private void NextPageHandler(object sender, MouseButtonEventArgs e)
{
Boolean isValidated = checkValidation();
string data = null;
if (option1.IsChecked == true)
{
data = "a";
}
if (option2.IsChecked == true)
{
data = "b";
}
if (option3.IsChecked == true)
{
data = "c";
}
if (option4.IsChecked == true)
{
data = "d";
}
UserModel.UserModel currentUserModel = UserModel.UserModel.currentUserModel;
currentUserModel.profile1 = data;
UserModel.UserModel.currentUserModel = currentUserModel;
if (isValidated == true)
{
CurrentPageModel currentClass = CurrentPageModel.getcurrentclass();
currentClass._currentPage = "1";
//Load the Saved Instance of the second page//
Page page2 = CurrentPageModel.secondPage;
if (page2 == null)
{
Page newPage = new Page2();
//this.NavigationService.Navigate(new Uri(@"\ProfilePages\ProfileCreationPage2.xaml", UriKind.RelativeOrAbsolute));
this.NavigationService.Navigate(newPage);
}
else
{
this.NavigationService.Navigate(page2);
WpfApp1.NavigationControls.NavigationControls secondControl = (WpfApp1.NavigationControls.NavigationControls)CurrentPageModel.secondControl;
secondControl.buttonManipulation(currentClass.currentpage);
secondControl.PageNumber.Text = secondControl.currentPageNumber(currentClass.currentpage);
}
}
else
{
MessageBox.Show("No option have been chosen. Please choose your option");
}
//Save the Instance of the first page
CurrentPageModel.firstPage = this;
//Save the Instance of the first page controls
CurrentPageModel.firstControl = page1Controls;
}
public static UserModel retrieveUserFromDatabase(string userID)
{
ConnectionStringSettings conSettings = ConfigurationManager.ConnectionStrings["connString"];
string connectionString = conSettings.ConnectionString;
String _userID = null;
String _userPassword = null;
String _userName = null;
String _userEmail = null;
String _userContact = null;
String _userDOB = null;
String _securityQ1 = null;
String _securityQ1Ans = null;
String _securityQ2 = null;
String _securityQ2Ans = null;
String _profile1Answer = null;
String _profile2Answer = null;
String _profile3Answer = null;
String _profile4Answer = null;
UserModel currentUser = null;
SqlConnection con;
SqlCommand cmd;
SqlDataReader reader;
con = new SqlConnection(connectionString);
con.Open();
string choice = null;
try
{
con = new SqlConnection(connectionString);
con.Open();
cmd = new SqlCommand("SELECT * FROM [dbo].[test] where UserID = '" + userID + "'", con);
reader = cmd.ExecuteReader();
List <String[]> myCollection = new List <string[]>();
while (reader.Read())
{
_userID = reader.GetString(0);
_userPassword = reader.GetString(1);
_userName = reader.GetString(2);
_userEmail = reader.GetString(3);
_userContact = reader.GetString(4);
_userDOB = reader.GetString(5);
_securityQ1 = reader.GetString(6);
_securityQ1Ans = reader.GetString(7);
_securityQ2 = reader.GetString(8);
_securityQ2Ans = reader.GetString(9);
_profile1Answer = reader.GetString(10);
_profile2Answer = reader.GetString(11);
_profile3Answer = reader.GetString(12);
_profile4Answer = reader.GetString(13);
}
Console.WriteLine(_userID + "|" + _userPassword + "|" + _userName + "|" + _userEmail + "|" + _userContact + "|" + _userDOB + "|" + _securityQ1 + "|" + _securityQ1Ans + "|" + _securityQ2 + "|" + _securityQ2Ans + "|" + _profile1Answer + "|" + _profile2Answer + "|" + _profile3Answer + "|" + _profile4Answer);
currentUserModel = new UserModel(
