private void ForgotPassword3NextButton_Click(object sender, RoutedEventArgs e)
{
string selected_ForgotPasswordCode = UserModel.UserModel.twoFAcode;
UserModel.UserModel cm = UserModel.UserModel._currentUserModel;
string userID = cm.userID;
Console.WriteLine(userID + "TEICJASMCA");
if (ForgotPasswordCodeTextBox.Text == selected_ForgotPasswordCode)
{
MessageBox.Show("Correct!");
string date = AlgorithmLibary.PredictionModel.getCurrentDate();
string loginTime = DateTime.Now.ToString("HH.mm");
string publicIP = PredictionModel.getCurrentPublicIP();
string publicMAC = PredictionModel.getCurrentMAC();
Console.WriteLine(publicMAC + "HELLO");
UserModel.UserModel.saveDateTimeOfUser(userID, connectionString, loginTime, date, publicIP, publicMAC);
string exist = UserModel.UserModel.checkFollowUp(userID, connectionString);
SqlConnection con;
SqlCommand cmd;
string riskLevelStatement = null;
riskLevelStatement = "Low";
con = new SqlConnection(connectionString);
try
{
string connectionString = conSettings.ConnectionString;
con = new SqlConnection(connectionString);
con.Open();
cmd = new SqlCommand("DELETE FROM [dbo].[FailedAttempt] where UserID = '" + userID + "'", con);
cmd.ExecuteNonQuery();
}
catch (Exception ex)
{
System.Windows.MessageBox.Show(ex.Message);
}
finally
{
con.Close();
}
if (exist != null)
{
UserModel.UserModel.updateFollowUp(userID, connectionString, "False");
//Navigate to Chester page
//Page cloud = new StartupPage();
//this.NavigationService.Navigate(cloud);
}
else
{
UserModel.UserModel.saveFollowUp(userID, connectionString, "False");
//Navigate To chester page
//Page cloud = new StartupPage();
//this.NavigationService.Navigate(cloud);
}
PredictionModel.SessionRiskValue = riskLevelStatement;
UserModel.UserModel.twoFASucceed = true;
}
else
{
MessageBox.Show("Invalid code! Please Try Again");
counter++;
if (counter > 3)
{
MessageBox.Show("More than 3 Failed attempts! Account will be locked now!");
string exist = UserModel.UserModel.checkFollowUp(userID, connectionString);
UserModel.UserModel.deleteDateTimeOfUser(userID, connectionString, loginTime, date);
if (exist != null)
{
UserModel.UserModel.updateFollowUp(userID, connectionString, "True");
}
else
{
UserModel.UserModel.saveFollowUp(userID, connectionString, "True");
}
counter = 0;
UserModel.UserModel.twoFASucceed = false;
}
}
}
private void ButtonNext_Click(object sender, RoutedEventArgs e)
{
PasswordTextBox.Password = GetSha512FromString(PasswordTextBox.Password);
//MessageBox.Show(PasswordTextBox.Password);
try
{
con = new SqlConnection(connectionString);
con.Open();
cmd = new SqlCommand("select * from [dbo].[test] where UserID = '" + UserIDTextBox.Text + "' and Password = '******'", con);
reader = cmd.ExecuteReader();
int count = 0;
while (reader.Read())
{
count += 1;
Console.WriteLine(" | UserID : " + reader.GetString(0) + " | Password : "******" | Name : " + reader.GetString(2) + " | Email : " + reader.GetString(3) + " | ContactNo : " + reader.GetString(4));
}
if (count == 1)
{
string userID = UserIDTextBox.Text;
string[][] userList = checkUserEligibility(userID, connectionString);
UserModel.UserModel.currentUserID = userID;
string currentUser = UserModel.UserModel.currentUserID;
//MessageBox.Show(currentUser + "is thios");
UserModel.UserModel um = UserModel.UserModel.retrieveUserFromDatabase(currentUser);
Console.WriteLine(um.userPassword);
string checkForFollowUp = UserModel.UserModel.checkFollowUp(userID, connectionString);
(App.Current as App).LoginUserID = UserIDTextBox.Text;
