public void ChangePassword(IConnectToDB _Connect, Guid?uuid, string password)
{
_DynamicOutputProcedures DynamicOutput = new _DynamicOutputProcedures();
List <DynamicModels.RootReportFilter> Filters = new List <DynamicModels.RootReportFilter>();
ER_Sec er_sec = new ER_Sec();
add addHelp = new add();
Filters.Add(new DynamicModels.RootReportFilter {
FilterName = "IDENTITIES_UUID_", DBType = SqlDbType.UniqueIdentifier, ParamValue = uuid
});
DataTable TempDataTable = DynamicOutput.DynoProcSearch(_Connect, "Custom Query", "SP_S_VW__ID_PASSWORD_SEARCH",
new DataTableDotNetModelMetaData {
columns = "ID_PASSWORD_ID,RENDITION,IDENTITIES_ID", length = -1, order = "1 asc", start = 0, verify = "T"
},
Filters);
DataColumnCollection _dccColumnID = TempDataTable.Columns;
if (_dccColumnID.Contains("ID_PASSWORD_ID") && TempDataTable.Rows.Count > 0)
{
//Update Password
Values.UpdateIDPassword IDPasswordModel = null;
string hash = ER_Sec.ComputeHash(password, "SHA512", null);
IDPasswordModel = addHelp.UPDATE_ENTRY_Identities_Password(_Connect, new Values.UpdateIDPassword
{
I_ID_PASSWORD_ID = TempDataTable.Rows[0].Field <long?>("ID_PASSWORD_ID"),
I_OBJECT_TYPE = "Password",
I_RENDITION = TempDataTable.Rows[0].Field <long?>("RENDITION"),
I_PASSWORD = er_sec.EncryptStringToBytes_Aes(hash, er_sec.GetCryptPairforID(_Connect, TempDataTable.Rows[0].Field <long?>("IDENTITIES_ID"), new ER_CRYPT_PAIR()))
});
}
}
public DataTable GetUser(IConnectToDB _Connect, DataTable _DT, string Username, string SubmittedPassword)
{
ER_Query er_query = new ER_Query();
IdentityHelper ih = new IdentityHelper();
_DT = new DataTable();
DataTable usernamedt = ih.FindIdentity(_Connect, Username);
if (usernamedt.Rows.Count == 1)
{
foreach (DataRow _DR in usernamedt.Rows)
{
if (_DR.Field <string>("User_name").ToLower() == Username.ToLower() || _DR.Field <string>("Email").ToLower() == Username.ToLower())
{
List <DynamicModels.RootReportFilter> passwordFilters = new List <DynamicModels.RootReportFilter>();
passwordFilters.Add(new DynamicModels.RootReportFilter {
FilterName = "IDENTITIES_ID_", ParamValue = _DR.Field <long?>("identities_id")
});
DataTable passdt = _DynamicOutputProcedures._DynoProcSearch(_Connect, "Custom Query", "SP_S_" + "VW__ID_PASSWORD" + "_SEARCH",
new DataTableDotNetModelMetaData {
length = -1, order = "1 asc", start = 0, verify = "T"
},
passwordFilters);
if (passdt.Rows.Count != 0)
{
byte[] EncryptedPassword = (byte[])passdt.Rows[0]["Password"];
long? IDENTITIES_ID = (long?)passdt.Rows[0]["IDENTITIES_ID"];
ER_Sec er_sec = new ER_Sec();
string DecryptedPasswordHash = er_sec.DecryptStringFromBytes_Aes(EncryptedPassword, er_sec.GetCryptPairforID(_Connect, IDENTITIES_ID, new ER_CRYPT_PAIR()));
if (passdt.Rows.Count != 0 && ER_Sec.VerifyHash(SubmittedPassword, "SHA512", DecryptedPasswordHash))
{
_DT = usernamedt;
}
}
else
{
_DT = usernamedt;
}
break;
}
}
}
return(_DT);
}
public void ResetPassword(IConnectToDB _Connect, string VerifyUUID, string password)
{
ER_Sec er_sec = new ER_Sec();
ER_DML er_dml = new ER_DML();
_DynamicOutputProcedures DynamicOutput = new _DynamicOutputProcedures();
List <DynamicModels.RootReportFilter> verifyIdentityFilters = new List <DynamicModels.RootReportFilter>();
List <DynamicModels.RootReportFilter> idPasswordFilters = new List <DynamicModels.RootReportFilter>();
verifyIdentityFilters.Add(new DynamicModels.RootReportFilter {
FilterName = "UUID_", DBType = SqlDbType.VarChar, ParamValue = VerifyUUID
});
DataTable verifyIdentityTable = DynamicOutput.DynoProcSearch(_Connect, "Custom Query", "SP_S_VW__VERIFY_SEARCH",
new DataTableDotNetModelMetaData {
