Пример #1
0
        static void PushUserData(String[] req_UserData, SqlConnection connection)
        {
            Console.WriteLine("Push User Data");
            GenerateResponses Gr = new GenerateResponses();
            GenerateHash      GH = new GenerateHash();

            string email = req_UserData[0];
            string uname = req_UserData[1];
            string pswrd = req_UserData[2];
            string fname = req_UserData[3];
            string dptmt = req_UserData[4];
            string salt  = GH.GenerateSalt();

            Console.WriteLine("pswrd" + pswrd);
            pswrd = GH.Generate(pswrd + salt);

            connection.Open();

            SqlCommand cmd = new SqlCommand("insert into users (username, password_hash, salt, first_name, department, email)" +
                                            "values(@uname,@pswrd, @salt, @fname, @dptmt, @email)", connection);

            cmd.Parameters.AddWithValue("@uname", uname);
            cmd.Parameters.AddWithValue("@pswrd", pswrd);
            cmd.Parameters.AddWithValue("@salt", salt);
            cmd.Parameters.AddWithValue("@fname", fname);
            cmd.Parameters.AddWithValue("@dptmt", dptmt);
            cmd.Parameters.AddWithValue("@email", email);

            int rowsaffected = cmd.ExecuteNonQuery();

            Console.WriteLine(rowsaffected);

            connection.Close();
        }
Пример #2
0
        public void PushHash()
        {
            GenerateHash GH = new GenerateHash();                 // Init GenerateHash

            string hash = GH.Generate(email + OTP);               // Generate hash from email and OTP

            DatabaseConnector DBConn = new DatabaseConnector();   // connect to database
            SqlConnection     conn   = DBConn.connector("Users"); // start an SQL connection


            conn.Open(); // Open connection to database

            // Push OTP value to database
            SqlCommand cmd = new SqlCommand("insert into OTP ([OTP_HASH]) values(@hash)", conn);

            cmd.Parameters.AddWithValue("@hash", hash);
            int affectedrows = cmd.ExecuteNonQuery(); // Execute non query

            Console.WriteLine(affectedrows);
        }
Пример #3
0
        public static async Task <IActionResult> Run(
            [HttpTrigger(AuthorizationLevel.Anonymous, "post", Route = null)] HttpRequest req,
            ILogger log)
        {
            log.LogInformation("C# HTTP trigger function processed a request. - Apply");

            GenerateResponses Gr = new GenerateResponses();

            string s_From = req.Query["from"];
            string s_To   = req.Query["to"];



            string Reason        = req.Query["reason"];
            string Session_Token = req.Query["token"];
            string Type          = req.Query["type"];

            string uname      = null;
            string department = null;


            string  requestBody = await new StreamReader(req.Body).ReadToEndAsync();
            dynamic data        = JsonConvert.DeserializeObject(requestBody);

            s_From = s_From ?? data?.from;
            s_To   = s_To ?? data?.to;

            DateTime From = DateTime.ParseExact(s_From, "dd/MM/yyyy", null);
            DateTime To   = DateTime.ParseExact(s_To, "dd/MM/yyyy", null);


            Reason        = Reason ?? data?.reason;
            Session_Token = Session_Token ?? data?.token;
            Type          = Type ?? data?.type;


            DatabaseConnector DBconn     = new DatabaseConnector();
            SqlConnection     connection = DBconn.connector("Users");
            GenerateHash      GH         = new GenerateHash();
            SqlDataReader     reader;

            Session_Token = Session_Token.Replace(" ", "");

            SqlCommand command_Retrieve_Uname_Dept = new SqlCommand("select username, department from Users where session_token=@token", connection);

            command_Retrieve_Uname_Dept.Parameters.AddWithValue("@token", Session_Token);

            connection.Open();
            Console.WriteLine("From" + From.ToShortDateString());
            reader = command_Retrieve_Uname_Dept.ExecuteReader();

            while (reader.Read())
            {
                uname      = reader[0].ToString();
                department = reader[1].ToString();
            }

            connection.Close();

            if (string.IsNullOrEmpty(uname) || string.IsNullOrEmpty(department))
            {
                return(Gr.InternalServerError(InternalServerError));
            }


            var LeaveDays = (To - From).TotalDays;
            var LeaveID   = department + GH.GenerateSalt();

            connection.Open();

            s_From = From.ToShortDateString();
            s_To   = To.ToShortDateString();