try
{
con = new SqlConnection(connectionString);
con.Open();
cmd = new SqlCommand("select count(*) from [dbo].[FailedAttempt] where UserID = '" + UserIDTextBox.Text + "'", con);
Int32 noOfFailedLoginAttempt = (Int32)cmd.ExecuteScalar();
//MessageBox.Show(noOfFailedLoginAttempt.ToString() + " unsuccessful login attempt(s)");
if (noOfFailedLoginAttempt > 3)
{
MessageBox.Show("Account is locked , please complete TWO FA");
string subject = "Authentication Message";
string subjectBody = "Authentication Code is ";
UserModel.UserModel cm = UserModel.UserModel.currentUserModel;
string email = cm.userEmail;
UserModel.UserModel.do2fa(subject, subjectBody, email);
Page authentication1 = new Authentication1();
this.NavigationService.Navigate(authentication1);
}
else
{
if (checkForFollowUp == "True")
{
//MessageBox.Show("Account is locked , please complete TWO FA");
string subject = "Authentication Message";
string subjectBody = "Authentication Code is ";
UserModel.UserModel cm = UserModel.UserModel.currentUserModel;
string email = cm.userEmail;
UserModel.UserModel.do2fa(subject, subjectBody, email);
Page authentication = new Authentication();
this.NavigationService.Navigate(authentication);
}
else
{
//MessageBox.Show("Account not locked.");
if (userList.Count() < 30)
{
string date = AlgorithmLibary.PredictionModel.getCurrentDate();
string loginTime = DateTime.Now.ToString("HH.mm");
string publicIP = PredictionModel.getCurrentPublicIP();
string publicMAC = PredictionModel.getCurrentMAC();
string userLogInPreference = getUserLogInPreference(userID, connectionString);
string userComputerPreference = getUserComputerPreference(userID, connectionString);
//The method below is supposed to read from the database all the entries of hostname for this specific user
string[] currentHostnameSet = getUserHostNameSet(userID, connectionString);
foreach (var element in currentHostnameSet)
{
Console.WriteLine(element + "JADSjc");
}
//string[] currentHostnameSet =
//{
// "JUSTINSOH-PC",
// "JUSTINSOH-PC",
// "JUSTINSOH-PC",
// "JUSTINSOH-PCC",
// "JUSTINSOH-PCC",
// "JUSTINSOH-PCC",
//};
double logInRisk = evaulateUserLogInString(userLogInPreference, loginTime);
double userHostRisk = evaulateUserComputerPreference(userComputerPreference, currentHostnameSet);
logInRisk = logInRisk * 0.3;
userHostRisk = userHostRisk * 0.7;
double totalRisk = logInRisk + userHostRisk;
Console.WriteLine(userHostRisk + " HOSTNAME");
Console.WriteLine(logInRisk + "LOG IN RISK");
Console.WriteLine(totalRisk);
string riskStatement = null;
string riskStatementLevel = null;
if (totalRisk <= 0.4)
{
riskStatementLevel = "Low";
riskStatement = "The risk level is low";
UserModel.UserModel.saveDateTimeOfUser(userID, connectionString, loginTime, date, publicIP, publicMAC);
Page cloud = new StartupPage();
this.NavigationService.Navigate(cloud);
}
// Removing access control and giving access control
else if (totalRisk <= 0.70)
{
riskStatementLevel = "Medium";
riskStatement = "The risk level is medium";
Page cloud = new StartupPage();
UserModel.UserModel.saveDateTimeOfUser(userID, connectionString, loginTime, date, publicIP, publicMAC);
//MessageBox.Show("Entry Saved");
//UserModel.UserModel.deleteDateTimeOfUser(userID, connectionString, loginTime, date);
//MessageBox.Show("Entry Deleted");
this.NavigationService.Navigate(cloud);
//Remove Access Control
}
//Instantly Re authenticate
else if (totalRisk > 0.70)
{
riskStatementLevel = "High";
riskStatement = "The risk level is high";
string subject = "Authentication Message";
