BorderColor = Color.Red;
txtPass.Text = "Password";
}
}
else
{
txtUsername.BorderColor = Color.Orange;
txtUsername.Text = "Username";
txtPass.BorderColor = Color.FromArgb(236, 240, 241);
txtPass.Text = "Password";
}
}