private void btnChangePass_Click(object sender, EventArgs e)
{
try
{
var passDb = DBC.ExecuteQuery("SELECT \"password\" FROM \"APPUSER\" WHERE " +
$"username = '******';").Rows[0][0].ToString();
if (PasswordHashing.CheckPassword(txtActual.Text, passDb))
{
if (!txtNewPass.Text.Equals(txtNewPass2.Text))
{
MessageBox.Show(@"Las contraseñas nuevas no coinciden",
@"Error", MessageBoxButtons.OK,
MessageBoxIcon.Error, MessageBoxDefaultButton.Button1,
MessageBoxOptions.DefaultDesktopOnly);
}
else
{
var hashedNew = PasswordHashing.CreateHash(txtNewPass.Text);
var command = $"UPDATE \"APPUSER\" SET \"password\" = '{hashedNew}'" +
$" WHERE username = '******';";
DBC.ExecuteNonQuery(command);
MessageBox.Show(@"Contraseña actualizada", @"Completado",
MessageBoxButtons.OK,
MessageBoxIcon.Information, MessageBoxDefaultButton.Button1,
MessageBoxOptions.DefaultDesktopOnly);
}
}
else
{
MessageBox.Show(@"Su contraseña actual no es correcta", @"Error",
MessageBoxButtons.OK,
MessageBoxIcon.Error, MessageBoxDefaultButton.Button1,
MessageBoxOptions.DefaultDesktopOnly);
}
}
catch (Exception exception)
{
MessageBox.Show(exception.Message, @"Error",
MessageBoxButtons.OK,
MessageBoxIcon.Error, MessageBoxDefaultButton.Button1,
MessageBoxOptions.DefaultDesktopOnly);
}
finally
{
txtActual.Text = "";
txtActual_Leave(null, EventArgs.Empty);
txtNewPass.Text = "";
txtNewPass_Leave(null, EventArgs.Empty);
txtNewPass2.Text = "";
txtNewPass2_Leave(null, EventArgs.Empty);
}
}
public static User CheckLogIn(string username, string password)
{
var testUser = new User();
var query =
$"SELECT username, password, \"userType\", fullname FROM \"APPUSER\" WHERE username ='******'";
var dt = DBConnection.ExecuteQuery(query);
if (dt.Rows[0][0].ToString().Equals("") ||
!PasswordHashing.CheckPassword(password, dt.Rows[0][1].ToString()))
{
throw new InvalidCredentialsException("Usuario o contraseña inválidos.");
}
testUser.Username = username;
testUser.UserType = dt.Rows[0][2].ToString();
testUser.FullName = dt.Rows[0][3].ToString();
return(testUser);
}