string subjectBody = "Authentication Code is ";
UserModel.UserModel cm = UserModel.UserModel.currentUserModel;
Console.WriteLine(cm.userName + "Hellolols");
string email = cm.userEmail;
UserModel.UserModel.do2fa(subject, subjectBody, email);
Page authentication = new Authentication();
this.NavigationService.Navigate(authentication);
MessageBox.Show("2FA has been sent to your email");
}
PredictionModel.SessionRiskValue = riskStatementLevel;
Console.WriteLine(riskStatement);
MessageBox.Show(riskStatement);
}
else if (userList.Count() >= 30)
{
//Run the login prediction
string date = AlgorithmLibary.PredictionModel.getCurrentDate();
string loginTime = DateTime.Now.ToString("HH.mm");
string publicIP = PredictionModel.getCurrentPublicIP();
string publicMAC = PredictionModel.getCurrentMAC();
string[][] logInCollection = getUserLogInData(userID, connectionString);
double testTime = Convert.ToDouble(loginTime);
double testDay = Convert.ToDouble(date);
PredictionModel logInPredictionModel = new PredictionModel(testTime, testDay, logInCollection);
string logInRiskLevel = logInPredictionModel.logInRisk;
string logInOutput = logInPredictionModel.logInOutput;
Console.WriteLine(logInOutput);
Console.WriteLine("The risk level is " + logInRiskLevel);
string[][] ipAddressCollection = getUserIPAddressCollection(userID, connectionString);
Console.Write(ipAddressCollection.Count());
string[] query = new string[] { publicIP, publicMAC, date };
PredictionModel ipPredictionModel = new PredictionModel(ipAddressCollection, query);
string ipRisk = ipPredictionModel.ipRisk;
string ipOutput = ipPredictionModel.ipOutput;
Console.WriteLine(ipOutput);
double logInPercentage = Convert.ToDouble(logInRiskLevel) / 5.0;
double ipPercentage = Convert.ToDouble(ipRisk);
logInPercentage = (logInPercentage / 100) * 30;
ipPercentage = (ipPercentage / 100) * 70;
double riskLevel = logInPercentage + ipPercentage;
Console.WriteLine(logInPercentage);
Console.WriteLine(ipRisk);
Console.WriteLine(riskLevel);
string riskStatement = null;
string riskStatementLevel = null;
//Can do anything
if (riskLevel <= 0.4)
{
riskStatementLevel = "Low";
riskStatement = "The risk level is low";
UserModel.UserModel.saveDateTimeOfUser(userID, connectionString, loginTime, date, publicIP, publicMAC);
//Navigate To Chester
Page cloud = new StartupPage();
this.NavigationService.Navigate(cloud);
}
// Removing access control and giving access control
else if (riskLevel <= 0.70)
{
riskStatementLevel = "Medium";
riskStatement = "The risk level is medium";
Page cloud = new StartupPage();
UserModel.UserModel.saveDateTimeOfUser(userID, connectionString, loginTime, date, publicIP, publicMAC);
//MessageBox.Show("Entry Saved");
//UserModel.UserModel.deleteDateTimeOfUser(userID, connectionString, loginTime, date);
//MessageBox.Show("Entry Deleted");
this.NavigationService.Navigate(cloud);
//Remove Access Control
}
//Instantly Re authenticate
else if (riskLevel > 0.70)
{
riskStatementLevel = "High";
riskStatement = "The risk level is high";
//Do 2FA
string subject = "Authentication Message";
string subjectBody = "Authentication Code is ";
UserModel.UserModel cm = UserModel.UserModel.currentUserModel;
string email = cm.userEmail;
UserModel.UserModel.do2fa(subject, subjectBody, email);
Page authentication = new Authentication();
this.NavigationService.Navigate(authentication);
MessageBox.Show("2FA has been sent to your email");
}
PredictionModel.SessionRiskValue = riskStatementLevel;
