public static CreateStudentStatus CreateStudent(int studentID, string password) { try { using (WBDbContext db = new WBDbContext()) { if (db.Students.Any(s => s.StudentID == studentID)) return CreateStudentStatus.IDTaken; byte[] salt = Utils.CreateSalt(); Student student = new Student { StudentID = studentID, Salt = Convert.ToBase64String(salt), Password = Utils.HashStringSHA256(password, salt) }; db.Students.Add(student); db.SaveChanges(); } } catch (Exception) { // I don't care what exception we catch, I just don't want the page to break. return CreateStudentStatus.Failure; } return CreateStudentStatus.Success; }
public IHttpActionResult GetInstruments() { using (WBDbContext db = new WBDbContext()) { return Ok(new { MarchingInstruments = db.MarchingInstruments.ToList(), ConcertInstruments = db.ConcertInstruments.ToList() }); } }
public JsonResult Committee() { using (WBDbContext db = new WBDbContext()) { db.Configuration.ProxyCreationEnabled = false; return Json(db.Committees .OrderBy(c => c.Order) .ToList(), JsonRequestBehavior.AllowGet); } }
public IHttpActionResult GetHadgeAlerts() { using (WBDbContext db = new WBDbContext()) { return Ok(db.HadgeAlerts .Include("Author") .OrderByDescending(ha => ha.TimeStamp) .ToList()); } }
public JsonResult APIHadgeAlerts() { using (WBDbContext db = new WBDbContext()) { db.Configuration.ProxyCreationEnabled = false; return Json(db.HadgeAlerts .Include("Author") .OrderByDescending(ha => ha.TimeStamp) .ToList(), JsonRequestBehavior.AllowGet); } }
public JsonResult Instruments() { using (WBDbContext db = new WBDbContext()) { db.Configuration.ProxyCreationEnabled = false; return Json(new { MarchingInstruments = db.MarchingInstruments.ToList(), ConcertInstruments = db.ConcertInstruments.ToList() }, JsonRequestBehavior.AllowGet); } }
public static Student GetStudent(int studentID) { using (WBDbContext db = new WBDbContext()) { return db.Students .Include("MarchingInstrument") .Include("ConcertInstrument") .Include("MeasurementSet") .Include("Guardians") .Where(s => s.StudentID == studentID) .FirstOrDefault(); } }
public static ValidateStudentStatus ValidateStudent(int studentID, string password) { using (WBDbContext db = new WBDbContext()) { var student = db.Students.Find(studentID); if (student == null) return ValidateStudentStatus.NotFound; byte[] salt = Convert.FromBase64String(student.Salt); if (Utils.HashStringSHA256(password, salt) == student.Password) return ValidateStudentStatus.Success; else return ValidateStudentStatus.Failure; } }
public static ValidateUserStatus ValidateUser(this User passedUser, string password) { if (passedUser.UserID < 1) return ValidateUserStatus.UserIdInvalid; if (String.IsNullOrWhiteSpace(password)) return ValidateUserStatus.PassInvalid; using (WBDbContext db = new WBDbContext()) { User user = db.Users .Where(u => u.UserID == passedUser.UserID) .FirstOrDefault(); if (user == null) return ValidateUserStatus.NotFound; byte[] salt = Convert.FromBase64String(user.Salt); if (Utils.HashStringSHA256(password, salt) == user.Password) return ValidateUserStatus.Success; else return ValidateUserStatus.Failure; } }
public static ChangePasswordStatus ChangePassword(this User passedUser, string oldPassword, string newPassword) { if (passedUser.ValidateUser(oldPassword) < 0) return ChangePasswordStatus.IncorrectPassword; if (passedUser.ValidateUser(newPassword) > 0) return ChangePasswordStatus.InvalidPassword; using (WBDbContext db = new WBDbContext()) { var user = db.Users .Where(u => u.UserID == passedUser.UserID) .FirstOrDefault(); if (user == null) return ChangePasswordStatus.UserNotFound; byte[] salt = Utils.CreateSalt(); user.Salt = Convert.ToBase64String(salt); user.Password = Utils.HashStringSHA256(newPassword, salt); db.SaveChanges(); return ChangePasswordStatus.Success; } }