            SqlCommand command_Push_Data_Into_Leave = new SqlCommand("insert into leaveapplication(leave_id, from_date, to_date, no_of_days, reason, leave_type, username) values (@LeaveID, @From, @To, @Days, @Reason, @Type, @uname)", connection);

            command_Push_Data_Into_Leave.Parameters.AddWithValue("@LeaveID", LeaveID);
            command_Push_Data_Into_Leave.Parameters.AddWithValue("@From", s_From);
            command_Push_Data_Into_Leave.Parameters.AddWithValue("@To", s_To);
            command_Push_Data_Into_Leave.Parameters.AddWithValue("@Days", LeaveDays);
            command_Push_Data_Into_Leave.Parameters.AddWithValue("@Reason", Reason);
            command_Push_Data_Into_Leave.Parameters.AddWithValue("@Type", Type);
            command_Push_Data_Into_Leave.Parameters.AddWithValue("@uname", uname);

            command_Push_Data_Into_Leave.ExecuteNonQuery();

            connection.Close();

            return(Gr.OkResponse("Ok"));
        }
Пример #4
0
        public static async Task <IActionResult> Run(
            [HttpTrigger(AuthorizationLevel.Anonymous, "post", Route = null)] HttpRequest req,
            ILogger log)
        {
            log.LogInformation("C# HTTP trigger function processed a request.- Verification");

            string VerifCode = req.Query["code"];  //Get Verification Code
            string email     = req.Query["email"]; //Get Email
            string uname     = req.Query["uname"];
            string pswrd     = req.Query["pswrd"];
            string fname     = req.Query["fname"];
            string dptmt     = req.Query["dptmt"];

            string  requestBody = await new StreamReader(req.Body).ReadToEndAsync();
            dynamic data        = JsonConvert.DeserializeObject(requestBody);

            VerifCode = VerifCode ?? data?.code;
            email     = email ?? data?.email;
            uname     = uname ?? data?.uname;
            pswrd     = pswrd ?? data?.pswrd;
            fname     = fname ?? data?.fname;
            dptmt     = dptmt ?? data?.dptmt;

            string[] Data = { email, uname, pswrd, fname, dptmt };

            GenerateHash      GH       = new GenerateHash();             //Object for Hash Generating class
            string            Hash     = GH.Generate(email + VerifCode); // Generate SHA256 hash from email and verification code
            string            Hash_val = null;                           //Initialize Hash_val
            SqlDataReader     rdr;                                       //SQL Data Reader
            DatabaseConnector DBConn     = new DatabaseConnector();      //Database Connection class object
            SqlConnection     connection = DBConn.connector("Users");    //Connect to the Database
            GenerateResponses Gr         = new GenerateResponses();



            //Check if connection is null, if null return internal server error since database is not connected
            if (connection == null)
            {
                Gr.InternalServerError("Error connecting to database - Verification");
            }
            // End if database cannot be connected


            //Open connection
            connection.Open();
            //Console.WriteLine("Hash:" + Hash);

            //Generate SQL query
            SqlCommand cmd = new SqlCommand("select OTP_Hash from OTP where OTP_hash=@hash", connection);

            cmd.Parameters.AddWithValue("@hash", Hash);

            //Execute query and put data into rdr
            rdr = cmd.ExecuteReader();

            //Read data, get the first data in the array since there's only one coloumn
            while (rdr.Read())
            {
                Hash_val = rdr[0].ToString();
            }
            rdr.Close();
            //Console.WriteLine(Hash_val); //Debug


            //If Val is null or empty, it means that specific hash doesn't exist and OTP is invalid for that email
            if (string.IsNullOrEmpty(Hash_val))
            {
                return(Gr.NotAcceptable("Invalid OTP"));// Ends if OTP is invalid
            }
            connection.Close();

            PushUserData(Data, connection);

            connection.Open();
            //Generate SQL query to delete OTP_Hash from the table
            cmd = new SqlCommand("delete from OTP where OTP_hash=@hash", connection);
            cmd.Parameters.AddWithValue("@hash", Hash);
            cmd.ExecuteNonQuery(); //Execute the command

            connection.Close();
            //Return value
            return(Gr.OkResponse("Valid OTP"));
        }