_userID, _userPassword, _userName, _userEmail, _userContact, _userDOB, _securityQ1, _securityQ1Ans, _securityQ2, _securityQ2Ans, _profile1Answer, _profile2Answer, _profile3Answer, _profile4Answer);
}
catch (Exception ex)
{
Console.WriteLine(ex.ToString());
}
finally
{
con.Close();
}
return(currentUserModel);
}
private void ButtonNext_Click(object sender, RoutedEventArgs e)
{
PasswordTextBox.Password = GetSha512FromString(PasswordTextBox.Password);
//MessageBox.Show(PasswordTextBox.Password);
try
{
con = new SqlConnection(connectionString);
con.Open();
cmd = new SqlCommand("select * from [dbo].[test] where UserID = '" + UserIDTextBox.Text + "' and Password = '******'", con);
reader = cmd.ExecuteReader();
int count = 0;
while (reader.Read())
{
count += 1;
Console.WriteLine(" | UserID : " + reader.GetString(0) + " | Password : "******" | Name : " + reader.GetString(2) + " | Email : " + reader.GetString(3) + " | ContactNo : " + reader.GetString(4));
}
if (count == 1)
{
string userID = UserIDTextBox.Text;
string[][] userList = checkUserEligibility(userID, connectionString);
UserModel.UserModel.currentUserID = userID;
string currentUser = UserModel.UserModel.currentUserID;
//MessageBox.Show(currentUser + "is thios");
UserModel.UserModel um = UserModel.UserModel.retrieveUserFromDatabase(currentUser);
Console.WriteLine(um.userPassword);
string checkForFollowUp = UserModel.UserModel.checkFollowUp(userID, connectionString);
(App.Current as App).LoginUserID = UserIDTextBox.Text;
try
{
con = new SqlConnection(connectionString);
con.Open();
cmd = new SqlCommand("select count(*) from [dbo].[FailedAttempt] where UserID = '" + UserIDTextBox.Text + "'", con);
Int32 noOfFailedLoginAttempt = (Int32)cmd.ExecuteScalar();
//MessageBox.Show(noOfFailedLoginAttempt.ToString() + " unsuccessful login attempt(s)");
if (noOfFailedLoginAttempt > 3)
{
MessageBox.Show("Account is locked , please complete TWO FA");
string subject = "Authentication Message";
string subjectBody = "Authentication Code is ";
UserModel.UserModel cm = UserModel.UserModel.currentUserModel;
string email = cm.userEmail;
UserModel.UserModel.do2fa(subject, subjectBody, email);
Page authentication1 = new Authentication1();
this.NavigationService.Navigate(authentication1);
}
else
{
if (checkForFollowUp == "True")
{
//MessageBox.Show("Account is locked , please complete TWO FA");
string subject = "Authentication Message";
string subjectBody = "Authentication Code is ";
UserModel.UserModel cm = UserModel.UserModel.currentUserModel;
string email = cm.userEmail;
UserModel.UserModel.do2fa(subject, subjectBody, email);
Page authentication = new Authentication();
this.NavigationService.Navigate(authentication);
}
else
{
//MessageBox.Show("Account not locked.");
if (userList.Count() < 30)
{
string date = AlgorithmLibary.PredictionModel.getCurrentDate();
string loginTime = DateTime.Now.ToString("HH.mm");
string publicIP = PredictionModel.getCurrentPublicIP();
string publicMAC = PredictionModel.getCurrentMAC();
string userLogInPreference = getUserLogInPreference(userID, connectionString);
string userComputerPreference = getUserComputerPreference(userID, connectionString);
//The method below is supposed to read from the database all the entries of hostname for this specific user
string[] currentHostnameSet = getUserHostNameSet(userID, connectionString);
foreach (var element in currentHostnameSet)
{
Console.WriteLine(element + "JADSjc");
}
//string[] currentHostnameSet =