Console.WriteLine("The current Risk Level is " + riskLevel);
Console.WriteLine(riskStatement);
MessageBox.Show(riskStatement);
}
}
(App.Current as App).LoginUserID = UserIDTextBox.Text;
//MessageBox.Show("Successful Login.");
//this.NavigationService.Navigate(new Uri(@"EditUserInfo.xaml", UriKind.RelativeOrAbsolute));
}
}
catch (Exception ex)
{
System.Windows.MessageBox.Show(ex.Message);
}
finally
{
con.Close();
}
}
else
{
MessageBox.Show("Invalid user id or password.");
try
{
con = new SqlConnection(connectionString);
con.Open();
cmd = new SqlCommand("select * from [dbo].[test] where UserID = '" + UserIDTextBox.Text + "'", con);
reader = cmd.ExecuteReader();
int countt = 0;
while (reader.Read())
{
countt += 1;
}
if (countt == 1)
{
try
{
con = new SqlConnection(connectionString);
con.Open();
cmd = new SqlCommand("INSERT INTO[dbo].[FailedAttempt](UserID, Date) VALUES (@UserID, @Date)", con);
cmd.Parameters.AddWithValue("@UserID", UserIDTextBox.Text);
cmd.Parameters.AddWithValue("@Date", DateTime.Now.ToShortDateString());
cmd.ExecuteNonQuery();
try
{
con = new SqlConnection(connectionString);
con.Open();
cmd = new SqlCommand("select count(*) from [dbo].[FailedAttempt] where UserID = '" + UserIDTextBox.Text + "'", con);
Int32 noOfFailedLoginAttempt = (Int32)cmd.ExecuteScalar();
MessageBox.Show(noOfFailedLoginAttempt.ToString() + " unsuccessful login attempt(s)");
}
catch (Exception ex)
{
System.Windows.MessageBox.Show(ex.Message);
}
finally
{
con.Close();
}
}
catch (Exception ex)
{
System.Windows.MessageBox.Show(ex.Message);
}
finally
{
con.Close();
}
}
}
catch (Exception ex)
{
System.Windows.MessageBox.Show(ex.Message);
}
finally
{
con.Close();
}
}
UserIDTextBox.Clear();
PasswordTextBox.Clear();
}
catch (Exception ex)
{
System.Windows.MessageBox.Show(ex.Message);
}
finally
{
con.Close();
}
}
static void Main(string[] args)
{
String allText = System.IO.File.ReadAllText(@"../../TextFile1.txt");
string[][] logInCollection = PredictionModel.readFromFile(allText);
double testTime = 24;
double testDay = 3;
PredictionModel logInPredictionModel = new PredictionModel(testTime, testDay, logInCollection);
string logInRiskLevel = logInPredictionModel.logInRisk;
string logInOutput = logInPredictionModel.logInOutput;
Console.WriteLine(logInOutput);
Console.WriteLine("The risk level is " + logInRiskLevel);
string currentPublicIP = PredictionModel.getCurrentPublicIP();
string currentpubliclocation = PredictionModel.getCurrentPublicIPLocation(currentPublicIP);
string macAddress = PredictionModel.getCurrentMAC();
string date = PredictionModel.getCurrentDate();
string[][] ipAddressCollection =
{
new string[] { "131.23.244.105", "C00008", "4" },
new string[] { "131.23.244.105", "C00008", "4" },
new string[] { "147.120.34.99", "C00008", "1" },
new string[] { "131.23.244.105", "D00008", "3" },
new string[] { currentPublicIP, "D8000", "4" },
new string[] { currentPublicIP, macAddress, date },
new string[] { currentPublicIP, macAddress, date },
new string[] { "151.23.244.105", "C000324", date }
};
//string[] query = new string[] { "1311.23.244.105", "C0000008", date};
//string[] query = new string[] { currentPublicIP, macAddress, date };
string[] query = new string[] { "151.23.244.105", "C000324", date };
PredictionModel ipPredictionModel = new PredictionModel(ipAddressCollection, query);
string ipRisk = ipPredictionModel.ipRisk;
string ipOutput = ipPredictionModel.ipOutput;
Console.WriteLine(ipOutput);
double logInPercentage = Convert.ToDouble(logInRiskLevel) / 5.0;
