public List <Classes.Login> GetLogins()
{
SqlConnection connection = new SqlConnection();
connection.ConnectionString = Util.GetConnectionString();
connection.Open();
SqlCommand command = new SqlCommand();
command.Connection = connection;
command.CommandType = CommandType.StoredProcedure;
command.CommandText = "GetLogins";
SqlDataReader reader = command.ExecuteReader();
List <Classes.Login> logins = new List <Classes.Login>();
while (reader.Read())
{
Classes.Login login = new Classes.Login()
{
Username = reader["Username"].ToString(),
Password = reader["Password"].ToString(),
StaffType = reader["StaffType"].ToString()
};
logins.Add(login);
}
return(logins);
}
public SqlCode UpdateLogin(Classes.Login Login)
{
SqlConnection connection = new SqlConnection();
connection.ConnectionString = Util.GetConnectionString();
connection.Open();
SqlCommand command = new SqlCommand();
command.Connection = connection;
command.CommandType = CommandType.StoredProcedure;
command.CommandText = "UpdateLogin";
SqlParameter parameter = new SqlParameter
{
ParameterName = "@Username",
SqlDbType = SqlDbType.VarChar,
Direction = ParameterDirection.Input,
SqlValue = Login.Username
};
command.Parameters.Add(parameter);
parameter = new SqlParameter
{
ParameterName = "@Password",
SqlDbType = SqlDbType.VarChar,
Direction = ParameterDirection.Input,
SqlValue = Login.Password
};
command.Parameters.Add(parameter);
parameter = new SqlParameter
{
ParameterName = "@StaffType",
SqlDbType = SqlDbType.VarChar,
Direction = ParameterDirection.Input,
SqlValue = Login.StaffType
};
command.Parameters.Add(parameter);
int returnVal;
SqlCode code;
try
{
returnVal = command.ExecuteNonQuery();
code = SqlCode.Success;
}
catch (Exception e)
{
System.Diagnostics.Debug.WriteLine($"e: {e.Message}");
code = SqlCode.Failure;
}
connection.Close();
return(code);
}
private void AddTestLogin()
{
string password = Util.HashPassword("password");
//System.Diagnostics.Debug.WriteLine(password);
Classes.Login login = new Classes.Login()
{
Username = "******",
Password = password,
StaffType = "Counsellor"
};
ResolutionsSystem rs = new ResolutionsSystem();
SqlCode code = rs.CreateLogin(login);
}
private void btnLogin_Click(object sender, EventArgs e)
{
if (!string.IsNullOrEmpty(txtEmail.Text) && !string.IsNullOrEmpty(txtPassword.Text))
{
DataBase db = new DataBase();
Classes.Login login = new Classes.Login();
login.Email = txtEmail.Text;
login.Password = txtPassword.Text;
User user = new User();
user = db.GetUserFromLogin(login);
if (user.IdTypeUser != 0)
{
TypeUser typeUser = user.IdTypeUser;
switch (typeUser)
{
case TypeUser.Organizzatore:
AddParticipants addParticipants = new AddParticipants();
addParticipants.Show();
this.Hide();
break;
case TypeUser.Invitato:
Partecipant guest = new Partecipant();
guest.Show();
this.Hide();
break;
case TypeUser.Utente:
Activity activity = new Activity();
activity.Show();
this.Hide();
break;
}
}
else
{
MessageBox.Show("Dati errati");
}
}
else
{
MessageBox.Show("Compila tutti i campi");
}
}
public JsonResult OnPostCheckUsername()
{
System.Diagnostics.Debug.WriteLine("OnPostCheckUsername()");
ResolutionsSystem rs = new ResolutionsSystem();
Classes.Login login = rs.GetLogin(Username);
bool valid = false;
if (login.Username == null)
{
valid = false;
}
else
{
valid = true;
}
return(new JsonResult(valid));
}
public Classes.Login GetLogin(string Username)
{
SqlConnection connection = new SqlConnection();
connection.ConnectionString = Util.GetConnectionString();
connection.Open();
SqlCommand command = new SqlCommand();
command.Connection = connection;
command.CommandType = CommandType.StoredProcedure;
command.CommandText = "GetLogin";
SqlParameter parameter = new SqlParameter()
{
ParameterName = "@Username",
SqlDbType = SqlDbType.VarChar,
Direction = ParameterDirection.Input,
SqlValue = Username
};
command.Parameters.Add(parameter);
SqlDataReader reader = command.ExecuteReader();
Classes.Login login = new Classes.Login();
reader.Read();
if (reader.HasRows)
{
login = new Classes.Login()
{
Username = reader["Username"].ToString(),
Password = reader["Password"].ToString(),
StaffType = reader["StaffType"].ToString()
};
}
return(login);
}
public IActionResult OnPost()
{
if (!ModelState.IsValid)
{
return(Page());
}
System.Diagnostics.Debug.WriteLine("OnPost()");
bool authenticated = false;
ResolutionsSystem rs = new ResolutionsSystem();
Classes.Login login = rs.GetLogin(Username);
System.Diagnostics.Debug.WriteLine($"Hash pass: {login.Password}");
bool passwordVerified = Util.Verify(Password, login.Password);
if (passwordVerified)
{
authenticated = true;
}
if (authenticated)
{
System.Diagnostics.Debug.WriteLine("User authenticated successfully");
HttpContext.Session.Set("Username", Util.StringToByteArray(Username));
HttpContext.Session.Set("StaffType", Util.StringToByteArray(login.StaffType));
return(new RedirectToPageResult("Index"));
}
else
{
System.Diagnostics.Debug.WriteLine("Login failed");
return(Page());
}
}