/// <summary> /// "Weblogin" to the system. Returns the user's ID upon success. /// </summary> /// <param name="username">The username</param> /// <param name="password">The password</param> /// <param name="role">The role, DJ or Mobile</param> /// <param name="ID">Our parameter of the user ID.</param> /// <returns>The outcome of the operation.</returns> public Response Login(string username, string password, string role, out int ID) { ID = 0; Response r = new Response(); if (!role.Equals("DJ") && !role.Equals("Mobile")) { r.error = true; r.message = "Bad role"; return r; } using (DatabaseConnectivity db = new DatabaseConnectivity()) { // Try to establish a database connection r = db.OpenConnection(); if (r.error) return r; // Get the salt from the database and salt/hash the password. string salt; if (role == "DJ") r = db.DJGetSalt(username, out salt); else r = db.MobileGetSalt(username, out salt); if (r.error) return r; string saltHashPassword = Common.CreatePasswordHash(password, salt); // Check validity of username/password. if (role == "DJ") r = db.DJValidateUsernamePassword(username, saltHashPassword); else r = db.MobileValidateUsernamePassword(username, saltHashPassword); if (r.error) return r; // If the username/password couldn't be found, inform user. if (r.message.Trim() == string.Empty) { r.error = true; r.message = "Username/Password is incorrect."; return r; } // Get the ID if (!int.TryParse(r.message.Trim(), out ID)) { r.error = true; r.message = "Exception in ChangeEmail: Unable to parse ID from DB!"; return r; } return r; } }
/// <summary> /// Attempts to sign in the DJ using the given credentials. /// If an error occurs, the LogInResponse will have the error field as true, and the error will be in message. /// </summary> /// <param name="username">Username to sign in with.</param> /// <param name="password">Password to sign in with.</param> /// <returns>LogInReponse returns the outcome. The UserKey sent back is used for all communicaiton in further methods.</returns> /// public LogInResponse DJSignIn(string username, string password) { int DJID = -1; using (DatabaseConnectivity db = new DatabaseConnectivity()) { // Try to establish a database connection Response r = db.OpenConnection(); if (r.error) return new LogInResponse(r); // Get the salt from the database and salt/hash the password. string salt; r = db.DJGetSalt(username, out salt); if (r.error) return new LogInResponse(r); string saltHashPassword = Common.CreatePasswordHash(password, salt); // See if the username/password combination is valid. // If it is valid, the DJID will be stored in r.message. // If it is not valid, r.message will be empty. r = db.DJValidateUsernamePassword(username, saltHashPassword); if (r.error) return new LogInResponse(r); // If the username/password couldn't be found, inform user. if (r.message.Trim() == string.Empty) { r.error = true; r.message = "Username/Password is incorrect."; return new LogInResponse(r); } // Get the DJID stored in r.message. if (!int.TryParse(r.message.Trim(), out DJID)) { r.error = true; r.message = "Exception in DJSignIn: Unable to parse DJID from DB!"; return new LogInResponse(r); } // Make sure the DJ is not logged in. RIGHT NOW: JUST DON'T CHECK ANYTHING USEFUL TO ALLOW FOR LOGINS TO OCCUR WHEN LOGGED IN! r = DJValidateStatus(DJID, "!4", db); if (r.error) return new LogInResponse(r); // Information seems valid, attempt to sign in. r = db.DJSetStatus(DJID, 1); if (r.error) return new LogInResponse(r); // Attempt to change the DJID into a userKey long userKey; r = DJGenerateKey(DJID, out userKey, db); if (r.error) return new LogInResponse(r); // If there was no error, create a loginResponse with the successful information. LogInResponse lr = new LogInResponse(); lr.result = r.result; lr.userKey = userKey; User u = new User(); u.userName = username; u.userID = DJID; return lr; } }
/// <summary> /// "Weblogin" to the system. Returns the user's ID upon success. /// </summary> /// <param name="username">The username</param> /// <param name="password">The password</param> /// <param name="role">The role, DJ or Mobile</param> /// <param name="ID">Our parameter of the user ID.</param> /// <returns>The outcome of the operation.</returns> public Response Login(string username, string password, string role, out int ID) { ID = 0; ExpResponse r = new ExpResponse(); if (!role.Equals("DJ") && !role.Equals("Mobile")) { r.setErMsgStk(true, "Bad Role Given", Environment.StackTrace); return Common.LogErrorRetNewMsg(r, Messages.ERR_SERVER, Common.LogFile.Web); } using (DatabaseConnectivity db = new DatabaseConnectivity()) { // Try to establish a database connection r = db.OpenConnection(); if (r.error) return Common.LogErrorRetNewMsg(r, Messages.ERR_SERVER, Common.LogFile.Web); // Get the salt from the database and salt/hash the password. string salt; if (role == "DJ") r = db.DJGetSalt(username, out salt); else r = db.MobileGetSalt(username, out salt); if (r.error) return Common.LogErrorRetNewMsg(r, Messages.ERR_CRED_WRONG, Common.LogFile.Web); string saltHashPassword = Common.CreatePasswordHash(password, salt); // Check validity of username/password. if (role == "DJ") r = db.DJValidateUsernamePassword(username, saltHashPassword); else r = db.MobileValidateUsernamePassword(username, saltHashPassword); if (r.error) return Common.LogErrorRetNewMsg(r, Messages.ERR_SERVER, Common.LogFile.Web); // If the username/password couldn't be found, inform user. if (r.message.Trim() == string.Empty) { r.setErMsg(true, Messages.ERR_CRED_WRONG); return r; } // Get the ID if (!int.TryParse(r.message.Trim(), out ID)) { r.setErMsgStk(true, "Exception in ChangeEmail: Unable to parse ID from DB!", Environment.StackTrace); return Common.LogErrorRetNewMsg(r, Messages.ERR_SERVER, Common.LogFile.Web); } return r; } }