Esempio n. 1
0
        /// <summary>
        /// Log user in with a provided cryptographic token, used for "keep me logged in" purposes
        /// </summary>
        /// <param name="CryptographicToken"></param>
        /// <returns></returns>
        public static bool CrypticTokenLogin(string username, string cryptographicToken)
        {
            int userID = GetUserID(username);

            if (userID == -1)
            {
                return(false);
            }
            List <string> userData = ServerCommunication.GetRowFromID("Users", userID, new List <string>()
            {
                "Name", "Salt", "Permission", "CryptoToken"
            });
            string providedToken    = SecurityManager.DecryptDatabaseData("CryptoToken", cryptographicToken);
            string encProvidedToken = SecurityManager.OneWayEncryptor(providedToken, userData[1]);

            if (encProvidedToken == userData[3])
            {
                LoggedIn = true;
                //Set client information
                SetClientData(userID, username, userData[0], Convert.ToInt32(userData[1]));
                return(true);
            }
            else
            {
                return(false);
            }
        }
Esempio n. 2
0
        /// <summary>
        /// Log in to the application, verifies users credentials
        /// </summary>
        /// <param name="username"></param>
        /// <param name="password"></param>
        /// <param name="stayLoggedIn"></param>
        /// <returns></returns>
        public static bool Login(string username, string password, bool stayLoggedIn = false)
        {
            int userID = GetUserID(username);

            if (userID == -1)
            {
                return(false);
            }
            //ID has been found, now check if password matches
            List <string> userData = ServerCommunication.GetRowFromID("Users", userID, new List <string>()
            {
                "Name", "Password", "Salt", "Permission"
            });
            string pass = userData[1];
            string salt = SecurityManager.DecryptDatabaseData("Salt", userData[2]);

            if (SecurityManager.ValidatePassword(password, pass, salt))
            {
                LoggedIn = true;
                //Set client information
                int permLevel = SecurityManager.GetPermissionLevel(SecurityManager.DecryptDatabaseData("Permission", userData[3]));
                SetClientData(userID, username, userData[0], permLevel);
            }
            else
            {
                return(false);
            }

            if (stayLoggedIn)
            {
                SetNewCryptographicToken(salt);
            }
            return(true);
        }