/// <summary>
/// Log user in with a provided cryptographic token, used for "keep me logged in" purposes
/// </summary>
/// <param name="CryptographicToken"></param>
/// <returns></returns>
public static bool CrypticTokenLogin(string username, string cryptographicToken)
{
int userID = GetUserID(username);
if (userID == -1)
{
return(false);
}
List <string> userData = ServerCommunication.GetRowFromID("Users", userID, new List <string>()
{
"Name", "Salt", "Permission", "CryptoToken"
});
string providedToken = SecurityManager.DecryptDatabaseData("CryptoToken", cryptographicToken);
string encProvidedToken = SecurityManager.OneWayEncryptor(providedToken, userData[1]);
if (encProvidedToken == userData[3])
{
LoggedIn = true;
//Set client information
SetClientData(userID, username, userData[0], Convert.ToInt32(userData[1]));
return(true);
}
else
{
return(false);
}
}
/// <summary>
/// Log in to the application, verifies users credentials
/// </summary>
/// <param name="username"></param>
/// <param name="password"></param>
/// <param name="stayLoggedIn"></param>
/// <returns></returns>
public static bool Login(string username, string password, bool stayLoggedIn = false)
{
int userID = GetUserID(username);
if (userID == -1)
{
return(false);
}
//ID has been found, now check if password matches
List <string> userData = ServerCommunication.GetRowFromID("Users", userID, new List <string>()
{
"Name", "Password", "Salt", "Permission"
});
string pass = userData[1];
string salt = SecurityManager.DecryptDatabaseData("Salt", userData[2]);
if (SecurityManager.ValidatePassword(password, pass, salt))
{
LoggedIn = true;
//Set client information
int permLevel = SecurityManager.GetPermissionLevel(SecurityManager.DecryptDatabaseData("Permission", userData[3]));
SetClientData(userID, username, userData[0], permLevel);
}
else
{
return(false);
}
if (stayLoggedIn)
{
SetNewCryptographicToken(salt);
}
return(true);
}