コード例 #1
0
 public ActionResult LoginRequest(LoginDataModel user)
 {
     if (ModelState.IsValid)
     {
         using (DatabaseQuery query = new DatabaseQuery())
         {
             PBKDF2Password password = query.GetPassword(user);
             //vraag het password van een gebruiker
             if (password != null)
             {   //als het password niet leeg is match het password met de Database
                 PasswordMatcher matcher = new PasswordMatcher(password, user.Password, false); //False kijkt of het interne wachtwoord gedisposed moet worden als hij gematched is.
                 if (matcher.IsMatch) //Als een match is
                 {
                     try
                     {//Probeer een Sessie te maken
                         Session session = (Session)this.Session["__MySessionObject"];
                         using (DatabaseQuery userQuery = new DatabaseQuery())
                         {
                             session.User = userQuery.GetUser(user); //Klant krijgt een sessie
                             session.LoggedIn = true;
                             this.Session["__MySessionObject"] = session;
                             List<Order> orders = userQuery.GetOrdersByUser(session.User);
                             foreach(Order order in orders)
                             {
                                 if (order.Status == OrderStatus.TOBEPAID)
                                 {
                                     double days = (DateTime.Now - order.DTime).TotalDays;
                                     if (days > 14)
                                     {
                                         order.Status = OrderStatus.EXPIRED;
                                         userQuery.UpdateOrderStatus(order);
                                     }
                                 }
                             }
                         }
                         if (((Session)this.Session["__MySessionObject"]).User.Role == UserRole.MANAGER)
                         {
                             return RedirectToAction("manage"); //Ga naar manager pagina
                         }
                         else if (((Session)this.Session["__MySessionObject"]).User.Role == UserRole.ADMIN)
                         {
                             return RedirectToAction("admin"); //Ga naar manager pagina
                         }
                         else if(((Session)this.Session["__MySessionObject"]).ShoppingBag.OrderLines.Count > 0)
                         {
                             return RedirectToAction("Shoppingbag");
                         }
                         return RedirectToAction("Index"); //Ga terug naar de index
                     }
                     catch(Exception e)
                     {
                         TempData["ErrorMessage"] = "Er is iets fout gegaan met het inloggen: " + e;
                     }
                 }
             }
             TempData["ErrorMessage"] = "Gebruikersnaam en wachtwoord combinatie zijn onbekend";
             return RedirectToAction("login", user); //redirect to faillure
         }
     }
     else
     {
         TempData["ErrorMessage"] = "Gebruikersnaam en/of wachtwoord combinatie is fout";
         return RedirectToAction("Login", "Home", user);
     }
 }
コード例 #2
0
        internal User GetUser(LoginDataModel GetUser)
        {
            //Haal een user op uit de database
            using (NpgsqlCommand cmd = new NpgsqlCommand())
            {
                cmd.Connection = _connection;
                if (_transaction != null)
                {
                    cmd.Transaction = _transaction; //maak een transactie als hij er niet is
                }
                cmd.CommandText = "SELECT * FROM \"user\" WHERE \"username\" = @username";
                cmd.Parameters.AddWithValue("username", GetUser.Username);
                NpgsqlDataReader reader = cmd.ExecuteReader();

                if (reader.Read()) //lees een user
                {
                    User user = new User();
                    user.Id = (ulong)reader.GetInt32(reader.GetOrdinal("id"));
                    user.FirstName = reader.GetString(reader.GetOrdinal("first_name"));
                    user.LastName = reader.GetString(reader.GetOrdinal("last_name"));
                    user.Username = reader.GetString(reader.GetOrdinal("username"));
                    user.Email = reader.GetString(reader.GetOrdinal("email_address"));
                    user.DateOfBirth = reader.GetDateTime(reader.GetOrdinal("date_of_birth"));
                    user.Role = (UserRole)Enum.ToObject(typeof(UserRole), reader.GetInt32(reader.GetOrdinal("role")));
                    reader.Close();
                    user.Address = GetAddress((ulong)reader.GetInt32(reader.GetOrdinal("id")));
                    return user;
                }
                reader.Close();
                return null;
            }
        }
コード例 #3
0
        internal bool setUserAddress(User user)
        {
            using (NpgsqlCommand cmd = new NpgsqlCommand())
            {
                cmd.Connection = _connection;
                _transaction = cmd.Connection.BeginTransaction();

                cmd.CommandText = "INSERT INTO user_address (user_id, postalcode, number, suffix, type) "
                    + "VALUES(@user_id, @postalcode, @number, @suffix, @type);";

                LoginDataModel ldm = new LoginDataModel() { Username = user.Username, Password = user.Password };
                cmd.Parameters.AddWithValue("user_id", (long)GetUser(ldm).Id);
                cmd.Parameters.AddWithValue("postalcode", user.Address.PostalCode);
                cmd.Parameters.AddWithValue("number", user.Address.HouseNumber);
                cmd.Parameters.AddWithValue("suffix", user.Address.Suffix);
                cmd.Parameters.AddWithValue("type", (int)user.Address.Type);

                //Parameters
                bool success = parseNonqueryResult(cmd.ExecuteNonQuery());
                if (success)
                {
                    _transaction.Commit();
                    _transaction.Dispose();
                    return success; //Commit als het sucessvol is
                }
                _transaction.Rollback();
                _transaction.Dispose();
                return success; //Rollback en dispose als het niet lukt
            }
        }
コード例 #4
0
        internal PBKDF2Password GetPassword(LoginDataModel customer)
        {
            //Haal een password van een User op
            //The internal keyword is an access modifier for types and type members. Internal types or members are accessible only within files in the same assembly,
            using (NpgsqlCommand cmd = new NpgsqlCommand())
            {
                cmd.Connection = _connection;
                cmd.CommandText = "SELECT password_hash, password_salt, password_iterations FROM \"user\" WHERE username = @username;";
                cmd.Parameters.AddWithValue("username", customer.Username.Trim());
                NpgsqlDataReader reader = cmd.ExecuteReader(); //Valideer het wachtwoord , Salt en Iteraties

                if (reader.Read())
                {

                    byte[] hash = (byte[])reader[reader.GetOrdinal("password_hash")];
                    byte[] salt = (byte[])reader[reader.GetOrdinal("password_salt")];
                    int iterations = reader.GetInt32(reader.GetOrdinal("password_iterations"));
                    return new PBKDF2Password(hash, salt, iterations);
                }
                else
                {
                    reader.Close();
                    return null;
                }
            }
        }