private void NextPageHandler(object sender, MouseButtonEventArgs e) { Boolean isValidated = checkValidation(); string data = null; if (option1.IsChecked == true) { data = "a"; } if (option2.IsChecked == true) { data = "b"; } if (option3.IsChecked == true) { data = "c"; } if (option4.IsChecked == true) { data = "d"; } UserModel.UserModel currentUserModel = UserModel.UserModel.currentUserModel; currentUserModel.profile1 = data; UserModel.UserModel.currentUserModel = currentUserModel; if (isValidated == true) { CurrentPageModel currentClass = CurrentPageModel.getcurrentclass(); currentClass._currentPage = "1"; //Load the Saved Instance of the second page// Page page2 = CurrentPageModel.secondPage; if (page2 == null) { Page newPage = new Page2(); //this.NavigationService.Navigate(new Uri(@"\ProfilePages\ProfileCreationPage2.xaml", UriKind.RelativeOrAbsolute)); this.NavigationService.Navigate(newPage); } else { this.NavigationService.Navigate(page2); WpfApp1.NavigationControls.NavigationControls secondControl = (WpfApp1.NavigationControls.NavigationControls)CurrentPageModel.secondControl; secondControl.buttonManipulation(currentClass.currentpage); secondControl.PageNumber.Text = secondControl.currentPageNumber(currentClass.currentpage); } } else { MessageBox.Show("No option have been chosen. Please choose your option"); } //Save the Instance of the first page CurrentPageModel.firstPage = this; //Save the Instance of the first page controls CurrentPageModel.firstControl = page1Controls; }
public static UserModel retrieveUserFromDatabase(string userID) { ConnectionStringSettings conSettings = ConfigurationManager.ConnectionStrings["connString"]; string connectionString = conSettings.ConnectionString; String _userID = null; String _userPassword = null; String _userName = null; String _userEmail = null; String _userContact = null; String _userDOB = null; String _securityQ1 = null; String _securityQ1Ans = null; String _securityQ2 = null; String _securityQ2Ans = null; String _profile1Answer = null; String _profile2Answer = null; String _profile3Answer = null; String _profile4Answer = null; UserModel currentUser = null; SqlConnection con; SqlCommand cmd; SqlDataReader reader; con = new SqlConnection(connectionString); con.Open(); string choice = null; try { con = new SqlConnection(connectionString); con.Open(); cmd = new SqlCommand("SELECT * FROM [dbo].[test] where UserID = '" + userID + "'", con); reader = cmd.ExecuteReader(); List <String[]> myCollection = new List <string[]>(); while (reader.Read()) { _userID = reader.GetString(0); _userPassword = reader.GetString(1); _userName = reader.GetString(2); _userEmail = reader.GetString(3); _userContact = reader.GetString(4); _userDOB = reader.GetString(5); _securityQ1 = reader.GetString(6); _securityQ1Ans = reader.GetString(7); _securityQ2 = reader.GetString(8); _securityQ2Ans = reader.GetString(9); _profile1Answer = reader.GetString(10); _profile2Answer = reader.GetString(11); _profile3Answer = reader.GetString(12); _profile4Answer = reader.GetString(13); } Console.WriteLine(_userID + "|" + _userPassword + "|" + _userName + "|" + _userEmail + "|" + _userContact + "|" + _userDOB + "|" + _securityQ1 + "|" + _securityQ1Ans + "|" + _securityQ2 + "|" + _securityQ2Ans + "|" + _profile1Answer + "|" + _profile2Answer + "|" + _profile3Answer + "|" + _profile4Answer); currentUserModel = new UserModel( _userID, _userPassword, _userName, _userEmail, _userContact, _userDOB, _securityQ1, _securityQ1Ans, _securityQ2, _securityQ2Ans, _profile1Answer, _profile2Answer, _profile3Answer, _profile4Answer); } catch (Exception ex) { Console.WriteLine(ex.ToString()); } finally { con.Close(); } return(currentUserModel); }
private void ButtonNext_Click(object sender, RoutedEventArgs e) { PasswordTextBox.Password = GetSha512FromString(PasswordTextBox.Password); //MessageBox.Show(PasswordTextBox.Password); try { con = new SqlConnection(connectionString); con.Open(); cmd = new SqlCommand("select * from [dbo].[test] where UserID = '" + UserIDTextBox.Text + "' and Password = '******'", con); reader = cmd.ExecuteReader(); int count = 0; while (reader.Read()) { count += 1; Console.WriteLine(" | UserID : " + reader.GetString(0) + " | Password : "******" | Name : " + reader.GetString(2) + " | Email : " + reader.GetString(3) + " | ContactNo : " + reader.GetString(4)); } if (count == 1) { string userID = UserIDTextBox.Text; string[][] userList = checkUserEligibility(userID, connectionString); UserModel.UserModel.currentUserID = userID; string currentUser = UserModel.UserModel.currentUserID; //MessageBox.Show(currentUser + "is thios"); UserModel.UserModel um = UserModel.UserModel.retrieveUserFromDatabase(currentUser); Console.WriteLine(um.userPassword); string checkForFollowUp = UserModel.UserModel.checkFollowUp(userID, connectionString); (App.Current as App).LoginUserID = UserIDTextBox.Text; try { con = new SqlConnection(connectionString); con.Open(); cmd = new SqlCommand("select count(*) from [dbo].