public bool CheckPasswordForLogin(string passwordEntered, User user) { try { byte[] hashBytes = Convert.FromBase64String(user.PasswordHash); byte[] salt = new byte[16]; Array.Copy(hashBytes, 0, salt, 0, 16); var pbkdf2 = new Rfc2898DeriveBytes(passwordEntered, salt, 10000); byte[] hash = pbkdf2.GetBytes(20); for (int i = 0; i < 20; i++) { if (hashBytes[i + 16] != hash[i]) { return false; } } } catch (Exception ex) { Console.WriteLine(ex.Message); return false; } return true; }
public Deck(string deckId, string deckName, User deckUser, string deckClass) { CardList = new List<Card>(); DeckId = deckId; DeckName = deckName; DeckUser = deckUser; DeckClass = deckClass; }
public bool DeleteUser(User user) { NpgsqlConnection conn = _databaseConnection.ConnectToDatabase(); conn.CreateCommand(); NpgsqlCommand command = new NpgsqlCommand("delete from DBUser where username = :value1"); command.Parameters.Add(new NpgsqlParameter("value1", DbType.String)); command.Parameters[0].Value = user.UserName; command.Connection = conn; if (_databaseConnection.ExecuteChangeQuery(command, conn)) { return true; } return false; }
public bool CreateNewDeck(string deckname, User user, string className) { NpgsqlConnection conn = databaseConnection.ConnectToDatabase(); conn.CreateCommand(); NpgsqlCommand command = new NpgsqlCommand("insert into dbdeck(deckname, username, deckclass) values(:value1, :value2, :value3)", conn); command.Parameters.Add(new NpgsqlParameter("value1", DbType.String)); command.Parameters.Add(new NpgsqlParameter("value2", DbType.String)); command.Parameters.Add(new NpgsqlParameter("value3", DbType.String)); command.Parameters[0].Value = deckname; command.Parameters[1].Value = user.UserName; command.Parameters[2].Value = className; command.Connection = conn; if (databaseConnection.ExecuteChangeQuery(command, conn)) { return true; } return false; }
public Deck() { CardList = new List<Card>(); DeckUser = new User(); }
public Deck getNewestDeckByUser(User user) { List<Deck> deckList = deckDatabaseController.GetAllDecksByUser(user); return deckList.ToArray()[0]; }
public List<Deck> GetAllDecksByUser(User user) { List<Deck> deckList = new List<Deck>(); NpgsqlConnection conn = databaseConnection.ConnectToDatabase(); conn.CreateCommand(); NpgsqlCommand command = new NpgsqlCommand("select * from dbdeck where username = :value1", conn); command.Parameters.Add(new NpgsqlParameter("value1", DbType.String)); command.Parameters[0].Value = user.UserName; command.Connection = conn; DataTable result = databaseConnection.ExecuteSelectQuery(command, conn); if (result != null) { for (int i = 0; i < result.Rows.Count; i++) { deckList.Add(new Deck(result.Rows[i].ItemArray[0].ToString(), result.Rows[i].ItemArray[1].ToString(), user, result.Rows[i].ItemArray[3].ToString())); } } conn = databaseConnection.ConnectToDatabase(); conn.CreateCommand(); command = new NpgsqlCommand("select ctd.deckid, ctd.cardid, ctd.cardtodeckid from dbcardtodeck as ctd join dbdeck as d on d.deckid = ctd.deckid join dbuser u on u.username = d.username where u.username = :value1", conn); command.Parameters.Add(new NpgsqlParameter("value1", DbType.String)); command.Parameters[0].Value = user.UserName; command.Connection = conn; result = databaseConnection.ExecuteSelectQuery(command, conn); if (result != null) { foreach (Deck d in deckList) { for (int i = 0; i < result.Rows.Count; i++) { if (result.Rows[i].ItemArray[0].ToString().Equals(d.DeckId)) { d.CardList.Add(new Card(result.Rows[i].ItemArray[1].ToString(), result.Rows[i].ItemArray[2].ToString())); } } } } return deckList; }
public User GetUser(string username) { NpgsqlConnection conn = _databaseConnection.ConnectToDatabase(); conn.CreateCommand(); NpgsqlCommand command = new NpgsqlCommand("select * from DBUser where username = :value1", conn); command.Parameters.Add(new NpgsqlParameter("value1", DbType.String)); command.Parameters[0].Value = username; command.Connection = conn; DataTable result = _databaseConnection.ExecuteSelectQuery(command, conn); User user = new User(); if (result != null) { user.UserName = result.Rows[0].ItemArray[0].ToString(); user.PasswordHash = result.Rows[0].ItemArray[1].ToString(); user.PasswordSalt = result.Rows[0].ItemArray[2].ToString(); } else { Console.WriteLine("Couldn't get user!"); } return user; }
public bool UpdateUserPassword(User user, string newPassword) { NpgsqlConnection conn = _databaseConnection.ConnectToDatabase(); conn.CreateCommand(); byte[] passwordSalt = CryptoHandler.GeneratePasswordSalt(); string passwordHash = CryptoHandler.HashPassword(newPassword, passwordSalt); NpgsqlCommand command = new NpgsqlCommand("update DBUser set passwordhash = :value1, passwordsalt = :value2 where username = :value3"); command.Parameters.Add(new NpgsqlParameter("value1", DbType.String)); command.Parameters.Add(new NpgsqlParameter("value2", DbType.String)); command.Parameters.Add(new NpgsqlParameter("value3", DbType.String)); command.Parameters[0].Value = passwordHash; command.Parameters[1].Value = Convert.ToBase64String(passwordSalt); command.Parameters[2].Value = user.UserName; command.Connection = conn; if (_databaseConnection.ExecuteChangeQuery(command, conn)) { return true; } return false; }