private void btnLogin_Click(object sender, RoutedEventArgs e)
{
var validate = context.Suppliers.Where(x => x.Email.Contains(txtEmail.Text)).SingleOrDefault();
if (string.IsNullOrWhiteSpace(txtEmail.Text) || txtPass.Password.Equals(""))
{
MessageBox.Show("Email or Pass is must be filled");
}
//else if (!txtEmail.Text.All(char.IsLetterOrDigit))
//{
// MessageBox.Show("*Name Must Contain Only number and text !");
//}
//else if (!IsValidEmailRegex(txtEmail.Text))
else if (!Validate(txtEmail.Text))
{
MessageBox.Show("Invalid Email Address");
}
else if (validate == null)
{
MessageBox.Show("Email not available, you must be register");
}
else
{
//if (txtEmail.Text != validate.Email && txtPass.Text != validate.Pass)
if (txtEmail.Text == validate.Email && Bcrypt.Verify(txtPass.Password, validate.Pass) == true)
{
if (validate.Guid.Equals(""))
{
if (rememberMe.IsChecked == true)
{
Properties.Settings.Default.Mail = txtEmail.Text;
Properties.Settings.Default.Password = txtPass.Password;
Properties.Settings.Default.Save();
}
MainWindow main = new MainWindow();
main.Show();
}
else
{
ChangePassWindow changePass = new ChangePassWindow();
changePass.getEmail.Text = txtEmail.Text;
changePass.Show();
}
this.Close();
}
else
{
MessageBox.Show("Email or Pass is wrong");
}
}
}
public async Task <User> AuthenticateAsync(string username, string password)
{
var user = await _dataContext.Users.SingleOrDefaultAsync(u => u.Username == username);
if (user == null || !BC.Verify(password, user.Password))
{
throw new LogicException("Неправильный логин или пароль");
}
else
{
GenerateToken(user);
return(user.WithoutPassword());
}
}
public async Task <User> RegisterAsync(string username, string password, string firstName, string lastName, string role)
{
var user = await _dataContext.Users.SingleOrDefaultAsync(u => u.Username == username);
if (user != null)
{
throw new LogicException("Пользователь с указанным именем уже существует");
}
user = new User(username, BC.HashPassword(password), firstName, lastName, role);
_dataContext.Users.Add(user);
await _dataContext.SaveChangesAsync();
GenerateToken(user);
return(user.WithoutPassword());
}
private void MaterialRaisedButton2_Click(object sender, EventArgs e)
{
try
{
if (txtLogin.Text == "" || txtPass.Text == "" || txtName.Text == "" || txtF.Text == "" || txtMail.Text == "" || txtPass2.Text == "")
{
MaterialMessageBox.Show("Пожалуйста заполните все поля", "Упс... Что-то пошло не так", MessageBoxButtons.OK);
}
else if (txtPass.Text != txtPass2.Text)
{
MaterialMessageBox.Show("Пароль не совпадают", "Упс... Что-то пошло не так", MessageBoxButtons.OK);
}
else
{
using (SqlConnection sqlcon = new SqlConnection(connectionString))
{
sqlcon.Open();
SqlCommand sqlCmd = new SqlCommand("SotrAdd", sqlcon);
sqlCmd.CommandType = CommandType.StoredProcedure;
sqlCmd.Parameters.AddWithValue("Id_sotr", 0);
sqlCmd.Parameters.AddWithValue("Sost_sotr", "");
sqlCmd.Parameters.AddWithValue("I_sotr", txtName.Text.Trim());
sqlCmd.Parameters.AddWithValue("F_sotr", txtF.Text.Trim());
sqlCmd.Parameters.AddWithValue("O_sotr", txtO.Text.Trim());
sqlCmd.Parameters.AddWithValue("Mail_sotr", txtMail.Text.Trim());
sqlCmd.Parameters.AddWithValue("Staj_sotr", txtStaj.Text.Trim());
sqlCmd.Parameters.AddWithValue("Login_sotr", txtLogin.Text.Trim());
string CPass = Bcrypt.HashPassword(txtPass.Text, "$2a$11$fhmmGItQBp5ncDeCSnDPG/");
sqlCmd.Parameters.AddWithValue("Password_sotr", CPass);
sqlCmd.ExecuteNonQuery();
sqlcon.Close();
MaterialMessageBox.Show("Регистрация прошла успешно", "Поздравляем", MessageBoxButtons.OK);
Clear();
Auth auth = new Auth();
this.Hide();
auth.Show();
}
}
}
catch (Exception ex)
{
MaterialMessageBox.Show(ex.Message, "Что-то пошло не так", MessageBoxButtons.OK);
}
}
public AccountResponse Create(CreateRequest model)
{
if (_context.Accounts.Any(x => x.Email == model.Email))
{
throw new AppException($"Email '{model.Email}' is already registered");
}
var account = _mapper.Map <Account>(model);
account.Created = DateTime.UtcNow;
