Пример #1
0
        public bool CreateUserAccount(string username, string emailAddress, string password, string confirmPassword, int empireID, Coordinates focus, out UserAccount user, out string errors)
        {
            string validatedErrors;
            if(this.Validate(username, emailAddress, password, confirmPassword, out validatedErrors))
            {
                var created = DateTime.UtcNow;
                created = created.AddMilliseconds(-created.Millisecond); // strip off milliseconds so SQL doesn't do it for us
                var salt = _cryptographyManager.CreateSalt();
                var hash = _cryptographyManager.CreateHash(created, password, salt);

                var securityUser = new SecurityUserAccount
                {
                    CreateTS = created,
                    EmailAddress = emailAddress,
                    PasswordSalt = salt,
                    PasswordHash = hash,
                    Username = username
                };

                _users.CreateUserAccount(securityUser, empireID, focus);
                user = _users.GetUserByUsername(username);
                errors = null;
                return true;
            }
            else
            {
                errors = validatedErrors;
                user = null;
                return false;
            }
        }
Пример #2
0
 public void InsertSecurityUserAccount(SecurityUserAccount securityUserAccount)
 {
     using (IMcpDataBaseRepository Db = new McpDataBaseRepository(_connectionProvider))
     {
         Db.SecurityUserAccountTable.Insert(securityUserAccount);
         Db.Commit();
     }
 }
        public void Insert(SecurityUserAccount securityUserAccount)
        {
            #region SQL
            string sql = @"INSERT INTO SecurityUserAccount
(GroupID,
   AccountID,
   Name,
   Description,
   Password,
   Startup,
   PWLastUpdateTime,
   PWType,
   CreateTime,
   dModifyTime,
   iFailTimes,
   dLockTime,
   cRoleID,
   AD_CheckFlag,
   cCallID,
   cPWD,
   DomainName)
VALUES
(@GroupID,
   @AccountID,
   @Name,
   @Description,
   @Password,
   @Startup,
   @PWLastUpdateTime,
   @PWType,
   @CreateTime,
   @dModifyTime,
   @iFailTimes,
   @dLockTime,
   @cRoleID,
   @AD_CheckFlag,
   @cCallID,
   @cPWD,
   @DomainName)";
            #endregion SQL
            try
            {
                _Connection.Execute(sql, securityUserAccount, _Transaction, commandType: CommandType.Text);
            }
            catch (Exception ex)
            {
                throw ex;
            }
        }
Пример #4
0
        public void CreateUserAccount(SecurityUserAccount securityUser, int empireID, Coordinates coordinates)
        {
            if (securityUser == null) throw new ArgumentNullException("securityUser");

            using (var cmd = this.SessionManager.GetCurrentUnitOfWork().CreateCommand("INSERT INTO UserAccounts (Username, EmailAddress, PasswordHash, PasswordSalt, CreateTS, EmpireID, X, Y, Z) VALUES (@Username, @EmailAddress, @PasswordHash, @PasswordSalt, @CreateTS, @Empire, @X, @Y, @Z) SELECT Scope_Identity()"))
            {
                cmd.AddParameter("Username", DbType.String, securityUser.Username);
                cmd.AddParameter("EmailAddress", DbType.String, securityUser.EmailAddress);
                cmd.AddParameter("PasswordHash", DbType.Binary, securityUser.PasswordHash);
                cmd.AddParameter("PasswordSalt", DbType.String, securityUser.PasswordSalt);
                cmd.AddParameter("CreateTS", DbType.DateTime, securityUser.CreateTS);

                cmd.AddParameter("Empire", DbType.Int32, empireID);
                cmd.AddParameter("X", DbType.Int64, coordinates.X);
                cmd.AddParameter("Y", DbType.Int64, coordinates.Y);
                cmd.AddParameter("Z", DbType.Int64, coordinates.Z);

                securityUser.UserAccountID = (int)(decimal)cmd.ExecuteScalar();
            }
        }
Пример #5
0
        public bool Login(string emailAddress, string password, out SecurityUserAccount currentUserAccount)
        {
            if (emailAddress == null) throw new ArgumentNullException("emailAddress");
            if (password == null) throw new ArgumentNullException("password");

            var userAccountFromRepository = _users.GetUserAccount(emailAddress);
            if (userAccountFromRepository == null)
            {
                logger.Info("UserAcount with email address '{0}' not found", emailAddress);
                currentUserAccount = null;
                return false;
            }

            var hashForEnteredUser = _cryptographyManager.CreateHash(userAccountFromRepository.CreateTS, password, userAccountFromRepository.PasswordSalt);

            var trimmedHash = userAccountFromRepository.PasswordHash.Take(hashForEnteredUser.Count()).ToArray();
            if (!Enumerable.SequenceEqual(trimmedHash, hashForEnteredUser))
            {
                logger.Info("Password was incorrect for user '{0}'", emailAddress);
                currentUserAccount = null;
                return false;
            }

            Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity(userAccountFromRepository.Username), new string[] { });
            currentUserAccount = userAccountFromRepository;
            return true;
        }