private void createAccountButton_Click(object sender, RoutedEventArgs e) { string userHonorific = getHonorific(); if (userHonorific.Equals("null")) { MessageBox.Show("Title is a required field. Please select a Title", "Error! Account could not be created."); return; } int?userGender = getGender(); if (userGender == -1) { MessageBox.Show("Gender is a required field. Please select a Gender", "Error! Account could not be created."); return; } int?userAccountType = getAccountType(); if (userAccountType == -1) { MessageBox.Show("Account Type is a required field. Please select an Account Type", "Error! Account could not be created."); return; } string firstname = getFirstname(); if (string.IsNullOrEmpty(firstname)) { MessageBox.Show("First name is a required field. Please enter your first name", "Error! Account could not be created."); return; } string middlename = getMiddlename(); string lastname = getLastname(); if (string.IsNullOrEmpty(lastname)) { MessageBox.Show("Last name is a required field. Please enter your last name", "Error! Account could not be created."); return; } string password = getPassword(); if (password.Equals("nomatch")) { MessageBox.Show("Passwords do not match.", "Error! Account could not be created."); passwordBox.Clear(); passwordBox2.Clear(); return; } if (password.Equals("weak")) { MessageBox.Show("Cannot accept weak Password. Try using numbers and symbols to add complexity.", "Error! Account could not be created."); passwordBox.Clear(); passwordBox2.Clear(); return; } if (string.IsNullOrEmpty(password)) { MessageBox.Show("Password is a required field. Please enter a strong password", "Error! Account could not be created."); passwordBox2.Clear(); return; } // will not exit function until unique username confirmed. string username = createUsername(firstname, middlename, lastname); MessageBox.Show("Account Username: "******"Account Successfully Created!", MessageBoxButton.OK, MessageBoxImage.Information); string hashedPassword = BCrypt.Net.BCrypt.HashPassword(password); //FORMAT FOR QRCODE //Add video for how to add 2otp to personal device. // COMPANY:USERNAME?SECRETKEY&issuer=COMPANY //otpauth://totp/Meme:arlidio?secret=2FO4X6236KEHZKN4XGVIOH2MCCBDGLZF&issuer=Meme var otpKey = KeyGeneration.GenerateRandomKey(20); var otpKeyString = Base32Encoding.ToString(otpKey); var otpKeyBytes = Base32Encoding.ToBytes(otpKeyString); int accountType = Convert.ToInt32(userAccountType); string gender = userGender == 0 ? "Female" : "Male"; addRecordToDB(username, hashedPassword, otpKeyString, gender, userHonorific, firstname, middlename, lastname, accountType); //Probably need another window to create and show the QR code & the video with instructions on how to //add TOTP to app. ----- add past this point ShowQRWindow ShowQRWindow = new ShowQRWindow(otpKeyString, username); this.Hide(); this.Close(); ShowQRWindow.ShowDialog(); }
private void getTOTP(string fullname) { SQLiteConnection connection = OpenConnection(); string cmdString = ""; string middlename = ""; string lastname = ""; fullname = fullname.Remove(0, fullname.IndexOf(" ") + 1); var names = fullname.Split(' '); string firstname = names[0]; if (names.Length == 2) { lastname = names[1]; cmdString = @"SELECT COUNT(*) FROM Accounts WHERE Firstname = @fname AND Lastname = @lname"; } else { middlename = names[1]; lastname = names[2]; cmdString = @"SELECT COUNT(*) FROM Accounts WHERE Firstname = @fname AND Middlename = @mname AND Lastname = @lname"; } SQLiteCommand cmd = new SQLiteCommand(cmdString, connection); cmd.Prepare(); cmd.Parameters.Add("@fname", DbType.String).Value = firstname; if (names.Length == 3) { cmd.Parameters.Add("@mname", DbType.String).Value = middlename; } cmd.Parameters.Add("@lname", DbType.String).Value = lastname; int userRecords = Convert.ToInt32(cmd.ExecuteScalar()); if (userRecords > 1) { string username = ""; MessageBox.Show("More than 1 Account was found with these credentials. Please type in the username of the account to confirm.", "Caution! Attention Required!"); bool foundAccount = false; while (!foundAccount) { InputDialogBox inputDialog = new InputDialogBox("Enter The Account Username:"******"SELECT COUNT(*) FROM Accounts WHERE Username = @user AND Firstname = @fname" + ((!string.IsNullOrEmpty(middlename) ? " AND Middlename = @mname" : "")) + " AND Lastname = @lname", connection); cmd.Prepare(); cmd.Parameters.Add("@user", DbType.String).Value = username; cmd.Parameters.Add("@fname", DbType.String).Value = firstname; if (!string.IsNullOrEmpty(middlename)) { cmd.Parameters.Add("@mname", DbType.String).Value = middlename; } cmd.Parameters.Add("@lname", DbType.String).Value = lastname; int userExists = Convert.ToInt32(cmd.ExecuteScalar()); if (userExists == 1) { foundAccount = true; } else { MessageBox.Show("User not found. Confirm username of the account and try again later.", "Error!"); return; } } cmd = new SQLiteCommand(@"SELECT OTP_Token FROM Accounts WHERE Username = @Username", connection); cmd.Prepare(); cmd.Parameters.Add("@Username", DbType.String).Value = username; string totpToken = cmd.ExecuteScalar().ToString(); ShowQRWindow showQR = new ShowQRWindow(totpToken, username); showQR.Show(); this.Close(); } else { cmdString = cmdString.Replace("COUNT(*)", "OTP_Token, Username"); cmd = new SQLiteCommand(cmdString, connection); cmd.Prepare(); cmd.Parameters.Add("@fname", DbType.String).Value = firstname; if (names.Length == 3) { cmd.Parameters.Add("@mname", DbType.String).Value = middlename; } cmd.Parameters.Add("@lname", DbType.String).Value = lastname; SQLiteDataReader reader = cmd.ExecuteReader(); string totpToken = ""; string username = ""; while (reader.Read()) { totpToken = reader[0].ToString(); username = reader[1].ToString(); } ShowQRWindow showQR = new ShowQRWindow(totpToken, username); showQR.Show(); this.Close(); } connection.Close(); }