account.Verified = DateTime.UtcNow;
account.PasswordHash = BC.HashPassword(model.Password);
_context.Accounts.Add(account);
_context.SaveChanges();
return(_mapper.Map <AccountResponse>(account));
}
public void ResetPassword(ResetPasswordRequest model)
{
var account = _context.Accounts.SingleOrDefault(x =>
x.ResetToken == model.Token &&
x.ResetTokenExpires > DateTime.UtcNow);
if (account == null)
{
throw new AppException("Invalid token");
}
account.PasswordHash = BC.HashPassword(model.Password);
account.PasswordReset = DateTime.UtcNow;
account.ResetToken = null;
account.ResetTokenExpires = null;
_context.Accounts.Update(account);
_context.SaveChanges();
}
private void btnLogin_Click(object sender, EventArgs e)
{
SqlConnection sqlcon = new SqlConnection(@"Data Source=MAHNO;Initial Catalog=PlanBadmin;" + "Integrated Security=true;");
string CPass = Bcrypt.HashPassword(txtPassword.Text, "$2a$11$fhmmGItQBp5ncDeCSnDPG/");
string query = "Select * from Admin Where Login ='******' and Password = '******'";
SqlDataAdapter sda = new SqlDataAdapter(query, sqlcon);
DataTable dtbl = new DataTable();
sda.Fill(dtbl);
if (dtbl.Rows.Count == 1)
{
Main main = new Main();
this.Hide();
main.Show();
}
else
{
MessageBox.Show("Перепроверьте введеный вами логин и пароль");
}
}
public AccountResponse Update(int id, UpdateRequest model)
{
var account = getAccount(id);
if (account.Email != model.Email && _context.Accounts.Any(x => x.Email == model.Email))
{
throw new AppException($"Email '{model.Email}' is already taken");
}
if (!string.IsNullOrEmpty(model.Password))
{
account.PasswordHash = BC.HashPassword(model.Password);
}
_mapper.Map(model, account);
account.Updated = DateTime.UtcNow;
_context.Accounts.Update(account);
_context.SaveChanges();
return(_mapper.Map <AccountResponse>(account));
}
public async Task <Response <string> > ResetPasswordAsync(ResetPasswordRequest request)
{
var user = await _userRepository.FindAsync(x =>
x.ResetToken == request.Token &&
x.ResetTokenExpires > DateTime.UtcNow);
if (user == null)
{
throw new ApiException("Invalid token");
}
// update password and remove reset token
user.Password = BC.HashPassword(request.Password);
user.PasswordReset = DateTime.UtcNow;
user.ResetToken = null;
user.ResetTokenExpires = null;
await _userRepository.UpdateAsync(user);
return(new Response <string>(user.Email, "Password Resetted."));
}
public void Register(RegisterRequest model, string origin)
{
if (_context.Accounts.Any(x => x.Email == model.Email))
{
sendAlreadyRegisteredEmail(model.Email, origin);
return;
}
var account = _mapper.Map <Account>(model);
var isFirstAccount = _context.Accounts.Count() == 0;
account.Created = DateTime.UtcNow;
account.VerificationToken = randomTokenString();
account.PasswordHash = BC.HashPassword(model.Password);
_context.Accounts.Add(account);
_context.SaveChanges();
sendVerificationEmail(account, origin);
}
//Обработка кнопки "Войти"
private void BtnLogin_Click_1(object sender, EventArgs e)
{
try
{
LogUser = txtLogin.Text.Trim();
sqlcon.Open();
string CPass = Bcrypt.HashPassword(txtPassword.Text, "$2a$11$fhmmGItQBp5ncDeCSnDPG/");
string query = "SELECT * FROM Sotr WHERE Login_sotr = '" + txtLogin.Text.Trim() + "' and Password_sotr = '" + CPass.Remove(50, 10) + "'";
SqlDataAdapter sda = new SqlDataAdapter(query, sqlcon);
DbConnector dbConnector = new DbConnector();
SqlCommand sqlCommand = new SqlCommand("SELECT Id_sotr FROM dbo.Sotr where Login_sotr = 'zzzador4'", sqlcon);
DataTable dtbl = new DataTable();
sda.Fill(dtbl);
if (dtbl.Rows.Count == 1)
{
Program.IsAdmin = txtLogin.Text.Trim();
Main main = new Main();
Program.UserId = (int)sqlCommand.ExecuteScalar();
this.Hide();
main.Show();
}
else
{
MaterialMessageBox.Show("Перепроверьте введенный вами логин и пароль", "Упс... Что-то пошло не так", MessageBoxButtons.OK);
}
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
finally
{
sqlcon.Close();
}
}
/// <summary>
/// Hash a password using the OpenBSD bcrypt scheme.
