Exemplo n.º 1
0
        public string UserRecoveryAccount(byte[] ciphertoken, byte[] cipheraccuont,
                                          byte[] Key, byte[] IV)
        {
            var    rsa = new cryptography.SystemSupportRSA();
            string userName;
            string userMail;
            string user;
            string alias;
            string pass;
            string current_token;

            //string request = "";

            Database.Connect();
            command = new OdbcCommand
            {
                Connection  = Database.GetConn(),
                CommandType = CommandType.StoredProcedure,
                CommandText = "{call csg.User_RecoveryAccount(?)}"
            };
            command.Parameters.Add("Account", OdbcType.VarChar, 50).Value = rsa.DecryptStringFromBytes_Aes(cipheraccuont, Key, IV);


            dataReader = command.ExecuteReader();
            //Console.WriteLine("Read(): " + dataReader.Read() + " | HasRows: " + dataReader.HasRows);
            if (dataReader.Read())
            {
                //Validamos que el token vigente coincida
                if (rsa.DecryptStringFromBytes_Aes(ciphertoken, Key, IV).Equals(dataReader.GetString(3)))
                {
                    userName = dataReader.GetString(0);
                    user     = dataReader.GetString(1);
                    userMail = dataReader.GetString(2);
                    string code = dataReader.GetString(4);
                    Database.Disconnect();
                    //Creamos el nuevo token
                    string new_token = rsa.GetMd5Hash(user + DateTime.Now.Ticks.ToString());
                    //Actualizamos el token y pasamos el usetoken a SI
                    UpdateUserToken(new_token, code);
                    var mailservice = new mailservices.SystemSupportMail();
                    mailservice.SendRecoveryMail(username: userName, user: user, token: new_token,
                                                 subject: "Recuperación de cuenta Control de Servicios y Garantías", to: userMail);

                    return("s,Por favor revisa tu cuenta de correo " + userMail);
                }
                else
                {
                    Database.Disconnect();
                    return("f,No coincide el token");
                }
            }
            else
            {
                Database.Disconnect();
                return("f,Lo sentimos, no existe una cuenta con ese nombre de usuario o" +
                       " correo electrónico");
            }
        }
Exemplo n.º 2
0
        public void UserUpdatePass(byte[] cipherpass, byte[] ciphercode, byte[] Key, byte[] IV)
        {
            var rsa = new cryptography.SystemSupportRSA();

            try
            {
                Database.Connect();
                command = new OdbcCommand()
                {
                    Connection  = Database.GetConn(),
                    CommandType = CommandType.StoredProcedure,
                    CommandText = "{call csg.User_UpdatePass(?,?)}"
                };
                command.Parameters.Add("Pass", OdbcType.VarChar, 200).Value = rsa.GetMd5Hash(rsa.DecryptStringFromBytes_Aes(cipherpass, Key, IV));
                command.Parameters.Add("Code", OdbcType.VarChar, 20).Value  = rsa.DecryptStringFromBytes_Aes(ciphercode, Key, IV);
                if (command.ExecuteNonQuery() > 0)
                {
                    //return true;
                    UserCache.UserPass = rsa.GetMd5Hash(rsa.DecryptStringFromBytes_Aes(cipherpass, Key, IV));
                    //Console.WriteLine("Actualizó password a " + UserCache.UserPass);
                }
                else
                {
                    //return false;
                    //Console.WriteLine("NO actualizó password");
                }
            }
            catch (Exception)
            {
                throw;
            }
            finally
            {
                Database.Disconnect();
            }
        }
Exemplo n.º 3
0
        public bool UserLogin(byte[] cipheruser, byte[] cipherpass,
                              byte[] Key, byte[] IV)
        {
            var rsa = new cryptography.SystemSupportRSA();

            try
            {
                Database.Connect();
                command = new OdbcCommand
                {
                    Connection  = Database.GetConn(),
                    CommandType = CommandType.StoredProcedure,
                    CommandText = "{call csg.User_Login(?)}"
                };
                command.Parameters.Add("Account", OdbcType.VarChar, 50).Value = rsa.DecryptStringFromBytes_Aes(cipheruser, Key, IV);
                dataReader = command.ExecuteReader();
                if (dataReader.Read())
                {
                    UserCache.UserUseToken = dataReader.GetChar(11);
                    //Console.WriteLine("Usa token: " + UserCache.UserUseToken);
                    if (rsa.GetMd5Hash(rsa.DecryptStringFromBytes_Aes(cipherpass, Key, IV)).Equals(dataReader.GetString(4)) &&
                        UserCache.UserUseToken.Equals('N'))
                    {
                        //Console.WriteLine("Entra con password");
                        //Almacenar la variables de sesión
                        UserCache.UserCode          = dataReader.GetString(0);
                        UserCache.UserDefinition    = dataReader.GetString(1);
                        UserCache.UserAccount       = dataReader.GetString(2);
                        UserCache.UserEmail         = dataReader.GetString(3);
                        UserCache.UserPass          = dataReader.GetString(4);
                        UserCache.UserRol           = dataReader.GetString(6);
                        UserCache.UserRolDefinition = dataReader.GetString(13);
                        return(true);
                    }
                    //SI utiliza token esta en 'S'
                    else if (rsa.DecryptStringFromBytes_Aes(cipherpass, Key, IV).Equals(dataReader.GetString(5)) &&
                             UserCache.UserUseToken.Equals('S'))
                    {
                        //Console.WriteLine("Entra con token");
                        //Almacenar la variables de sesión
                        UserCache.UserCode          = dataReader.GetString(0);
                        UserCache.UserDefinition    = dataReader.GetString(1);
                        UserCache.UserAccount       = dataReader.GetString(2);
                        UserCache.UserEmail         = dataReader.GetString(3);
                        UserCache.UserPass          = dataReader.GetString(4);
                        UserCache.UserRol           = dataReader.GetString(6);
                        UserCache.UserRolDefinition = dataReader.GetString(13);
                        return(true);
                    }
                }
            }
            catch (Exception ex)
            {
                MessageBox.Show("Excepción controlada en UserDAO->UserLogin: "******"Excepción", MessageBoxButtons.OK, MessageBoxIcon.Error);
            }
            finally
            {
                Database.Disconnect();
            }
            return(false);
        }