private void BtnUpdate_Click(object sender, EventArgs e)
{
var rsa = new cryptography.SystemSupportRSA();
//Validamos que la contraseña actual coincida(OK)
//validamos que escriba las dos contraseñas
if (!txtpass1.Text.Equals("") && !txtpass2.Text.Equals(""))
{
//Validamos que coincidan las dos contraseñas
if (txtpass1.Text.Equals(txtpass2.Text))
{
MessageBox.Show("Coinciden");
User user = new User()
{
User_definition = txtusername.Text,
User_email = txtemail.Text,
User_password = rsa.GetMd5Hash(txtpass1.Text),
User_code = UserCache.UserCode
};
userLog.UserUpdate(user);
FrmUserEdit_Load(sender, e);
}
else
{
MessageBox.Show("No coinciden las contraseñas");
}
}
else
{
MessageBox.Show("Escriba ambas contraseñas");
}
}
public string UserRecoveryAccount(byte[] ciphertoken, byte[] cipheraccuont,
byte[] Key, byte[] IV)
{
var rsa = new cryptography.SystemSupportRSA();
string userName;
string userMail;
string user;
string alias;
string pass;
string current_token;
//string request = "";
Database.Connect();
command = new OdbcCommand
{
Connection = Database.GetConn(),
CommandType = CommandType.StoredProcedure,
CommandText = "{call csg.User_RecoveryAccount(?)}"
};
command.Parameters.Add("Account", OdbcType.VarChar, 50).Value = rsa.DecryptStringFromBytes_Aes(cipheraccuont, Key, IV);
dataReader = command.ExecuteReader();
//Console.WriteLine("Read(): " + dataReader.Read() + " | HasRows: " + dataReader.HasRows);
if (dataReader.Read())
{
//Validamos que el token vigente coincida
if (rsa.DecryptStringFromBytes_Aes(ciphertoken, Key, IV).Equals(dataReader.GetString(3)))
{
userName = dataReader.GetString(0);
user = dataReader.GetString(1);
userMail = dataReader.GetString(2);
string code = dataReader.GetString(4);
Database.Disconnect();
//Creamos el nuevo token
string new_token = rsa.GetMd5Hash(user + DateTime.Now.Ticks.ToString());
//Actualizamos el token y pasamos el usetoken a SI
UpdateUserToken(new_token, code);
var mailservice = new mailservices.SystemSupportMail();
mailservice.SendRecoveryMail(username: userName, user: user, token: new_token,
subject: "Recuperación de cuenta Control de Servicios y Garantías", to: userMail);
return("s,Por favor revisa tu cuenta de correo " + userMail);
}
else
{
Database.Disconnect();
return("f,No coincide el token");
}
}
else
{
Database.Disconnect();
return("f,Lo sentimos, no existe una cuenta con ese nombre de usuario o" +
" correo electrónico");
}
}
private void BtnOk_Click(object sender, EventArgs e)
{
DialogResult = DialogResult.OK;
var rsa = new cryptography.SystemSupportRSA();
Console.WriteLine(rsa.GetMd5Hash(txtPassValidate.Text) + "=" + UserCache.UserPass);
if (rsa.GetMd5Hash(txtPassValidate.Text).Equals(UserCache.UserPass))
{
//Permitimos editar contraseña
msg.txtpassActivator();
}
}
private void BtnChangePassword_Click(object sender, EventArgs e)
{
if (!txtpass.Text.Equals("CONTRASEÑA"))
{
if (!txtpassconf.Text.Equals("CONFIRME LA CONTRASEÑA"))
{
//Comparamos que coincidan
Console.WriteLine("CHANGEPASSWORD/Contraseña: '" + txtpass.Text + "' | Length: " + txtpass.TextLength);
Console.WriteLine("CHANGEPASSWORD/CContraseña: '" + txtpassconf.Text + "' | Length: " + txtpassconf.TextLength);
if (IsEqualsPass())
{
// Create a new instance of the AesManaged
// class. This generates a new key and initialization
// vector (IV).
using (AesManaged myAes = new AesManaged())
{
var rsa = new cryptography.SystemSupportRSA();
// Encrypt the string to an array of bytes.
byte[] cipherpass = rsa.EncryptStringToBytes_Aes(txtpass.Text, myAes.Key, myAes.IV);
byte[] ciphercode = rsa.EncryptStringToBytes_Aes(UserCache.UserCode, myAes.Key, myAes.IV);
userLog.UserUpdatePass(cipherpass, ciphercode, myAes.Key, myAes.IV);
UserCache.UserPass = rsa.GetMd5Hash(txtpass.Text);
Console.WriteLine("CHANGEPASSWORD/Actualizar a " + txtpass + "=" + UserCache.UserPass);
this.Close();
}
}
else
{
MsgError("No coinciden las contraseñas");
}
}
else
{
MsgError("Ingrese la confirmación de la nueva contraseña");
}
}
else
{
MsgError("Ingrese la nueva contraseña");
}
}
private void BtnRecoveryAccount_Click(object sender, EventArgs e)
{
if (!txtAccount.Text.Equals("USUARIO O CORREO ELECTRÓNICO"))
{
if (!txtToken.Text.Equals("TOKEN"))
{
byte[] cipheraccount;
byte[] ciphertoken;
using (AesManaged myAes = new AesManaged())
{
var rsa = new cryptography.SystemSupportRSA();
// Encrypt the string to an array of bytes.
