protected void Page_Load(object sender, EventArgs e)
{
// Set the focus on the User ID Textbox
UserIDTextBox.Focus();
if (IsPostBack)
{
SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["RegistrationConnectionString"].ConnectionString);
conn.Open();
try
{
String checkUserID = "select count(*) from Login where USERID ='" + UserIDTextBox.Text + "'";
SqlCommand com = new SqlCommand(checkUserID, conn);
int checkID = Convert.ToInt32(com.ExecuteScalar().ToString());
// Check if the user already exists
if (checkID == 1)
{
ErrorLabel.Text = "The user already exists.";
}
}
catch (Exception)
{
}
conn.Close();
}
}
protected void Page_Load(object sender, EventArgs e)
{
// [ユーザーID]ボックスにフォーカスをセットする
UserIDTextBox.Focus();
// [ログオン]ボタンをこのWebフォームの既定ボタンにする
this.Form.DefaultButton = LogonButton.UniqueID;
}
private int CheckUser(OleDbConnection Connection, string ID, string password)
{
OleDbCommand comm = new OleDbCommand();
comm.Connection = Connection;
comm.CommandText = "select * from [users] where 用户ID= @ID";
comm.Parameters.AddWithValue("@ID", ID);
OleDbDataReader sdr = comm.ExecuteReader(); //执行查询
if (sdr.Read()) //如果该用户存在
{
if (sdr["密码"].ToString().Trim() == password) //密码正确
{
//MessageBox.Show("登录成功!", "提示");
userID = Convert.ToInt32(sdr["用户ID"]);
comm.Dispose();
sdr.Close();
sdr.Dispose();
this.Hide();
return(userID);
}
else //密码错误
{
MessageBox.Show("您输入的密码有误,请重新输入!", "警告");
this.UserPWTextBox.Text = null;
this.UserPWTextBox.Focus();
sdr.Close();
sdr.Dispose();
return(0);
}
}
else
{
MessageBox.Show("该用户不存在,请检查后重新输入!", "警告");
this.UserIDTextBox.Text = null;
this.UserPWTextBox.Text = null;
UserIDTextBox.Focus();
sdr.Close();
sdr.Dispose();
return(0);
}
}
private int CheckUser(SqlConnection Connection, string ID, string password)
{
string searchsql = "select * from users where 用户ID='" + ID + "'";
SqlCommand comm = new SqlCommand(searchsql, Connection);
SqlDataReader sdr = comm.ExecuteReader(); //执行查询
if (sdr.Read()) //如果该用户存在
{
if (sdr["密码"].ToString().Trim() == password) //密码正确
{
//MessageBox.Show("登录成功!", "提示");
userID = Convert.ToInt32(sdr["用户ID"]);
comm.Dispose();
sdr.Close();
sdr.Dispose();
this.Hide();
return(userID);
}
else //密码错误
{
MessageBox.Show("您输入的密码有误,请重新输入!", "警告");
this.UserPWTextBox.Text = null;
this.UserPWTextBox.Focus();
sdr.Close();
sdr.Dispose();
return(0);
}
}
else
{
MessageBox.Show("该用户不存在,请检查后重新输入!", "警告");
this.UserIDTextBox.Text = null;
this.UserPWTextBox.Text = null;
UserIDTextBox.Focus();
sdr.Close();
sdr.Dispose();
return(0);
}
}
private void SignInButton_Click(object sender, EventArgs e)
{
if (string.IsNullOrEmpty(UserIDTextBox.Text))
{
ShowTips("请输入用户名!");
UserIDTextBox.Focus();
return;
}
if (string.IsNullOrEmpty(PasswordTextBox.Text))
{
ShowTips("请输入密码!");
PasswordTextBox.Focus();
return;
}
if (!Logining)
{
//开始登录
Logining = true;
ShowTips("正在登录...");
LoginThread = new Thread(Login);
LoginThread.Start();
}
else
{
//取消登录
LoginSocket?.Close();
LoginSocket?.Dispose();
LoginThread?.Abort();
UserIDTextBox.Enabled = true;
PasswordTextBox.Enabled = true;
SignInButton.Text = "Sign In";
ShowTips("已取消登录。");
Logining = false;
}
}
protected void Page_Load(object sender, EventArgs e)
{
UserIDTextBox.Focus();
this.Form.DefaultButton = LogonButton.UniqueID;
}
private void ButtonNext_Click(object sender, RoutedEventArgs e)
{
PasswordTextBox.Password = GetSha512FromString(PasswordTextBox.Password);
//MessageBox.Show(PasswordTextBox.Password);
try
{
con = new SqlConnection(connectionString);
con.Open();
cmd = new SqlCommand("select * from [dbo].[test] where UserID = '" + UserIDTextBox.Text + "' and Password = '******'", con);
reader = cmd.ExecuteReader();
int count = 0;
while (reader.Read())
{
count += 1;