//{
// "JUSTINSOH-PC",
// "JUSTINSOH-PC",
// "JUSTINSOH-PC",
// "JUSTINSOH-PCC",
// "JUSTINSOH-PCC",
// "JUSTINSOH-PCC",
//};
double logInRisk = evaulateUserLogInString(userLogInPreference, loginTime);
double userHostRisk = evaulateUserComputerPreference(userComputerPreference, currentHostnameSet);
logInRisk = logInRisk * 0.3;
userHostRisk = userHostRisk * 0.7;
double totalRisk = logInRisk + userHostRisk;
Console.WriteLine(userHostRisk + " HOSTNAME");
Console.WriteLine(logInRisk + "LOG IN RISK");
Console.WriteLine(totalRisk);
string riskStatement = null;
string riskStatementLevel = null;
if (totalRisk <= 0.4)
{
riskStatementLevel = "Low";
riskStatement = "The risk level is low";
UserModel.UserModel.saveDateTimeOfUser(userID, connectionString, loginTime, date, publicIP, publicMAC);
Page cloud = new StartupPage();
this.NavigationService.Navigate(cloud);
}
// Removing access control and giving access control
else if (totalRisk <= 0.70)
{
riskStatementLevel = "Medium";
riskStatement = "The risk level is medium";
Page cloud = new StartupPage();
UserModel.UserModel.saveDateTimeOfUser(userID, connectionString, loginTime, date, publicIP, publicMAC);
//MessageBox.Show("Entry Saved");
//UserModel.UserModel.deleteDateTimeOfUser(userID, connectionString, loginTime, date);
//MessageBox.Show("Entry Deleted");
this.NavigationService.Navigate(cloud);
//Remove Access Control
}
//Instantly Re authenticate
else if (totalRisk > 0.70)
{
riskStatementLevel = "High";
riskStatement = "The risk level is high";
string subject = "Authentication Message";
string subjectBody = "Authentication Code is ";
UserModel.UserModel cm = UserModel.UserModel.currentUserModel;
Console.WriteLine(cm.userName + "Hellolols");
string email = cm.userEmail;
UserModel.UserModel.do2fa(subject, subjectBody, email);
Page authentication = new Authentication();
this.NavigationService.Navigate(authentication);
MessageBox.Show("2FA has been sent to your email");
}
PredictionModel.SessionRiskValue = riskStatementLevel;
Console.WriteLine(riskStatement);
MessageBox.Show(riskStatement);
}
else if (userList.Count() >= 30)
{
//Run the login prediction
string date = AlgorithmLibary.PredictionModel.getCurrentDate();
string loginTime = DateTime.Now.ToString("HH.mm");
string publicIP = PredictionModel.getCurrentPublicIP();
string publicMAC = PredictionModel.getCurrentMAC();
string[][] logInCollection = getUserLogInData(userID, connectionString);
double testTime = Convert.ToDouble(loginTime);
double testDay = Convert.ToDouble(date);
PredictionModel logInPredictionModel = new PredictionModel(testTime, testDay, logInCollection);
string logInRiskLevel = logInPredictionModel.logInRisk;
string logInOutput = logInPredictionModel.logInOutput;
Console.WriteLine(logInOutput);
Console.WriteLine("The risk level is " + logInRiskLevel);
string[][] ipAddressCollection = getUserIPAddressCollection(userID, connectionString);
Console.Write(ipAddressCollection.Count());
string[] query = new string[] { publicIP, publicMAC, date };
PredictionModel ipPredictionModel = new PredictionModel(ipAddressCollection, query);
string ipRisk = ipPredictionModel.ipRisk;
string ipOutput = ipPredictionModel.ipOutput;
Console.WriteLine(ipOutput);
double logInPercentage = Convert.ToDouble(logInRiskLevel) / 5.0;
double ipPercentage = Convert.ToDouble(ipRisk);
logInPercentage = (logInPercentage / 100) * 30;
ipPercentage = (ipPercentage / 100) * 70;