/// </summary>
/// <param name="password">The password to hash.</param>
/// <param name="salt">The salt to hash with (perhaps generated
/// using <c>BCrypt.GenerateSalt</c>).</param>
/// <returns>The hashed password.</returns>
public static string HashPassword(string password, string salt)
{
if (password == null)
{
throw new ArgumentNullException("password");
}
if (salt == null)
{
throw new ArgumentNullException("salt");
}
char minor = (char)0;
if (salt[0] != '$' || salt[1] != '2')
{
throw new ArgumentException("Invalid salt version");
}
int offset;
if (salt[1] != '$')
{
minor = salt[2];
if (minor != 'a' || salt[3] != '$')
{
throw new ArgumentException("Invalid salt revision");
}
offset = 4;
}
else
{
offset = 3;
}
// Extract number of rounds
if (salt[offset + 2] > '$')
{
throw new ArgumentException("Missing salt rounds");
}
int rounds = Int32.Parse(salt.Substring(offset, 2), NumberFormatInfo.InvariantInfo);
byte[] passwordBytes = Encoding.UTF8.GetBytes(password + (minor >= 'a' ? "\0" : String.Empty));
byte[] saltBytes = DecodeBase64(salt.Substring(offset + 3, 22),
BCRYPT_SALT_LEN);
BCrypt bcrypt = new BCrypt();
byte[] hashed = bcrypt.CryptRaw(passwordBytes, saltBytes, rounds);
StringBuilder rs = new StringBuilder();
rs.Append("$2");
if (minor >= 'a')
{
rs.Append(minor);
}
rs.Append('$');
if (rounds < 10)
{
rs.Append('0');
}
rs.Append(rounds);
rs.Append('$');
rs.Append(EncodeBase64(saltBytes, saltBytes.Length));
rs.Append(EncodeBase64(hashed,
(bf_crypt_ciphertext.Length * 4) - 1));
return(rs.ToString());
}
/// <summary>Hash a password using the OpenBSD bcrypt scheme.</summary>
/// <exception cref="ArgumentException">Thrown when one or more arguments have unsupported or
/// illegal values.</exception>
/// <param name="input">The password to hash.</param>
/// <param name="salt"> the salt to hash with (perhaps generated using BCrypt.gensalt).</param>
/// <returns>The hashed password</returns>
public static string HashPassword(string input, string salt)
{
if (input == null)
{
throw new ArgumentNullException(nameof(input));
}
if (string.IsNullOrEmpty(salt))
{
throw new ArgumentException("Invalid salt", nameof(salt));
}
// Determinthe starting offset and validate the salt
int startingOffset;
var minor = (char)0;
if (salt[0] != '$' || salt[1] != '2')
{
throw new SaltParseException("Invalid salt version");
}
if (salt[2] == '$')
{
startingOffset = 3;
}
else
{
minor = salt[2];
if (!(minor == 'a' || minor == 'b' || minor == 'x' || minor == 'y') || salt[3] != '$')
{
throw new SaltParseException("Invalid salt revision");
}
startingOffset = 4;
}
// Extract number of rounds
if (salt[startingOffset + 2] > '$')
{
throw new SaltParseException("Missing salt rounds");
}
// Extract details from salt
var logRounds = Convert.ToInt32(salt.Substring(startingOffset, 2));
var extractedSalt = salt.Substring(startingOffset + 3, 22);
var inputBytes = Encoding.UTF8.GetBytes((input + (minor >= 'a' ? "\0" : "")));
var saltBytes = DecodeBase64(extractedSalt, BcryptSaltLen);
var bCrypt = new BCrypt();
var hashed = bCrypt.CryptRaw(inputBytes, saltBytes, logRounds);
// Generate result string
var result = new StringBuilder();
result.Append("$2");
if (minor >= 'a')
{
result.Append(minor);
}
result.AppendFormat("${0:00}$", logRounds);
result.Append(EncodeBase64(saltBytes, saltBytes.Length));
result.Append(EncodeBase64(hashed, (BfCryptCiphertext.Length * 4) - 1));
return(result.ToString());
}
/// <summary>Hash a password using the OpenBSD BCrypt scheme.</summary>
/// <exception cref="ArgumentException">Thrown when one or more arguments have unsupported or illegal values.</exception>
/// <param name="inputKey">The password or string to hash.</param>
/// <param name="salt"> the salt to hash with (best generated using BCrypt.gensalt).</param>
