private static void ProcessSignup()
{
// TDB based off tokenizing pattern. When design is concluded,
// variable dataStartLocation will indicate where the data portion is held in the array
int dataStartLocation = 1;
// Holds result of signup attempt
bool isValidSignup = false;
User u = new User();
u.UserName = tokenizedMessage[dataStartLocation];
// Checks if the username exists in the database
if (!db.Users.Any(x => x.UserName == u.UserName))
{
byte[] salt = SaltedHash.CreateSalt(); //Store this value in the database for each user
string pw = tokenizedMessage[2]; //this needs to be the user entered password sent from client
byte[] saltedpw = SaltedHash.CreateSaltedHash(salt, pw); //They will then be passed into the method to convert to the saltedhash
//both salt and saltedpw need to be stored in db for each user
u.Active = true;
u.Salt = salt;
u.Password = saltedpw;
u.Start_Date = DateTime.Now;
u.IP_Address = 0m;
db.Users.Add(u);
db.SaveChanges();
isValidSignup = true;
}
string output = "<Signup>" + "|" + isValidSignup + "|" + "<EOF>";
// Holds the current index value of the userList as it iterates
int indexCount = 0;
foreach (StateObject s in UserList.userList)
{
if (s.userID == u.UserName)
{
if (checkSocketStatus(s.workSocket))
{
AsynchronousSocketListener.Send(s.workSocket, output);
break;
}
UserList.userList.RemoveAt(indexCount);
}
indexCount++;
}
}
private static void ProcessLogin()
{
// TDB based off tokenizing pattern. When design is concluded,
// variable dataStartLocation will indicate where the data portion is held in the array
int dataStartLocation = 1;
// The bool that's returned to the client stating if the login has succeeded or failed.
bool isValidLogin = false;
// To list the user table to allow for easier access
List <User> users = db.Users.ToList();
foreach (User u in users)
{
if (u.UserName == tokenizedMessage[dataStartLocation])
{
// TODO run password through salted hash system to see if there's a match on the password.
// Aaron, all I need is a method call where I can place the incoming password as a parameter
// so it's run through the salted hash functions and a return value is setup to
// receive the result of the crypto function for comparison to verify that this user
// has the correct password.
byte[] salt = u.Salt; //needs to be retrieved from database
string pw = tokenizedMessage[dataStartLocation + 1]; //user entered password from client
byte[] saltedHash = u.Password; //needs to be retrieved from database
isValidLogin = SaltedHash.Validate(salt, pw, saltedHash); //Pass in salt, user password, then salted hash. this should return true/false depending on if password validates
//These methods will need to be tested and tweaked if necessary. I'm not sure if they work 100% as I am not able to test them
break;
}
}
foreach (StateObject s in UserList.userList)
{
if (s.userID == tokenizedMessage[dataStartLocation])
{
string output = "<Login>" + "|" + isValidLogin + "<EOF>";
AsynchronousSocketListener.Send(s.workSocket, output);
break;
}
}
}