Exemplo n.º 1
0
        /// <summary>
        /// A method to display the ResetMyPassword form when the appropriate menu item is selected
        /// </summary>
        /// <param name="sender">The parameter is not used.</param>
        /// <param name="e">The parameter is not used.</param>
        private void ChangeMyPasswordToolStripMenuItem_Click(object sender, EventArgs e)
        {
            ResetMyPassword passwordResetForm = new ResetMyPassword {
                MdiParent = this
            };

            passwordResetForm.Show();
        }
Exemplo n.º 2
0
        /// <summary>
        /// Method to match password with the database (using salted hash), then login and load the role form
        /// </summary>
        /// <param name="username">The username string entered by the user</param>
        /// <param name="password">The password string entered by the user</param>
        private void Login(string username, string password)
        {
            try
            {
                using (db_sft_2172Entities context = new db_sft_2172Entities())
                {
                    var userQuery = from u in context.Users
                                    where u.UserID.Equals(username)
                                    select u;

                    if (userQuery.Any())
                    {
                        var userResult = userQuery.FirstOrDefault();

                        // Determine whether user is active.  If not, display a message and Logout.
                        if (!userResult.IsActive)
                        {
                            MessageBox.Show(
                                @"Sorry, this user is inactive.  Please contact an administrator if you need to reactivate your account.");
                            Program.Logout();

                            return;
                        }

                        /*************************************************************/
                        /** Applying salted hash technique to verify password       **/
                        /**                                                         **/
                        /** If you wish to use a non-encrypted password, uncomment  **/
                        /** the first "if" statement below                          **/
                        /** Otherwise, uncomment the second "if" to use encryption. **/
                        /*************************************************************/
                        if (SaltedHash.Verify(userResult.PasswordSalt, userResult.Password, password))
                        {
                            // Update static variable containing User ID
                            Program.CurrentUser = userResult.UserID;

                            // If flag is set to reset password, load the Change Password form.
                            if (userResult.ResetPassword != null)
                            {
                                MessageBox.Show(
                                    @"Your password is outdated and needs to be changed.  Please reset your password now.");

                                ResetMyPassword changePassword = new ResetMyPassword();
                                changePassword.ShowDialog();
                            }
                            else
                            {
                                // If any of these three values are true, update static variables
                                if (userResult.IsSupervisor)
                                {
                                    Program.IsSupervisor = true;
                                }

                                if (userResult.IsAdmin)
                                {
                                    Program.IsAdmin = true;
                                }

                                // Close window once finished
                                this.Close();
                            }
                        }
                        else
                        {
                            MessageBox.Show(@"Sorry, invalid username or password.  Please try again!");
                            this.txtUsername.Text = string.Empty;
                            this.txtPassword.Text = string.Empty;
                            this.txtUsername.Focus();
                        }
                    }
                    else
                    {
                        MessageBox.Show(@"Sorry, invalid username or password.  Please try again!");
                        this.txtUsername.Text = string.Empty;
                        this.txtPassword.Text = string.Empty;
                        this.txtUsername.Focus();
                    }
                }
            }
            catch (SqlException sqlEx)
            {
                MessageBox.Show(sqlEx.InnerException != null ? sqlEx.InnerException.Message : sqlEx.Message);
            }
            catch (Exception ex)
            {
                MessageBox.Show(ex.Message);
            }
        }