public string login(string pstringRequest)
{
clsRequest request = JsonConvert.DeserializeObject <clsRequest>(pstringRequest);
clsInfoUser InfoUser = DeserializeJson.DeserializeInfoUser(request.Data);
clsResponse response = new clsResponse();
FacadeDA.validateUser(InfoUser, ref response);
if (response.Success) //existing username
{
InfoUser = FacadeDA.getSaltPass(InfoUser, ref response); //get salt and password from DA
string HashedPassword = clsHasher.hashPassword(InfoUser.Password, InfoUser.Salt); // hash the incoming password with salt from DA
if (!(clsHasher.compare(HashedPassword, InfoUser.SaltHashed))) //compare hashed passwords
{
//not match
//error info
response.Success = false;
response.Message = "Incorrect Username or Password";
response.Code = 3;
}
InfoUser.Password = null;
InfoUser.Salt = null; // clear the object before sending
InfoUser.SaltHashed = null; // clear the object before sending
}
response.Data = serializer.Serialize(InfoUser);
return(serializer.Serialize(response));
}
public string createFan(string pstringRequest)
{
clsRequest request = JsonConvert.DeserializeObject <clsRequest>(pstringRequest);
clsInfoFan InfoFan = DeserializeJson.DeserializeFanForm(request.Data);
clsResponse response = new clsResponse();
clsInfoUser InfoUser = new clsInfoUser();
InfoUser.Username = InfoFan.Username;
FacadeDA.validateUser(InfoUser, ref response);
if (!response.Success) //not existing username
{
response = new clsResponse(); //clear the response
InfoFan.Salt = clsHasher.genSalt();
InfoFan.SaltHashed = clsHasher.hashPassword(InfoFan.Password, InfoFan.Salt);
InfoFan = FacadeDA.createFan(InfoFan, ref response);
//save image
ArchiveManager.saveUserImage(InfoFan.Id, InfoFan.Picture, ref response);
InfoUser.Salt = null; // clear the object before sending
InfoUser.SaltHashed = null; // clear the object before sending
}
else
{
//error info
response.Success = false;
response.Message = "Existing Username";
response.Code = 3;
}
response.Data = serializer.Serialize(InfoFan);
return(serializer.Serialize(response));
}
public string checkUsername(string pstringUsername)
{
clsInfoUser InfoUser = new clsInfoUser();
InfoUser.Username = pstringUsername;
clsResponse response = new clsResponse();
FacadeDA.validateUser(InfoUser, ref response);
//Data = null
return(serializer.Serialize(response));
}
public void validateUser(clsInfoUser pclsInfoUser, ref clsResponse pclsResponse)
{
try
{
FanRead.validateUser(pclsInfoUser, ref pclsResponse);
}
catch
{
pclsResponse.Code = 007;
pclsResponse.Success = false;
pclsResponse.Message = "Internal Error";
}
}
public static void Main()
{
clsUserRead a = new clsUserRead();
clsResponse b = new clsResponse();
clsInfoUser c = new clsInfoUser();
Serializer d = new Serializer();
c.Username = "******";
Console.WriteLine(d.Serialize(a.getSaltPass(c, ref b)));
Console.WriteLine(b.Message);
Console.ReadKey();
}
public clsInfoUser getSaltPass(clsInfoUser pclsInfoUser, ref clsResponse pclsResponse)
{
try
{
return(FanRead.getSaltPass(pclsInfoUser, ref pclsResponse));
}
catch
{
pclsResponse.Code = 007;
pclsResponse.Success = false;
pclsResponse.Message = "Internal Error";
return(pclsInfoUser);
}
}
public clsInfoUser DeserializeInfoUser(string pstringData)
{
clsInfoUser InfoUser = new clsInfoUser();
dynamic data = JObject.Parse(pstringData);
InfoUser.Username = Convert.ToString(data.Username);
InfoUser.Password = Convert.ToString(data.Password);
InfoUser.ConfirmPassword = Convert.ToString(data.ConfirmPassword);
InfoUser.Active = Convert.ToBoolean(data.Active);
InfoUser.Id = Convert.ToInt32(data.Id);
InfoUser.Rol = Convert.ToInt32(data.Rol);
return(InfoUser);
}
public void validateUser(clsInfoUser pclsInfoUser, ref clsResponse pclsResponse)
{
try
{
SqlCommand cmd = new SqlCommand("myFan.SP_ExistUserName", conn);
cmd.CommandType = System.Data.CommandType.StoredProcedure;
cmd.Parameters.Add("@strUserName", System.Data.SqlDbType.VarChar).Value = pclsInfoUser.Username;
conn.Open();
SqlDataReader result = cmd.ExecuteReader();
result.Read();
if (result.HasRows == true)
{
if (result["UserLogin"].ToString().Equals("True"))
{
pclsResponse.Code = 0;
pclsResponse.Message = "Done";
pclsResponse.Success = true;
}
else
{
pclsResponse.Code = 3;
pclsResponse.Message = "Incorrect Username";
pclsResponse.Success = false;
}
}
else
{
pclsResponse.Code = 3;
pclsResponse.Message = "Incorrect Username";
pclsResponse.Success = false;
}
}
catch (SqlException ex)
{
pclsResponse.Code = 1;
pclsResponse.Message = "Error while procesing your request.";
pclsResponse.Success = false;
}
catch (Exception ex)
{
pclsResponse.Code = 2;
pclsResponse.Message = "Unexpected error.";
pclsResponse.Success = false;
}
finally
{
conn.Close();
}
}
public clsInfoUser getSaltPass(clsInfoUser pclsInfoUser, ref clsResponse pclsResponse)
{
try
{
SqlCommand cmd = new SqlCommand("myFan.SP_GetSaltCredentials", conn);
cmd.CommandType = System.Data.CommandType.StoredProcedure;
cmd.Parameters.Add("@User", System.Data.SqlDbType.VarChar).Value = pclsInfoUser.Username;
conn.Open();
SqlDataReader result = cmd.ExecuteReader();
result.Read();
pclsInfoUser.SaltHashed = result["HashPassword"].ToString();
pclsInfoUser.Salt = result["Salt"].ToString();
pclsInfoUser.Id = Convert.ToInt32(result["UserCode"].ToString());
pclsInfoUser.Rol = Convert.ToInt32(result["CodeRol"].ToString());
pclsInfoUser.Name = result["Nombre"].ToString();
pclsResponse.Code = 0;
pclsResponse.Message = "Done";
pclsResponse.Success = true;
}
catch (SqlException ex)
{
pclsResponse.Code = 1;
pclsResponse.Message = "Error while procesing your request.";
pclsResponse.Success = false;
}
catch (Exception ex)
{
pclsResponse.Code = 2;
pclsResponse.Message = "Unexpected error.";
pclsResponse.Success = false;
}
finally
{
conn.Close();
}
return(pclsInfoUser);
}
public clsInfoUser getSaltPass(clsInfoUser pclsInfoUser, ref clsResponse pclsResponse)
{
return(UserDA.getSaltPass(pclsInfoUser, ref pclsResponse));
}
public void validateUser(clsInfoUser pclsInfoUser, ref clsResponse pclsResponse)
{
UserDA.validateUser(pclsInfoUser, ref pclsResponse);
}