/// <param name="enhancedEntropy">Set to true,the string will undergo SHA384 hashing to make use of available entropy prior to bcrypt hashing</param>
/// <returns>The hashed password</returns>
/// <exception cref="SaltParseException">Thrown when the <paramref name="salt"/> could not pe parsed.</exception>
public static string HashPassword(string inputKey, string salt, bool enhancedEntropy)
{
if (inputKey == null)
{
throw new ArgumentNullException(nameof(inputKey));
}
if (string.IsNullOrEmpty(salt))
{
throw new ArgumentException("Invalid salt", nameof(salt));
}
// Determine the starting offset and validate the salt
int startingOffset;
char minor = (char)0;
if (salt[0] != '$' || salt[1] != '2')
{
throw new SaltParseException("Invalid salt version");
}
else if (salt[2] == '$')
{
startingOffset = 3;
}
else
{
minor = salt[2];
if (minor != 'a' && minor != 'b' && minor != 'x' && minor != 'y' || salt[3] != '$')
{
throw new SaltParseException("Invalid salt revision");
}
startingOffset = 4;
}
// Extract number of rounds
if (salt[startingOffset + 2] > '$')
{
throw new SaltParseException("Missing salt rounds");
}
// Extract details from salt
int workFactor = Convert.ToInt16(salt.Substring(startingOffset, 2));
// Throw if log rounds are out of range on hash, deals with custom salts
if (workFactor < 1 || workFactor > 31)
{
throw new SaltParseException("Salt rounds out of range");
}
string extractedSalt = salt.Substring(startingOffset + 3, 22);
byte[] inputBytes = SafeUTF8.GetBytes(inputKey + (minor >= 'a' ? Nul : EmptyString));
if (enhancedEntropy)
{
inputBytes = SHA384.Create().ComputeHash(inputBytes);
}
byte[] saltBytes = DecodeBase64(extractedSalt, BCryptSaltLen);
BCrypt bCrypt = new BCrypt();
byte[] hashed = bCrypt.CryptRaw(inputBytes, saltBytes, workFactor);
// Generate result string
StringBuilder result = new StringBuilder();
result.AppendFormat("$2{1}${0:00}$", workFactor, minor);
result.Append(EncodeBase64(saltBytes, saltBytes.Length));
result.Append(EncodeBase64(hashed, (BfCryptCiphertext.Length * 4) - 1));
return(result.ToString());
}
/// <summary>Hash a password using the OpenBSD bcrypt scheme.</summary>
/// <exception cref="ArgumentException">Thrown when one or more arguments have unsupported or
/// illegal values.</exception>
/// <param name="input">The password to hash.</param>
/// <param name="salt"> the salt to hash with (perhaps generated using BCrypt.gensalt).</param>
/// <returns>The hashed password</returns>
public static string HashPassword(string input, string salt)
{
if (input == null)
throw new ArgumentNullException("input");
if (string.IsNullOrEmpty(salt))
throw new ArgumentException("Invalid salt", "salt");
// Determinthe starting offset and validate the salt
int startingOffset;
char minor = (char)0;
if (salt[0] != '$' || salt[1] != '2')
throw new SaltParseException("Invalid salt version");
if (salt[2] == '$')
startingOffset = 3;
else
{
minor = salt[2];
if (minor != 'a' || salt[3] != '$')
throw new SaltParseException("Invalid salt revision");
startingOffset = 4;
}
// Extract number of rounds
if (salt[startingOffset + 2] > '$')
throw new SaltParseException("Missing salt rounds");
// Extract details from salt
int logRounds = Convert.ToInt32(salt.Substring(startingOffset, 2));
string extractedSalt = salt.Substring(startingOffset + 3, 22);
byte[] inputBytes = Encoding.UTF8.GetBytes((input + (minor >= 'a' ? "\0" : "")));
byte[] saltBytes = DecodeBase64(extractedSalt, BCRYPT_SALT_LEN);
BCrypt bCrypt = new BCrypt();
byte[] hashed = bCrypt.CryptRaw(inputBytes, saltBytes, logRounds);
// Generate result string
StringBuilder result = new StringBuilder();
result.Append("$2");
if (minor >= 'a')
result.Append(minor);
result.AppendFormat("${0:00}$", logRounds);
result.Append(EncodeBase64(saltBytes, saltBytes.Length));
result.Append(EncodeBase64(hashed, (_BfCryptCiphertext.Length * 4) - 1));
return result.ToString();
}