double ipPercentage = Convert.ToDouble(ipRisk);
logInPercentage = (logInPercentage / 100) * 30;
ipPercentage = (ipPercentage / 100) * 70;
double riskLevel = logInPercentage + ipPercentage;
Console.WriteLine(logInPercentage);
Console.WriteLine(ipRisk);
Console.WriteLine(riskLevel);
string riskStatement = null;
//Can do anything
if (riskLevel <= 0.4)
{
riskStatement = "The risk level is low";
}
// Removing access control and giving access control
else if (riskLevel <= 0.70)
{
riskStatement = "The risk level is medium";
}
//Instantly Re authenticate
else if (riskLevel > 0.70)
{
riskStatement = "The risk level is high";
}
Console.WriteLine(riskStatement);
//string fileName = @"../../../../testing/IPPrediction.py";
//Process p = new Process();
//p.StartInfo = new ProcessStartInfo(@"../../../../../../../../Anaconda/python.exe", fileName)
//{
// RedirectStandardOutput = true,
// UseShellExecute = false,
// CreateNoWindow = true
//};
//p.Start();
//string output = p.StandardOutput.ReadToEnd();
//Console.WriteLine(output);
//string currentPublicIP = PredictionModel.getCurrentPublicIP();
//string currentPublicLocation = PredictionModel.getCurrentPublicIPLocation(currentPublicIP);
//Console.WriteLine(currentPublicIP + " is at " + currentPublicLocation);
//string localIP = getCurrentPrivateIP();
//string macAddress = getCurrentMAC(localIP);
//Console.WriteLine(macAddress);
//string date = getCurrentDate();
//string[][] ipAddressCollection =
//{
// new string [] {"131.23.244.105","C00008" , "4"} ,
// new string [] {"131.23.244.105", "C00008" , "4"} ,
// new string [] { "147.120.34.99", "C00008" , "1"} ,
// new string [] { "131.23.244.105", "D00008" , "3"},
// new string [] { localIP , "D8000" , "4"},
// new string [] { localIP , macAddress , date},
// new string [] { localIP , macAddress , date}
//};
//string[] query = new string[] { localIP, macAddress , date};
//Dictionary<string, int> count = getCountNumber(ipAddressCollection);
//string[][] keyData = getValueArray(ipAddressCollection);
//string[] queryKey = checkQueryData(query, ipAddressCollection);
//Console.WriteLine(queryKey[0]);
//Console.WriteLine("Convert a certain IP and MAC and DAY to key form : " + queryKey[0] + queryKey[1] + queryKey[2] + queryKey[3]);
//string[] retrieveValue = new string[] { queryKey[0], queryKey[1], queryKey[2] };
//string[] retrievedDataValue = getKeyInformation(queryKey, ipAddressCollection);
//Console.WriteLine("Convert Key to Info " + retrievedDataValue[0] + " " + retrievedDataValue[1] + " " + retrievedDataValue[2] + " " + retrievedDataValue[3]);
//foreach (var element in keyData)
//{
// Console.WriteLine(element[0] + element[1] + element[2] + element[3]);
//}
//foreach (var element in count)
//{
// Console.WriteLine(element.Key + " = " + element.Value);
//}
//int counter = 0;
//string[][] testingList = new string[keyData.Count()][];
//string[][] passList = new string[keyData.Count()][];
//foreach (var element in keyData)
//{
// passList[counter] = new string[] { element[0], element[1], element[2], Convert.ToString(count.ElementAt(counter).Value) };
// string[] question = new string[] { element[0], element[1], element[2] };
// string[] data = getKeyInformation(question, ipAddressCollection);
// testingList[counter] = new string[] { data[0], data[1], data[2], Convert.ToString(count.ElementAt(counter).Value) };
// counter++;
//}
//Console.WriteLine("PASSING IN PARAMETER LIST");
//Console.WriteLine("IP " + " MAC " + " DAY " + " COUNT ");
//foreach (var element in passList)
//{