public static ChangePasswordStatus ChangePassword(string username, string oldPassword, string newPassword) { if (ValidateUser(username, oldPassword) < 0) return ChangePasswordStatus.IncorrectPassword; if (ValidateUser(username, newPassword) > 0) return ChangePasswordStatus.InvalidPassword; using (WBDbContext db = new WBDbContext()) { int? userId = db.Users .Where(u => u.Username.ToLower() == username.ToLower()) .Select(u => u.UserID) .FirstOrDefault(); if (userId == null) return ChangePasswordStatus.UserNotFound; return ChangePassword(userId.Value, oldPassword, newPassword); } }
public static int? GetUserId(string username) { using (WBDbContext db = new WBDbContext()) { return db.Users .Where(u => u.Username.ToLower() == username.ToLower()) .Select(u => u.UserID) .FirstOrDefault(); } }
public static string GetUsername(int userId) { using (WBDbContext db = new WBDbContext()) { User user = db.Users .Where(u => u.UserID == userId) .FirstOrDefault(); if (user != null) { return user.Username; } else { return null; } } }
public static SetLoginStatus SetLogin(string username, string password) { using (WBDbContext db = new WBDbContext()) { int? userId = db.Users .Where(u => u.Username.ToLower() == username.ToLower()) .Select(u => u.UserID) .FirstOrDefault(); if (userId == null) return SetLoginStatus.NotFound; return SetLogin(userId.Value, password); } }
public static SetLoginStatus SetLogin(int userId, string password) { if (ValidateUser(userId, password) < ValidateUserStatus.Success) return SetLoginStatus.ValidateFailure; try { // Login status and currently logged in user. HttpContext.Current.Session["loggedIn"] = true; HttpContext.Current.Session["userId"] = userId; // Commonly accessed info. using (WBDbContext db = new WBDbContext()) { User user = db.Users .Where(u => u.UserID == userId) .First(); HttpContext.Current.Session["username"] = GetUsername(user.UserID); // More commonly used info will be stored here. } } catch (Exception) { // I don't care what exception we catch, I just don't want the page to break. return SetLoginStatus.Failure; } return SetLoginStatus.Success; }
public static ValidateUserStatus ValidateUser(string username, string password) { if (String.IsNullOrWhiteSpace(username)) return ValidateUserStatus.UsernameInvalid; if (String.IsNullOrWhiteSpace(password)) return ValidateUserStatus.PassInvalid; using (WBDbContext db = new WBDbContext()) { int? userId = db.Users .Where(u => u.Username.ToLower() == username.ToLower()) .Select(u => u.UserID) .FirstOrDefault(); if (userId == null) return ValidateUserStatus.NotFound; return ValidateUser(userId.Value, password); } }
private static int GetNextUserId() { using (WBDbContext db = new WBDbContext()) { return db.Users.Any() ? db.Users.Max(u => u.UserID) + 1 : 1; } }
public static CreateUserStatus CreateUser(string username, string password) { try { using (WBDbContext db = new WBDbContext()) { if (db.Users.Any(u => u.Username.ToLower() == username.ToLower())) return CreateUserStatus.UsernameTaken; byte[] salt = Utils.CreateSalt(); int userId = GetNextUserId(); User user = new User { UserID = userId, Username = username, Salt = Convert.ToBase64String(salt), Password = Utils.HashStringSHA256(password, salt) }; db.Users.Add(user); db.SaveChanges(); } } catch (Exception) { // I don't care what exception we catch, I just don't want the page to break. return CreateUserStatus.Failure; } return CreateUserStatus.Success; }