double riskLevel = logInPercentage + ipPercentage;
Console.WriteLine(logInPercentage);
Console.WriteLine(ipRisk);
Console.WriteLine(riskLevel);
string riskStatement = null;
string riskStatementLevel = null;
//Can do anything
if (riskLevel <= 0.4)
{
riskStatementLevel = "Low";
riskStatement = "The risk level is low";
UserModel.UserModel.saveDateTimeOfUser(userID, connectionString, loginTime, date, publicIP, publicMAC);
//Navigate To Chester
Page cloud = new StartupPage();
this.NavigationService.Navigate(cloud);
}
// Removing access control and giving access control
else if (riskLevel <= 0.70)
{
riskStatementLevel = "Medium";
riskStatement = "The risk level is medium";
Page cloud = new StartupPage();
UserModel.UserModel.saveDateTimeOfUser(userID, connectionString, loginTime, date, publicIP, publicMAC);
//MessageBox.Show("Entry Saved");
//UserModel.UserModel.deleteDateTimeOfUser(userID, connectionString, loginTime, date);
//MessageBox.Show("Entry Deleted");
this.NavigationService.Navigate(cloud);
//Remove Access Control
}
//Instantly Re authenticate
else if (riskLevel > 0.70)
{
riskStatementLevel = "High";
riskStatement = "The risk level is high";
//Do 2FA
string subject = "Authentication Message";
string subjectBody = "Authentication Code is ";
UserModel.UserModel cm = UserModel.UserModel.currentUserModel;
string email = cm.userEmail;
UserModel.UserModel.do2fa(subject, subjectBody, email);
Page authentication = new Authentication();
this.NavigationService.Navigate(authentication);
MessageBox.Show("2FA has been sent to your email");
}
PredictionModel.SessionRiskValue = riskStatementLevel;
Console.WriteLine("The current Risk Level is " + riskLevel);
Console.WriteLine(riskStatement);
MessageBox.Show(riskStatement);
}
}
(App.Current as App).LoginUserID = UserIDTextBox.Text;
//MessageBox.Show("Successful Login.");
//this.NavigationService.Navigate(new Uri(@"EditUserInfo.xaml", UriKind.RelativeOrAbsolute));
}
}
catch (Exception ex)
{
System.Windows.MessageBox.Show(ex.Message);
}
finally
{
con.Close();
}
}
else
{
MessageBox.Show("Invalid user id or password.");
try
{
con = new SqlConnection(connectionString);
con.Open();
cmd = new SqlCommand("select * from [dbo].[test] where UserID = '" + UserIDTextBox.Text + "'", con);
reader = cmd.ExecuteReader();
int countt = 0;
while (reader.Read())
{
countt += 1;
}
if (countt == 1)
{
try
{
con = new SqlConnection(connectionString);
con.Open();
cmd = new SqlCommand("INSERT INTO[dbo].[FailedAttempt](UserID, Date) VALUES (@UserID, @Date)", con);
cmd.Parameters.AddWithValue("@UserID", UserIDTextBox.Text);
cmd.Parameters.AddWithValue("@Date", DateTime.Now.ToShortDateString());
cmd.ExecuteNonQuery();
try
{
con = new SqlConnection(connectionString);
con.Open();
cmd = new SqlCommand("select count(*) from [dbo].[FailedAttempt] where UserID = '" + UserIDTextBox.Text + "'", con);
Int32 noOfFailedLoginAttempt = (Int32)cmd.ExecuteScalar();
MessageBox.Show(noOfFailedLoginAttempt.ToString() + " unsuccessful login attempt(s)");
}
catch (Exception ex)
{
System.Windows.MessageBox.Show(ex.Message);
}
finally
{
con.Close();
}
}
catch (Exception ex)
{
System.Windows.MessageBox.Show(ex.Message);
}
finally
{
con.Close();
}
}
}
catch (Exception ex)
{
System.Windows.MessageBox.Show(ex.Message);
}
finally
{
con.Close();
}
}
UserIDTextBox.Clear();
PasswordTextBox.Clear();
}
catch (Exception ex)
{
System.Windows.MessageBox.Show(ex.Message);
}
finally
{
con.Close();
}
}
