public bool IsUserAuthorized(string userId, string password, out UserRequest userIdentity)
{
var loggedInUser = _dataAccess.GetLoggedInUser(userId);
userIdentity = new UserRequest()
{
FirstName = loggedInUser.FirstName,
LastName = loggedInUser.LastName,
UserId = loggedInUser.UserId,
CustomerId = loggedInUser.CustomerId,
UserRole = loggedInUser.userrole.UserRoleName
};
if (loggedInUser == null)
{
return(false);
}
var passCrypto = new PasswordCryptography();
if (loggedInUser.PasswordHash.Equals(passCrypto.GetPasswordHash(Guid.Parse(loggedInUser.Salt), password)))
{
return(true);
}
return(false);
}
private void HandlePacket(byte[] received)
{
ushort packetLength = BitConverter.ToUInt16(received, 0),
packetId = BitConverter.ToUInt16(received, 2);
switch (packetId)
{
case 1086:
{
string IP = (Socket?.RemoteEndPoint as System.Net.IPEndPoint).Address.ToString();
Account = MsgAccountSRP6Ex.Deserialize(received);
var tableInfo = new Tables.Accounts(Account.Username);
if (!tableInfo.Found)
{
Send(MsgConnectEx.Rejected(MsgConnectEx.RejectionCode.InvalidInfo));
return;
}
string enc = PasswordCryptography.EncryptPassword(tableInfo.Password);
if (Account.Password != enc)
{
Send(MsgConnectEx.Rejected(MsgConnectEx.RejectionCode.InvalidInfo));
Console.WriteLine($"[{IP}] {Account.Username} --> INVALID ON [{Account.Server}].");
return;
}
if (!Servers.ServersTable.ContainsKey(Account.Server))
{
Console.WriteLine($"[{IP}] {Account.Username} --> [{Account.Server}] INVALID SERVER.");
Send(MsgConnectEx.Rejected(MsgConnectEx.RejectionCode.ServersNotConfigured));
return;
}
var server = Servers.ServersTable.Where(e => e.Key == Account.Server).SingleOrDefault().Value;
if (!tableInfo.UIDS.ContainsKey(server.ID))
{
uint lastuid = 0;
while (lastuid == 0)
{
lastuid = (uint)Config.GetLastUID();
}
tableInfo.UIDS.Add(server.ID, lastuid); // Gets the next UID
Console.WriteLine($"[UID] [{lastuid}] created for user : {Account.Username} .");
}
Send(
MsgConnectEx.Verified(tableInfo.UIDS.Where(e => e.Key == server.ID).SingleOrDefault().Value,
server.IP, server.Port));
tableInfo.IPAddress = IP;
tableInfo.FinalizeLogin(); // Save info to the database.
Console.WriteLine($"[{IP}] {Account.Username} is transfered to {Account.Server} status : {tableInfo.Role.ToString()}.");
break;
}
default:
{
Console.WriteLine($"Unknown packet-> Id: {packetId} Length: {packetLength}.");
break;
}
}
}
private void button1_Click(object sender, EventArgs e)
{
// Obtain the values typed into the text boxes
string[] obj = new string[8];
obj[0] = "\'" + txtFirstName.Text + "\'";
obj[1] = "\'" + txtLastName.Text + "\'";
obj[2] = "\'" + txtPosition.Text + "\'";
obj[3] = "\'" + txtIdNumber.Text + "\'";
obj[4] = "\'" + txtContactNumber.Text + "\'";
obj[5] = "\'" + txtAddress.Text + "\'";
obj[6] = "\'" + txtAddInformation.Text + "\'";
// Store the password safely encrypted
obj[7] = "\'" + PasswordCryptography.ComputeSha256Hash(txtPassword.Text) + "\'";
// Store the text input at text boxes into the Database
SqlQueryExecutor.InsertIntoTable("Staff", obj, "(First_Name, Last_Name, Position, Id_Number, Contact_Number, Address, Add_Information, Password_Hash)");
// Display a window confirming the process
MessageBox.Show("Staff added");
}
public void AddNewUser(UserRequest userRequest)
{
//Check if User already registered with same User-Id
var user = _dataAccess.GetLoggedInUser(userRequest.UserId);
if (user != null)
{
throw new DuplicateNameException("Customer already registered with this email-id");
}
var salt = Guid.NewGuid();
var userRole = _dataAccess.GetUserRole(userRequest.UserRole);
var passCrypto = new PasswordCryptography();
var passwordHash = passCrypto.GetPasswordHash(salt, userRequest.Password);
var newUser = new user()
{
UserId = userRequest.UserId,
UserRoleID = userRole.UserRoleID,
AddeddOn = DateTime.Now,
IsActive = true,
Salt = salt.ToString(),
PasswordHash = passwordHash,
FirstName = userRequest.FirstName,
LastName = userRequest.LastName,
CustomerId = userRequest.CustomerId,
userrole = userRole
};
_dataAccess.AddNewUser(newUser);
}
public void PrepareTest()
{
_passwordCryptography = new PasswordCryptography();
}
