예제 #1
0
        //Creaza un sir de bytes nou si un hashcode pt parola nou introdusa folosind functiile puse la dispozitie de clasa PasswordSecurityManager
        public int resetPassword(String newPassword, int userID)
        {
            //Creare salt nou
            byte[] newSalt = securityManager.getSalt(16);
            //Generare hashcode pe baza salt
            String hashedPassword = securityManager.createPasswordHash(newPassword, newSalt);

            int executionResult = updatePassword(newSalt, hashedPassword, userID);

            return(executionResult);
        }
예제 #2
0
        private bool hasValidCredentials(DataTable inputDataTable, String userInputPassword)
        {
            //Verificare existenta date in DataTable
            if (inputDataTable != null && inputDataTable.Rows.Count == 1)
            {
                //Se extrage salt si hashcode-ul parolei
                byte[] salt       = (byte[])inputDataTable.Rows[0].ItemArray[2];
                String storedHash = inputDataTable.Rows[0].ItemArray[3].ToString();

                PasswordSecurityManager securityManager = new PasswordSecurityManager();

                //Se genereaza hashcode-ul parolei introduse de utilizator la autentificare
                String actualHash = securityManager.createPasswordHash(userInputPassword, salt);

                //Se compara daca cele doua hashcode-uri sunt identice
                return(storedHash.Equals(actualHash));
            }

            return(false);
        }
예제 #3
0
        private void registerButton_Click(object sender, EventArgs e)
        {
            string userName     = userNameTextBox.Text;
            string password     = passwordTextBox.Text;
            string emailAddress = emailTextBox.Text;

            if (!isValidUserName(userName))
            {
                MessageBox.Show("The username must have at least 3 characters and can contain only lowercase(a-z) and uppercase(A-Z) letters, digits(0-9) and underscores(_)!", "User registration", MessageBoxButtons.OK, MessageBoxIcon.Warning);
                return;
            }


            if (password.Length < minimumPasswordLength)
            {
                MessageBox.Show("Your password should be at least 10 characters long! Please try again.", "User registration", MessageBoxButtons.OK, MessageBoxIcon.Warning);
                return;
            }

            if (!isValidPassword(password))
            {
                MessageBox.Show("Invalid password! Your password must contain:\n1.Lowercase and uppercase letters (a-zA-z) \n2.Digits (0-9) \n3.Special characters (@#$%<>?)", "User registration", MessageBoxButtons.OK, MessageBoxIcon.Warning);
                return;
            }


            if (!isValidEmail(emailAddress))
            {
                MessageBox.Show("Invalid email address!", "User registration", MessageBoxButtons.OK, MessageBoxIcon.Warning);
                return;
            }

            if (userExists(getUser(sqlStatementCheckUserExistence, userName)))
            {
                MessageBox.Show("The selected username already exists! Please try again", "User registration", MessageBoxButtons.OK, MessageBoxIcon.Stop);
                return;
            }

            ConfirmationSender emailSender = new ConfirmationSender();

            string emailSubject     = "New user creation";
            string emailBody        = "A user creation request was made for an account that will associated to this email address.\nPlease enter the following code to finish user creation process and confirm your email: {0} \nIf you have not made such a request please ignore this email and delete it.";
            string onSuccessMessage = "An email containing the confirmation code for the new user creation was sent to the specified email address";
            string parentWindowName = "Register";

            string generatedConfirmationCode = emailSender.generateConfirmationCode();

            emailSender.sendConfirmationEmail(emailAddress, emailSubject, emailBody, generatedConfirmationCode, onSuccessMessage, parentWindowName);

            String userInputConfirmationCode = Interaction.InputBox("Enter the code received on your email to finish the user creation process:", "Confirmation Code", "Enter code", 200, 200);

            if (emailSender.confirmationCodesMatch(generatedConfirmationCode, userInputConfirmationCode))
            {
                PasswordSecurityManager securityManager = new PasswordSecurityManager();
                byte[]       salt                = securityManager.getSalt(16);
                string       hashCode            = securityManager.createPasswordHash(password, salt);
                MySqlCommand userCreationCommand = SQLCommandBuilder.getNewUserCreationCommand(sqlStatementCreateNewUser, userName, salt, hashCode, emailAddress);
                int          executionResult     = DBConnectionManager.insertData(userCreationCommand);

                if (executionResult == -1)
                {
                    MessageBox.Show("Could not create the requested user!", "Register", MessageBoxButtons.OK, MessageBoxIcon.Error);
                    return;
                }

                MessageBox.Show("Your user was succesfully created!", "Register", MessageBoxButtons.OK, MessageBoxIcon.Information);
                clearInputFields(textBoxes);
                registerButton.Enabled = false;
            }
            else
            {
                MessageBox.Show("Invalid confirmation code! Please try again.", "Register", MessageBoxButtons.OK, MessageBoxIcon.Error);
            }
        }