Console.WriteLine(" | UserID : " + reader.GetString(0) + " | Password : "******" | Name : " + reader.GetString(2) + " | Email : " + reader.GetString(3) + " | ContactNo : " + reader.GetString(4));
}
if (count == 1)
{
string userID = UserIDTextBox.Text;
string[][] userList = checkUserEligibility(userID, connectionString);
UserModel.UserModel.currentUserID = userID;
string currentUser = UserModel.UserModel.currentUserID;
//MessageBox.Show(currentUser + "is thios");
UserModel.UserModel um = UserModel.UserModel.retrieveUserFromDatabase(currentUser);
Console.WriteLine(um.userPassword);
string checkForFollowUp = UserModel.UserModel.checkFollowUp(userID, connectionString);
(App.Current as App).LoginUserID = UserIDTextBox.Text;
try
{
con = new SqlConnection(connectionString);
con.Open();
cmd = new SqlCommand("select count(*) from [dbo].[FailedAttempt] where UserID = '" + UserIDTextBox.Text + "'", con);
Int32 noOfFailedLoginAttempt = (Int32)cmd.ExecuteScalar();
//MessageBox.Show(noOfFailedLoginAttempt.ToString() + " unsuccessful login attempt(s)");
if (noOfFailedLoginAttempt > 3)
{
MessageBox.Show("Account is locked , please complete TWO FA");
string subject = "Authentication Message";
string subjectBody = "Authentication Code is ";
UserModel.UserModel cm = UserModel.UserModel.currentUserModel;
string email = cm.userEmail;
UserModel.UserModel.do2fa(subject, subjectBody, email);
Page authentication1 = new Authentication1();
this.NavigationService.Navigate(authentication1);
}
else
{
if (checkForFollowUp == "True")
{
//MessageBox.Show("Account is locked , please complete TWO FA");
string subject = "Authentication Message";
string subjectBody = "Authentication Code is ";
UserModel.UserModel cm = UserModel.UserModel.currentUserModel;
string email = cm.userEmail;
UserModel.UserModel.do2fa(subject, subjectBody, email);
Page authentication = new Authentication();
this.NavigationService.Navigate(authentication);
}
else
{
//MessageBox.Show("Account not locked.");
if (userList.Count() < 30)
{
string date = AlgorithmLibary.PredictionModel.getCurrentDate();
string loginTime = DateTime.Now.ToString("HH.mm");
string publicIP = PredictionModel.getCurrentPublicIP();
string publicMAC = PredictionModel.getCurrentMAC();
string userLogInPreference = getUserLogInPreference(userID, connectionString);
string userComputerPreference = getUserComputerPreference(userID, connectionString);
//The method below is supposed to read from the database all the entries of hostname for this specific user
string[] currentHostnameSet = getUserHostNameSet(userID, connectionString);
foreach (var element in currentHostnameSet)
{
Console.WriteLine(element + "JADSjc");
}
//string[] currentHostnameSet =
//{
// "JUSTINSOH-PC",
// "JUSTINSOH-PC",
// "JUSTINSOH-PC",
// "JUSTINSOH-PCC",
// "JUSTINSOH-PCC",
// "JUSTINSOH-PCC",
//};
double logInRisk = evaulateUserLogInString(userLogInPreference, loginTime);
double userHostRisk = evaulateUserComputerPreference(userComputerPreference, currentHostnameSet);
logInRisk = logInRisk * 0.3;
userHostRisk = userHostRisk * 0.7;
double totalRisk = logInRisk + userHostRisk;
Console.WriteLine(userHostRisk + " HOSTNAME");
Console.WriteLine(logInRisk + "LOG IN RISK");
Console.WriteLine(totalRisk);
string riskStatement = null;
string riskStatementLevel = null;
if (totalRisk <= 0.4)
{
riskStatementLevel = "Low";
riskStatement = "The risk level is low";
UserModel.UserModel.saveDateTimeOfUser(userID, connectionString, loginTime, date, publicIP, publicMAC);
Page cloud = new StartupPage();
this.NavigationService.Navigate(cloud);
}
// Removing access control and giving access control
else if (totalRisk <= 0.70)
{
riskStatementLevel = "Medium";
riskStatement = "The risk level is medium";
Page cloud = new StartupPage();