cipheraccount = rsa.EncryptStringToBytes_Aes(txtAccount.Text, myAes.Key, myAes.IV);
ciphertoken = rsa.EncryptStringToBytes_Aes(txtToken.Text, myAes.Key, myAes.IV);
var request = userLog.UserRecoveryAccount(ciphertoken, cipheraccount, myAes.Key, myAes.IV);
string[] result = request.Split(',');
if (result[0].Equals("s"))
{
MsgOk(result[1]);
}
else
{
MsgError(result[1]);
}
}
}
else
{
MsgError("Ingrese el token de seguridad");
}
}
else
{
MsgError("Ingrese usuario o cuenta de correo electrónico");
}
}
public void UserUpdatePass(byte[] cipherpass, byte[] ciphercode, byte[] Key, byte[] IV)
{
var rsa = new cryptography.SystemSupportRSA();
try
{
Database.Connect();
command = new OdbcCommand()
{
Connection = Database.GetConn(),
CommandType = CommandType.StoredProcedure,
CommandText = "{call csg.User_UpdatePass(?,?)}"
};
command.Parameters.Add("Pass", OdbcType.VarChar, 200).Value = rsa.GetMd5Hash(rsa.DecryptStringFromBytes_Aes(cipherpass, Key, IV));
command.Parameters.Add("Code", OdbcType.VarChar, 20).Value = rsa.DecryptStringFromBytes_Aes(ciphercode, Key, IV);
if (command.ExecuteNonQuery() > 0)
{
//return true;
UserCache.UserPass = rsa.GetMd5Hash(rsa.DecryptStringFromBytes_Aes(cipherpass, Key, IV));
//Console.WriteLine("Actualizó password a " + UserCache.UserPass);
}
else
{
//return false;
//Console.WriteLine("NO actualizó password");
}
}
catch (Exception)
{
throw;
}
finally
{
Database.Disconnect();
}
}
public bool UserLogin(byte[] cipheruser, byte[] cipherpass,
byte[] Key, byte[] IV)
{
var rsa = new cryptography.SystemSupportRSA();
try
{
Database.Connect();
command = new OdbcCommand
{
Connection = Database.GetConn(),
CommandType = CommandType.StoredProcedure,
CommandText = "{call csg.User_Login(?)}"
};
command.Parameters.Add("Account", OdbcType.VarChar, 50).Value = rsa.DecryptStringFromBytes_Aes(cipheruser, Key, IV);
dataReader = command.ExecuteReader();
if (dataReader.Read())
{
UserCache.UserUseToken = dataReader.GetChar(11);
//Console.WriteLine("Usa token: " + UserCache.UserUseToken);
if (rsa.GetMd5Hash(rsa.DecryptStringFromBytes_Aes(cipherpass, Key, IV)).Equals(dataReader.GetString(4)) &&
UserCache.UserUseToken.Equals('N'))
{
//Console.WriteLine("Entra con password");
//Almacenar la variables de sesión
UserCache.UserCode = dataReader.GetString(0);
UserCache.UserDefinition = dataReader.GetString(1);
UserCache.UserAccount = dataReader.GetString(2);
UserCache.UserEmail = dataReader.GetString(3);
UserCache.UserPass = dataReader.GetString(4);
UserCache.UserRol = dataReader.GetString(6);
UserCache.UserRolDefinition = dataReader.GetString(13);
return(true);
}
//SI utiliza token esta en 'S'
else if (rsa.DecryptStringFromBytes_Aes(cipherpass, Key, IV).Equals(dataReader.GetString(5)) &&
UserCache.UserUseToken.Equals('S'))
{
//Console.WriteLine("Entra con token");
//Almacenar la variables de sesión
UserCache.UserCode = dataReader.GetString(0);
UserCache.UserDefinition = dataReader.GetString(1);
UserCache.UserAccount = dataReader.GetString(2);
UserCache.UserEmail = dataReader.GetString(3);
UserCache.UserPass = dataReader.GetString(4);
UserCache.UserRol = dataReader.GetString(6);
UserCache.UserRolDefinition = dataReader.GetString(13);
return(true);
}
}
}
catch (Exception ex)
{
MessageBox.Show("Excepción controlada en UserDAO->UserLogin: "******"Excepción", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
finally
{
Database.Disconnect();
}
return(false);
}