[FailedAttempt] where UserID = '" + UserIDTextBox.Text + "'", con); Int32 noOfFailedLoginAttempt = (Int32)cmd.ExecuteScalar(); //MessageBox.Show(noOfFailedLoginAttempt.ToString() + " unsuccessful login attempt(s)"); if (noOfFailedLoginAttempt > 3) { MessageBox.Show("Account is locked , please complete TWO FA"); string subject = "Authentication Message"; string subjectBody = "Authentication Code is "; UserModel.UserModel cm = UserModel.UserModel.currentUserModel; string email = cm.userEmail; UserModel.UserModel.do2fa(subject, subjectBody, email); Page authentication1 = new Authentication1(); this.NavigationService.Navigate(authentication1); } else { if (checkForFollowUp == "True") { //MessageBox.Show("Account is locked , please complete TWO FA"); string subject = "Authentication Message"; string subjectBody = "Authentication Code is "; UserModel.UserModel cm = UserModel.UserModel.currentUserModel; string email = cm.userEmail; UserModel.UserModel.do2fa(subject, subjectBody, email); Page authentication = new Authentication(); this.NavigationService.Navigate(authentication); } else { //MessageBox.Show("Account not locked."); if (userList.Count() < 30) { string date = AlgorithmLibary.PredictionModel.getCurrentDate(); string loginTime = DateTime.Now.ToString("HH.mm"); string publicIP = PredictionModel.getCurrentPublicIP(); string publicMAC = PredictionModel.getCurrentMAC(); string userLogInPreference = getUserLogInPreference(userID, connectionString); string userComputerPreference = getUserComputerPreference(userID, connectionString); //The method below is supposed to read from the database all the entries of hostname for this specific user string[] currentHostnameSet = getUserHostNameSet(userID, connectionString); foreach (var element in currentHostnameSet) { Console.WriteLine(element + "JADSjc"); } //string[] currentHostnameSet = //{ // "JUSTINSOH-PC", // "JUSTINSOH-PC", // "JUSTINSOH-PC", // "JUSTINSOH-PCC", // "JUSTINSOH-PCC", // "JUSTINSOH-PCC", //}; double logInRisk = evaulateUserLogInString(userLogInPreference, loginTime); double userHostRisk = evaulateUserComputerPreference(userComputerPreference, currentHostnameSet); logInRisk = logInRisk * 0.3; userHostRisk = userHostRisk * 0.7; double totalRisk = logInRisk + userHostRisk; Console.WriteLine(userHostRisk + " HOSTNAME"); Console.WriteLine(logInRisk + "LOG IN RISK"); Console.WriteLine(totalRisk); string riskStatement = null; string riskStatementLevel = null; if (totalRisk <= 0.4) { riskStatementLevel = "Low"; riskStatement = "The risk level is low"; UserModel.UserModel.saveDateTimeOfUser(userID, connectionString, loginTime, date, publicIP, publicMAC); Page cloud = new StartupPage(); this.NavigationService.Navigate(cloud); } // Removing access control and giving access control else if (totalRisk <= 0.70) { riskStatementLevel = "Medium"; riskStatement = "The risk level is medium"; Page cloud = new StartupPage(); UserModel.UserModel.saveDateTimeOfUser(userID, connectionString, loginTime, date, publicIP, publicMAC); //MessageBox.Show("Entry Saved"); //UserModel.UserModel.deleteDateTimeOfUser(userID, connectionString, loginTime, date); //MessageBox.Show("Entry Deleted"); this.NavigationService.Navigate(cloud); //Remove Access Control } //Instantly Re authenticate else if (totalRisk > 0.70) { riskStatementLevel = "High"; riskStatement = "The risk level is high"; string subject = "Authentication Message"; string subjectBody = "Authentication Code is "; UserModel.UserModel cm = UserModel.UserModel.currentUserModel; Console.WriteLine(cm.userName + "Hellolols"); string email = cm.userEmail; UserModel.UserModel.do2fa(subject, subjectBody, email); Page authentication = new Authentication(); this.NavigationService.Navigate(authentication); MessageBox.Show("2FA has been sent to your email"); } PredictionModel.SessionRiskValue = riskStatementLevel; Console.WriteLine(riskStatement); MessageBox.Show(riskStatement); } else if (userList.Count() >= 30) { //Run the login prediction string date = AlgorithmLibary.PredictionModel.getCurrentDate(); string loginTime = DateTime.Now.ToString("HH.mm"); string publicIP = PredictionModel.getCurrentPublicIP(); string publicMAC = PredictionModel.getCurrentMAC(); string[][] logInCollection = getUserLogInData(userID, connectionString); double testTime = Convert.ToDouble(loginTime); double testDay = Convert.ToDouble(date); PredictionModel logInPredictionModel = new PredictionModel(testTime, testDay, logInCollection); string logInRiskLevel = logInPredictionModel.logInRisk; string logInOutput = logInPredictionModel.logInOutput; Console.WriteLine(logInOutput); Console.WriteLine("The risk level is " + logInRiskLevel); string[][] ipAddressCollection = getUserIPAddressCollection(userID, connectionString); Console.Write(ipAddressCollection.Count()); string[] query = new string[] { publicIP, publicMAC, date }; PredictionModel ipPredictionModel = new PredictionModel(ipAddressCollection, query); string ipRisk = ipPredictionModel.ipRisk; string ipOutput = ipPredictionModel.ipOutput; Console.WriteLine(ipOutput); double logInPercentage = Convert.ToDouble(logInRiskLevel) / 5.0; double ipPercentage = Convert.ToDouble(ipRisk); logInPercentage = (logInPercentage / 100) * 30; ipPercentage = (ipPercentage / 100) * 70; double riskLevel = logInPercentage + ipPercentage; Console.WriteLine(logInPercentage); Console.WriteLine(ipRisk); Console.WriteLine(riskLevel); string riskStatement = null; string riskStatementLevel = null; //Can do anything if (riskLevel <= 0.4) { riskStatementLevel = "Low"; riskStatement = "The risk level is low"; UserModel.UserModel.saveDateTimeOfUser(userID, connectionString, loginTime, date, publicIP, publicMAC); //Navigate To Chester Page cloud = new StartupPage(); this.NavigationService.Navigate(cloud); } // Removing access control and giving access control else if (riskLevel <= 0.70) { riskStatementLevel = "Medium"; riskStatement = "The risk level is medium"; Page cloud = new StartupPage(); UserModel.UserModel.saveDateTimeOfUser(userID, connectionString, loginTime, date, publicIP, publicMAC); //MessageBox.Show("Entry Saved"); //UserModel.UserModel.deleteDateTimeOfUser(userID, connectionString, loginTime, date); //MessageBox.Show("Entry Deleted"); this.NavigationService.Navigate(cloud); //Remove Access Control } //Instantly Re authenticate else if (riskLevel > 0.70) { riskStatementLevel = "High"; riskStatement = "The risk level is high"; //Do 2FA string subject = "Authentication Message"; string subjectBody = "Authentication Code is "; UserModel.UserModel cm = UserModel.UserModel.currentUserModel; string email = cm.userEmail; UserModel.UserModel.do2fa(subject, subjectBody, email); Page authentication = new Authentication(); this.NavigationService.Navigate(authentication); MessageBox.Show("2FA has been sent to your email"); } PredictionModel.SessionRiskValue = riskStatementLevel; Console.WriteLine("The current Risk Level is " + riskLevel); Console.WriteLine(riskStatement); MessageBox.Show(riskStatement); } } (App.Current as App).LoginUserID = UserIDTextBox.Text; //MessageBox.Show("Successful Login."); //this.NavigationService.Navigate(new Uri(@"EditUserInfo.xaml", UriKind.RelativeOrAbsolute)); } } catch (Exception ex) { System.Windows.MessageBox.Show(ex.Message); } finally { con.Close(); } } else { MessageBox.Show("Invalid user id or password."); try { con = new SqlConnection(connectionString); con.Open(); cmd = new SqlCommand("select * from [dbo].[test] where UserID = '" + UserIDTextBox.Text + "'", con); reader = cmd.ExecuteReader(); int countt = 0; while (reader.Read()) { countt += 1; } if (countt == 1) { try { con = new SqlConnection(connectionString); con.Open(); cmd = new SqlCommand("INSERT INTO[dbo].[FailedAttempt](UserID, Date) VALUES (@UserID, @Date)", con); cmd.Parameters.AddWithValue("@UserID", UserIDTextBox.Text); cmd.Parameters.AddWithValue("@Date", DateTime.Now.ToShortDateString()); cmd.ExecuteNonQuery(); try { con = new SqlConnection(connectionString); con.Open(); cmd = new SqlCommand("select count(*) from [dbo].[FailedAttempt] where UserID = '" + UserIDTextBox.Text + "'", con); Int32 noOfFailedLoginAttempt = (Int32)cmd.ExecuteScalar(); MessageBox.Show(noOfFailedLoginAttempt.ToString() + " unsuccessful login attempt(s)"); } catch (Exception ex) { System.Windows.MessageBox.Show(ex.Message); } finally { con.Close(); } } catch (Exception ex) { System.Windows.MessageBox.Show(ex.Message); } finally { con.Close(); } } } catch (Exception ex) { System.Windows.MessageBox.Show(ex.Message); } finally { con.Close(); } } UserIDTextBox.Clear(); PasswordTextBox.Clear(); } catch (Exception ex) { System.Windows.MessageBox.Show(ex.Message); } finally { con.Close(); } }