/// <summary>
/// 文字列を復号化します。
/// </summary>
/// <param name="data">復号化したい文字</param>
public static string DecryptString(string data)
{
if (string.IsNullOrEmpty(data))
{
return(string.Empty);
}
else
{
return(Encrypter.DecryptString(data, AppSetting.ApplicationId));
}
}
// ****************************************************************************************************
// 公開メソッド定義
// ****************************************************************************************************
/// <summary>
/// パスワードを取得します。
/// </summary>
/// <returns>複合化したパスワード</returns>
public string GetPassword()
{
if (!string.IsNullOrWhiteSpace(Password))
{
return(Encrypter.DecryptString(Password, Variables.ApplicationId));
}
else
{
return(string.Empty);
}
}
public ClaimsIdentity Auth(AuthParameters user)
{
var person = _clientRepository.GetByLogin(user.Login);
if (person == null)
{
return(null);
}
var personPassord = Encrypter.DecryptString(person.PasswordHash, KEY);
if (user.Password != personPassord)
{
throw new WrongPasswordException();
}
var claims = new List <Claim>
{
new Claim(ClaimsIdentity.DefaultNameClaimType, person.Login),
new Claim(ClaimsIdentity.DefaultRoleClaimType, person.Role.Name)
};
return(new ClaimsIdentity(claims, "Token", ClaimsIdentity.DefaultNameClaimType, ClaimsIdentity.DefaultRoleClaimType));
}
public Startup()
{
var builder = new ConfigurationBuilder()
.SetBasePath(AppContext.BaseDirectory)
.AddJsonFile("config.json", optional: true, reloadOnChange: true)
.AddJsonFile($"appsettings.{Environment.GetEnvironmentVariable("ASPNETCORE_ENVIRONMENT")}.json", optional: true);
Configuration = builder.Build();
var env = string.IsNullOrEmpty(Program.ReporterArgs.Environment)
? "Production"
: Program.ReporterArgs.Environment;
var encryptedConnectionString = Configuration.GetConnectionString(env);
if (string.IsNullOrEmpty(encryptedConnectionString))
{
Environment.ExitCode = -1;
throw new Exception($"Connection String Is Empty For {env}. Add It To config.json");
}
ConnectionString = Encrypter.DecryptString(encryptedConnectionString, Encrypter.Key);
Program.ReporterArgs.DbName = new SqlConnectionStringBuilder(ConnectionString).InitialCatalog;
}
//Logs user with provided first name, last name and personal id number
private void btnLogin_Click(object sender, RoutedEventArgs e)
{
//Connect to database and create Voter object
VotingDatabaseEntities db = new VotingDatabaseEntities();
string personalIdNumber = tbPersonalId.Text;
Voter loggedVoter = new Voter(tbFirstName.Text, tbLastName.Text, personalIdNumber);
//Failure flags
bool isBlacklisted = false;
bool isUnderaged = false;
bool hasVoted = false;
bool isIncorrect = false;
//Check validity of personal id number
isIncorrect = PESELValidator.PESEL(personalIdNumber);
isBlacklisted = PESELValidator.IsBlacklisted(personalIdNumber);
isUnderaged = PESELValidator.IsUnderaged(personalIdNumber);
var voters = db.Voters;
var result = voters.Select(x => x.PersonalIdNumber).ToList();
//Decrypt personal id number from database and compare it with given one
if (result.Count != 0)
{
foreach (string voterId in result)
{
if (Encrypter.DecryptString(voterId) == personalIdNumber)
{
hasVoted = true;
break;
}
}
}
//Handling of invalid personal id number
if (isIncorrect)
{
MessageBox.Show("Personal ID number is incorrect!");
}
else if (isUnderaged || isBlacklisted)
{
//Update information about disallowed logging tries
var statisticsTable = db.Statistics;
var disallowedTries = statisticsTable.SingleOrDefault(x => x.StatisticId == 1);
disallowedTries.DisallowedTries++;
db.SaveChanges();
MessageBox.Show("You are disallowed to vote!");
}
else if (hasVoted)
{
MessageBox.Show("You have already voted!");
}
else
{
//If personal id number is valid, sendu user to voting page
VotingPage votingPage = new VotingPage(loggedVoter);
NavigationService.Navigate(votingPage);
}
}
public async static Task Authenticate()
{
if (!api.IsAuthenticated)
{
var user = new User {
Email = "", Password = "", AuthToken = "", UserID = ""
};
var credentialFile = Path.Combine(QCPluginUtilities.InstallPath, "credentials.config");
QCPluginUtilities.OutputCommandString("Authenticating QC user...", QCPluginUtilities.Severity.Info);
if (File.Exists(credentialFile))
{
var userData = File.ReadAllText(credentialFile);
var jsonUser = JsonConvert.DeserializeAnonymousType <User>(userData, user);
user.Email = Encrypter.DecryptString(jsonUser.Email);
user.Password = Encrypter.DecryptString(jsonUser.Password);
user.UserID = Encrypter.DecryptString(jsonUser.UserID);
user.AuthToken = Encrypter.DecryptString(jsonUser.AuthToken);
}
try
{
await api.Authenticate(user.Email, user.Password, user.UserID, user.AuthToken);
}
catch (Exception ex)
{
QCPluginUtilities.OutputCommandString("Authentication error: " + ex.ToString(), QCPluginUtilities.Severity.Error);
QCPluginUtilities.OutputCommandString("Failed to authenticate. Enter credentials manually.", QCPluginUtilities.Severity.Info);
bool remember = false;
var win = new FormLogin(user.Email, user.Password, user.UserID, user.AuthToken);
win.SuccessCallback = (email2, pass2, uid2, authtoken2, remember2) =>
{
user.Email = Encrypter.EncryptString(email2);
user.Password = Encrypter.EncryptString(pass2);
user.UserID = Encrypter.EncryptString(uid2);
user.AuthToken = Encrypter.EncryptString(authtoken2);
remember = remember2;
return(api.Authenticate(email2, pass2, uid2, authtoken2));
};
win.ShowDialog();
if (!api.IsAuthenticated)
{
throw new Exception("User authentication failed");
}
else if (remember)
{
var jsonUser = JsonConvert.SerializeObject(user);
if (File.Exists(credentialFile))
{
File.Delete(credentialFile);
}
File.WriteAllText(credentialFile, jsonUser);
}
}
QCPluginUtilities.OutputCommandString("User authenticated successfuly.", QCPluginUtilities.Severity.Info);
}
}
