public RegisterUserCode HashClearTextPassword(string UserName)
{
BorrowerDAL dal = new BorrowerDAL(_connection);
Borrower b = dal.BorrowerFindByName(UserName);
if (b == null)
{
return(RegisterUserCode.UserNameNotFound);
}
BorrowerSecuredDAL sdal = new BorrowerSecuredDAL(_connection);
BorrowerSecured sb = sdal.BorrowerSecuredFindByID(b.BorrowerID);
if (sb == null)
{
return(RegisterUserCode.SecuredDataNotFound);
}
// when using cleartext the SALT Field contains "ClearText" instead of salt
// the cleartext password in in HASH
if (sb.Salt == "ClearText")
{
string salt = System.Web.Helpers.Crypto.GenerateSalt(20);
// when using cleartext, the HASH field contains the cleartext password
string pw = sb.Hash + salt;
string hash = System.Web.Helpers.Crypto.HashPassword(pw);
sdal.BorrowerSecuredUpdateJust(b.BorrowerID, hash, salt);
}
else
{
return(RegisterUserCode.SecuredAlready);
}
return(RegisterUserCode.Success);
}
public RegisterUserCode RegisterUser(string UserName, string EMail,
DateTime DOB, string Password)
{
BorrowerDAL dal = new BorrowerDAL(_connection);
Borrower theBorrower = dal.BorrowerFindByName(UserName);
if (theBorrower != null)
{
return(RegisterUserCode.UserNameExists);
}
theBorrower = dal.BorrowerFindByEmail(EMail);
if (theBorrower != null)
{
return(RegisterUserCode.EMailExists);
}
int BorrowerID = dal.BorrowerCreate(UserName, EMail, DOB, MagicConstants.DefaultRole);
BorrowerSecuredDAL securedDal = new BorrowerSecuredDAL(_connection);
string salt = System.Web.Helpers.Crypto.GenerateSalt(20);
string hashed = System.Web.Helpers.Crypto.HashPassword(Password + salt);
securedDal.BorrowerSecuredUpdateJust(BorrowerID, hashed, salt);
return(RegisterUserCode.Success);
}