//Creaza un sir de bytes nou si un hashcode pt parola nou introdusa folosind functiile puse la dispozitie de clasa PasswordSecurityManager public int resetPassword(String newPassword, int userID) { //Creare salt nou byte[] newSalt = securityManager.getSalt(16); //Generare hashcode pe baza salt String hashedPassword = securityManager.createPasswordHash(newPassword, newSalt); int executionResult = updatePassword(newSalt, hashedPassword, userID); return(executionResult); }
private bool hasValidCredentials(DataTable inputDataTable, String userInputPassword) { //Verificare existenta date in DataTable if (inputDataTable != null && inputDataTable.Rows.Count == 1) { //Se extrage salt si hashcode-ul parolei byte[] salt = (byte[])inputDataTable.Rows[0].ItemArray[2]; String storedHash = inputDataTable.Rows[0].ItemArray[3].ToString(); PasswordSecurityManager securityManager = new PasswordSecurityManager(); //Se genereaza hashcode-ul parolei introduse de utilizator la autentificare String actualHash = securityManager.createPasswordHash(userInputPassword, salt); //Se compara daca cele doua hashcode-uri sunt identice return(storedHash.Equals(actualHash)); } return(false); }
private void registerButton_Click(object sender, EventArgs e) { string userName = userNameTextBox.Text; string password = passwordTextBox.Text; string emailAddress = emailTextBox.Text; if (!isValidUserName(userName)) { MessageBox.Show("The username must have at least 3 characters and can contain only lowercase(a-z) and uppercase(A-Z) letters, digits(0-9) and underscores(_)!", "User registration", MessageBoxButtons.OK, MessageBoxIcon.Warning); return; } if (password.Length < minimumPasswordLength) { MessageBox.Show("Your password should be at least 10 characters long! Please try again.", "User registration", MessageBoxButtons.OK, MessageBoxIcon.Warning); return; } if (!isValidPassword(password)) { MessageBox.Show("Invalid password! Your password must contain:\n1.Lowercase and uppercase letters (a-zA-z) \n2.Digits (0-9) \n3.Special characters (@#$%<>?)", "User registration", MessageBoxButtons.OK, MessageBoxIcon.Warning); return; } if (!isValidEmail(emailAddress)) { MessageBox.Show("Invalid email address!", "User registration", MessageBoxButtons.OK, MessageBoxIcon.Warning); return; } if (userExists(getUser(sqlStatementCheckUserExistence, userName))) { MessageBox.Show("The selected username already exists! Please try again", "User registration", MessageBoxButtons.OK, MessageBoxIcon.Stop); return; } ConfirmationSender emailSender = new ConfirmationSender(); string emailSubject = "New user creation"; string emailBody = "A user creation request was made for an account that will associated to this email address.\nPlease enter the following code to finish user creation process and confirm your email: {0} \nIf you have not made such a request please ignore this email and delete it."; string onSuccessMessage = "An email containing the confirmation code for the new user creation was sent to the specified email address"; string parentWindowName = "Register"; string generatedConfirmationCode = emailSender.generateConfirmationCode(); emailSender.sendConfirmationEmail(emailAddress, emailSubject, emailBody, generatedConfirmationCode, onSuccessMessage, parentWindowName); String userInputConfirmationCode = Interaction.InputBox("Enter the code received on your email to finish the user creation process:", "Confirmation Code", "Enter code", 200, 200); if (emailSender.confirmationCodesMatch(generatedConfirmationCode, userInputConfirmationCode)) { PasswordSecurityManager securityManager = new PasswordSecurityManager(); byte[] salt = securityManager.getSalt(16); string hashCode = securityManager.createPasswordHash(password, salt); MySqlCommand userCreationCommand = SQLCommandBuilder.getNewUserCreationCommand(sqlStatementCreateNewUser, userName, salt, hashCode, emailAddress); int executionResult = DBConnectionManager.insertData(userCreationCommand); if (executionResult == -1) { MessageBox.Show("Could not create the requested user!", "Register", MessageBoxButtons.OK, MessageBoxIcon.Error); return; } MessageBox.Show("Your user was succesfully created!", "Register", MessageBoxButtons.OK, MessageBoxIcon.Information); clearInputFields(textBoxes); registerButton.Enabled = false; } else { MessageBox.Show("Invalid confirmation code! Please try again.", "Register", MessageBoxButtons.OK, MessageBoxIcon.Error); } }