// Console.WriteLine(element[0] + " " + element[1] + " " + element[2] + " " + element[3]);
//}
//Console.WriteLine("CHECKING THE LIST");
//foreach (var element in testingList)
//{
// Console.WriteLine("IP is " + element[0] + " MAC Address " + element[1] + " Day of the week " + element[2] + " with a count of " + element[3]);
//}
}
//private void saveDateTimeOfUser(string userID, string connectionString, string loginTime, string date, string publicIP, string publicMAC)
//{
// SqlConnection con;
// SqlCommand cmd;
// con = new SqlConnection(connectionString);
// string currentHostname = System.Environment.MachineName.ToString();
// con.Open();
// try
// {
// cmd = new SqlCommand("INSERT INTO [dbo].[LogAnalysis] (UserID, LoginTime, LoginDate, IpAddress , MacAddress , hostname) VALUES (@UserID, @LoginTime, @LoginDate , @IPAddress , @MACAddress , @HostName)", con);
// cmd.Parameters.AddWithValue("@UserID", userID);
// cmd.Parameters.AddWithValue("@LoginTime", loginTime);
// cmd.Parameters.AddWithValue("@LoginDate", date.ToString());
// cmd.Parameters.AddWithValue("@IPAddress", publicIP);
// cmd.Parameters.AddWithValue("@MACAddress", publicMAC);
// cmd.Parameters.AddWithValue("@HostName", currentHostname);
// cmd.ExecuteNonQuery();
// }
// catch (Exception ex)
// {
// Console.WriteLine(ex.Message);
// }
// finally
// {
// con.Close();
// }
//}
private void ForgotPassword3NextButton_Click(object sender, RoutedEventArgs e)
{
string selected_ForgotPasswordCode = UserModel.UserModel.twoFAcode;
UserModel.UserModel cm = UserModel.UserModel._currentUserModel;
string userID = cm.userID;
if (ForgotPasswordCodeTextBox.Text == selected_ForgotPasswordCode)
{
MessageBox.Show("Correct!");
string date = AlgorithmLibary.PredictionModel.getCurrentDate();
string loginTime = DateTime.Now.ToString("HH.mm");
string publicIP = PredictionModel.getCurrentPublicIP();
string publicMAC = PredictionModel.getCurrentMAC();
Console.WriteLine(publicMAC + "HELLO");
string riskLevelStatement = "Low";
//Use the same class for saveDateTime Method - Justin Changed at 1:20 am on 6/8/2017
UserModel.UserModel.saveDateTimeOfUser(userID, connectionString, loginTime, date, publicIP, publicMAC);
string exist = UserModel.UserModel.checkFollowUp(userID, connectionString);
string selected_UserID = (App.Current as App).LoginUserID;
try
{
string connectionString = conSettings.ConnectionString;
con = new SqlConnection(connectionString);
con.Open();
cmd = new SqlCommand("DELETE FROM [dbo].[FailedAttempt] where UserID = '" + selected_UserID + "'", con);
cmd.ExecuteNonQuery();
}
catch (Exception ex)
{
System.Windows.MessageBox.Show(ex.Message);
}
finally
{
con.Close();
}
if (exist != null)
{
UserModel.UserModel.updateFollowUp(userID, connectionString, "False");
}
else
{
UserModel.UserModel.saveFollowUp(userID, connectionString, "False");
}
Page cloud = new StartupPage();
PredictionModel.SessionRiskValue = riskLevelStatement;
this.NavigationService.Navigate(cloud);
}
else
{
MessageBox.Show("Invalid code! Please Try Again");
//Remove the statement below because it will conflict with my fe
counter++;
if (counter > 3)
{
MessageBox.Show("More than 3 attempts! Account will be locked now!");
string exist = UserModel.UserModel.checkFollowUp(userID, connectionString);
if (exist != null)
{
UserModel.UserModel.updateFollowUp(userID, connectionString, "True");
}
else
{
UserModel.UserModel.saveFollowUp(userID, connectionString, "True");
}
Page LoginPage = new LoginPage();
this.NavigationService.Navigate(LoginPage);
}
}
}