UserModel.UserModel.saveDateTimeOfUser(userID, connectionString, loginTime, date, publicIP, publicMAC);
//MessageBox.Show("Entry Saved");
//UserModel.UserModel.deleteDateTimeOfUser(userID, connectionString, loginTime, date);
//MessageBox.Show("Entry Deleted");
this.NavigationService.Navigate(cloud);
//Remove Access Control
}
//Instantly Re authenticate
else if (totalRisk > 0.70)
{
riskStatementLevel = "High";
riskStatement = "The risk level is high";
string subject = "Authentication Message";
string subjectBody = "Authentication Code is ";
UserModel.UserModel cm = UserModel.UserModel.currentUserModel;
Console.WriteLine(cm.userName + "Hellolols");
string email = cm.userEmail;
UserModel.UserModel.do2fa(subject, subjectBody, email);
Page authentication = new Authentication();
this.NavigationService.Navigate(authentication);
MessageBox.Show("2FA has been sent to your email");
}
PredictionModel.SessionRiskValue = riskStatementLevel;
Console.WriteLine(riskStatement);
MessageBox.Show(riskStatement);
}
else if (userList.Count() >= 30)
{
//Run the login prediction
string date = AlgorithmLibary.PredictionModel.getCurrentDate();
string loginTime = DateTime.Now.ToString("HH.mm");
string publicIP = PredictionModel.getCurrentPublicIP();
string publicMAC = PredictionModel.getCurrentMAC();
string[][] logInCollection = getUserLogInData(userID, connectionString);
double testTime = Convert.ToDouble(loginTime);
double testDay = Convert.ToDouble(date);
PredictionModel logInPredictionModel = new PredictionModel(testTime, testDay, logInCollection);
string logInRiskLevel = logInPredictionModel.logInRisk;
string logInOutput = logInPredictionModel.logInOutput;
Console.WriteLine(logInOutput);
Console.WriteLine("The risk level is " + logInRiskLevel);
string[][] ipAddressCollection = getUserIPAddressCollection(userID, connectionString);
Console.Write(ipAddressCollection.Count());
string[] query = new string[] { publicIP, publicMAC, date };
PredictionModel ipPredictionModel = new PredictionModel(ipAddressCollection, query);
string ipRisk = ipPredictionModel.ipRisk;
string ipOutput = ipPredictionModel.ipOutput;
Console.WriteLine(ipOutput);
double logInPercentage = Convert.ToDouble(logInRiskLevel) / 5.0;
double ipPercentage = Convert.ToDouble(ipRisk);
logInPercentage = (logInPercentage / 100) * 30;
ipPercentage = (ipPercentage / 100) * 70;
double riskLevel = logInPercentage + ipPercentage;
Console.WriteLine(logInPercentage);
Console.WriteLine(ipRisk);
Console.WriteLine(riskLevel);
string riskStatement = null;
string riskStatementLevel = null;
//Can do anything
if (riskLevel <= 0.4)
{
riskStatementLevel = "Low";
riskStatement = "The risk level is low";
UserModel.UserModel.saveDateTimeOfUser(userID, connectionString, loginTime, date, publicIP, publicMAC);
//Navigate To Chester
Page cloud = new StartupPage();
this.NavigationService.Navigate(cloud);
}
// Removing access control and giving access control
else if (riskLevel <= 0.70)
{
riskStatementLevel = "Medium";
riskStatement = "The risk level is medium";
Page cloud = new StartupPage();
UserModel.UserModel.saveDateTimeOfUser(userID, connectionString, loginTime, date, publicIP, publicMAC);
//MessageBox.Show("Entry Saved");
//UserModel.UserModel.deleteDateTimeOfUser(userID, connectionString, loginTime, date);
//MessageBox.Show("Entry Deleted");
this.NavigationService.Navigate(cloud);
//Remove Access Control
}
//Instantly Re authenticate
else if (riskLevel > 0.70)
{
riskStatementLevel = "High";
riskStatement = "The risk level is high";
//Do 2FA
string subject = "Authentication Message";
string subjectBody = "Authentication Code is ";
UserModel.UserModel cm = UserModel.UserModel.currentUserModel;
string email = cm.userEmail;
UserModel.UserModel.do2fa(subject, subjectBody, email);
