/// <summary> /// Log user in with a provided cryptographic token, used for "keep me logged in" purposes /// </summary> /// <param name="CryptographicToken"></param> /// <returns></returns> public static bool CrypticTokenLogin(string username, string cryptographicToken) { int userID = GetUserID(username); if (userID == -1) { return(false); } List <string> userData = ServerCommunication.GetRowFromID("Users", userID, new List <string>() { "Name", "Salt", "Permission", "CryptoToken" }); string providedToken = SecurityManager.DecryptDatabaseData("CryptoToken", cryptographicToken); string encProvidedToken = SecurityManager.OneWayEncryptor(providedToken, userData[1]); if (encProvidedToken == userData[3]) { LoggedIn = true; //Set client information SetClientData(userID, username, userData[0], Convert.ToInt32(userData[1])); return(true); } else { return(false); } }
/// <summary> /// Log in to the application, verifies users credentials /// </summary> /// <param name="username"></param> /// <param name="password"></param> /// <param name="stayLoggedIn"></param> /// <returns></returns> public static bool Login(string username, string password, bool stayLoggedIn = false) { int userID = GetUserID(username); if (userID == -1) { return(false); } //ID has been found, now check if password matches List <string> userData = ServerCommunication.GetRowFromID("Users", userID, new List <string>() { "Name", "Password", "Salt", "Permission" }); string pass = userData[1]; string salt = SecurityManager.DecryptDatabaseData("Salt", userData[2]); if (SecurityManager.ValidatePassword(password, pass, salt)) { LoggedIn = true; //Set client information int permLevel = SecurityManager.GetPermissionLevel(SecurityManager.DecryptDatabaseData("Permission", userData[3])); SetClientData(userID, username, userData[0], permLevel); } else { return(false); } if (stayLoggedIn) { SetNewCryptographicToken(salt); } return(true); }
private static int GetUserID(string username) { if (!ServerCommunication.IsActive || LoggedIn) { return(-1); } try { return(ServerCommunication.GetIDFromQuery("Users", "Username", SecurityManager.EncryptDatabaseData("Username", username))); } catch { return(-1); } }
private static void SetNewCryptographicToken(string userSalt) { //Save token to clientside device string cryptographicToken = SecurityManager.GenerateCryptographicToken(); cryptoToken = SecurityManager.EncryptDatabaseData("CryptoToken", cryptographicToken); client.CryptographicToken = cryptoToken; //Upload new cryptographic token to database string encryptedToken = SecurityManager.OneWayEncryptor(cryptographicToken, userSalt); ServerCommunication.EditRowFromID("Users", client.UserID, "CryptoToken", encryptedToken); }
public static bool ConnectToDatabase(string username, string password, string server, string database) { //First set connection to database try { ServerCommunication.SetConnection(client, username, password, server, database); //Now check if connection is valid ServerCommunication.Open(); Validation.Intialise(); return(true); } catch { return(false); } }
public static string CreateNewUser(string name, string address, string postcode, string email, string phone, string username, string password) { string salt = SecurityManager.GenerateNewSALT(); string encPass = SecurityManager.OneWayEncryptor(password, salt); List <string> columns = Validation.GetColumns("Users"); List <string> newData = new List <string>() { name, address, postcode, email, phone, username, encPass, DateTime.Now.ToShortTimeString(), salt, SecurityManager.GetPermissionString(0), "", "" }; List <string> encryptedData = DataEncryptor(columns, newData); string response = ServerCommunication.AddNewRow("Users", encryptedData); return(response); }
private static void SetClientData(int userID, string username, string name, int permissionLevel) { List <string> requestedInformation = new List <string>() { "EmployeeID", "BusinessID", "PermissionLevel" }; List <string> employeeInformation = ServerCommunication.GetRowFromQuery("Employees", "UserID", userID.ToString(), requestedInformation); if (employeeInformation != null) { int emplID = Convert.ToInt32(employeeInformation[0]); int busID = Convert.ToInt32(employeeInformation[1]); int busPerm = Convert.ToInt32(employeeInformation[2]); client = new Client(permissionLevel, userID, username, name, busID, emplID, busPerm); } else { client = new Client(permissionLevel, userID, username, name); } }