Page authentication = new Authentication();
this.NavigationService.Navigate(authentication);
MessageBox.Show("2FA has been sent to your email");
}
PredictionModel.SessionRiskValue = riskStatementLevel;
Console.WriteLine("The current Risk Level is " + riskLevel);
Console.WriteLine(riskStatement);
MessageBox.Show(riskStatement);
}
}
(App.Current as App).LoginUserID = UserIDTextBox.Text;
//MessageBox.Show("Successful Login.");
//this.NavigationService.Navigate(new Uri(@"EditUserInfo.xaml", UriKind.RelativeOrAbsolute));
}
}
catch (Exception ex)
{
System.Windows.MessageBox.Show(ex.Message);
}
finally
{
con.Close();
}
}
else
{
MessageBox.Show("Invalid user id or password.");
try
{
con = new SqlConnection(connectionString);
con.Open();
cmd = new SqlCommand("select * from [dbo].[test] where UserID = '" + UserIDTextBox.Text + "'", con);
reader = cmd.ExecuteReader();
int countt = 0;
while (reader.Read())
{
countt += 1;
}
if (countt == 1)
{
try
{
con = new SqlConnection(connectionString);
con.Open();
cmd = new SqlCommand("INSERT INTO[dbo].[FailedAttempt](UserID, Date) VALUES (@UserID, @Date)", con);
cmd.Parameters.AddWithValue("@UserID", UserIDTextBox.Text);
cmd.Parameters.AddWithValue("@Date", DateTime.Now.ToShortDateString());
cmd.ExecuteNonQuery();
try
{
con = new SqlConnection(connectionString);
con.Open();
cmd = new SqlCommand("select count(*) from [dbo].[FailedAttempt] where UserID = '" + UserIDTextBox.Text + "'", con);
Int32 noOfFailedLoginAttempt = (Int32)cmd.ExecuteScalar();
MessageBox.Show(noOfFailedLoginAttempt.ToString() + " unsuccessful login attempt(s)");
}
catch (Exception ex)
{
System.Windows.MessageBox.Show(ex.Message);
}
finally
{
con.Close();
}
}
catch (Exception ex)
{
System.Windows.MessageBox.Show(ex.Message);
}
finally
{
con.Close();
}
}
}
catch (Exception ex)
{
System.Windows.MessageBox.Show(ex.Message);
}
finally
{
con.Close();
}
}
UserIDTextBox.Clear();
PasswordTextBox.Clear();
}
catch (Exception ex)
{
System.Windows.MessageBox.Show(ex.Message);
}
finally
{
con.Close();
}
}
private void LoginButton_Click(object sender, EventArgs e)
{
//if (UserIDTextBox.Text.Trim() == "" || UserPWTextBox.Text.Trim() == "")
if (false)
{
MessageBox.Show("提示:请输入操作员ID和密码!", "警告");
UserIDTextBox.Focus();
}
else
{
String myID = this.UserIDTextBox.Text;
String mypassword = this.UserPWTextBox.Text;
if (Parameter.isSqlOk)
{
Parameter.userID = CheckUser(Parameter.connUser, myID, mypassword);
if (Parameter.userID != 0)
{
Parameter.userName = Parameter.IDtoName(Parameter.userID);
Parameter.userRole = Parameter.IDtoRole(Parameter.userID);
Parameter.userflight = Parameter.IDtoFlight(Parameter.userID);
// ID和密码匹配完成,获取本机UUID,获取服务器的UUID
// 如果相同或者服务器的UUID为空,则update
// 否则弹出提示,问是否登陆
String localUUID = Utility.getUUID();
SqlDataAdapter da = new SqlDataAdapter("select * from users where 用户ID='" + myID + "'", Parameter.connUser);
SqlCommandBuilder cb = new SqlCommandBuilder(da);
DataTable dt = new DataTable("user");
da.Fill(dt);
if (dt.Rows.Count < 1)
{
return;
}
String remoteUUID = dt.Rows[0]["token"].ToString();
if (localUUID == remoteUUID || remoteUUID == "")
{
dt.Rows[0]["token"] = localUUID;
da.Update(dt);
}
else
{
if (DialogResult.OK == MessageBox.Show("该账号已在别处登陆,是否继续?", "登陆确认", MessageBoxButtons.OKCancel))
{
dt.Rows[0]["token"] = localUUID;
da.Update(dt);
}
else
{
this.Close();
Application.ExitThread();
//return;
}
}
//InstruReceive();
}
}
else
{
Parameter.userID = CheckUser(Parameter.connOleUser, myID, mypassword);
if (Parameter.userID != 0)
{
Parameter.userName = Parameter.IDtoName(Parameter.userID);
Parameter.userRole = Parameter.IDtoRole(Parameter.userID);
Parameter.userflight = Parameter.IDtoFlight(Parameter.userID);
//InstruReceive();
}
}
}
}