columns = "IDENTITIES_ID", length = -1, order = "1 asc", start = 0, verify = "T"
},
verifyIdentityFilters);
idPasswordFilters.Add(new DynamicModels.RootReportFilter {
FilterName = "Identities_ID_", DBType = SqlDbType.BigInt, ParamValue = verifyIdentityTable.Rows[0].Field <long?>("IDENTITIES_ID")
});
DataTable idPasswordTable = DynamicOutput.DynoProcSearch(_Connect, "Custom Query", "SP_S_VW__ID_PASSWORD_SEARCH",
new DataTableDotNetModelMetaData {
columns = "ID_PASSWORD_ID", length = -1, order = "1 asc", start = 0, verify = "T"
},
idPasswordFilters);
//Update Password
string hash = ER_Sec.ComputeHash(password, "SHA512", null);
er_dml.OBJECT_DML(_Connect, "Update", "ID_PASSWORD", "PASSWORD", idPasswordTable.Rows[0].Field <long?>("ID_PASSWORD_ID"),
new Object_Value
{
_File = new File_Object
{
_FileBytes = er_sec.EncryptStringToBytes_Aes(hash,
er_sec.GetCryptPairforID(_Connect, verifyIdentityTable.Rows[0].Field <long?>("IDENTITIES_ID"), new ER_CRYPT_PAIR()))
}
});
//disable verification
VerificationHelper VH = new VerificationHelper();
VH.DisableVerificationsForID(_Connect, verifyIdentityTable.Rows[0].Field <long?>("IDENTITIES_ID"), "ResetPassword");
}
public string VerifyUserByRegCode(IConnectToDB _Connect, string VerifyUUID)
{
ER_Query er_query = new ER_Query();
ER_Query.Parameter_Run SQlinUserName = new ER_Query.Parameter_Run();
ER_Query.Parameter_Run SQlinPassword = new ER_Query.Parameter_Run();
string DecryptedPassword = "";
SQlinUserName._dbParameters = new List <DBParameters>
{
new DBParameters {
ParamName = "UUID", MSSqlParamDataType = SqlDbType.VarChar, ParamValue = VerifyUUID
}
};
SQlinUserName.sqlIn = "Select a.* from CSA.IDENTITIES a inner join CSA.VW__VERIFY b on (a.IDENTITIES_ID = b.IDENTITIES_ID and b.UUID = @UUID) where b.UUID = @UUID";
DataTable usernamedt = er_query.RUN_PARAMETER_QUERY(_Connect, SQlinUserName);
if (usernamedt.Rows.Count == 1)
{
foreach (DataRow _DR in usernamedt.Rows)
{
SQlinPassword._dbParameters = new List <DBParameters>
{
new DBParameters {
ParamName = "IDENTITIES_ID", MSSqlParamDataType = SqlDbType.BigInt, ParamValue = _DR.Field <long?>("identities_id").ToString()
}
};
SQlinPassword.sqlIn = "Select a.* from CSA.ID_PASSWORD a inner join CSA.ID_PASSWORD b on a.IDENTITIES_ID = b.IDENTITIES_ID and a.RENDITION in (select max(c.RENDITION) from " +
"CSA.ID_PASSWORD c where c.Identities_id = b.Identities_ID) where a.identities_id = @IDENTITIES_ID";
DataTable passdt = er_query.RUN_PARAMETER_QUERY(_Connect, SQlinPassword);
byte[] EncryptedPassword = (byte[])passdt.Rows[0]["Password"];
long IDENTITIES_ID = (long)passdt.Rows[0]["IDENTITIES_ID"];
ER_Sec er_sec = new ER_Sec();
DecryptedPassword = er_sec.DecryptStringFromBytes_Aes(EncryptedPassword, er_sec.GetCryptPairforID(_Connect, IDENTITIES_ID, new ER_CRYPT_PAIR()));
if (passdt.Rows.Count != 0)
{
//ER_DML er_dml = new ER_DML();
//er_dml.OBJECT_DML(_Connect, "Update", "Identities", "ENABLED", IDENTITIES_ID, new Object_Value { _String = "Y" }); Commented out because this is already being set to yes when the identity is created.
add addHelp = new add();
long?IdentitiesId = null;
//er_dml.OBJECT_DML(_Connect, "Update", "Identities", "ACTIVE", IDENTITIES_ID, new Object_Value { _String = "Y" });
//er_dml.OBJECT_DML(_Connect, "Update", "Identities", "VERIFIED", IDENTITIES_ID, new Object_Value { _String = "Y" });
Values.UpdateIdentity IdentitiesModel = null;
IdentitiesModel = addHelp.UPDATE_ENTRY_Identities(_Connect, new Values.UpdateIdentity
{
I_IDENTITIES_ID = _DR.Field <long?>("IDENTITIES_ID"),
I_OBJECT_TYPE = _DR.Field <string>("OBJECT_TYPE"),
I_USER_NAME = _DR.Field <string>("USER_NAME"),
I_EDIPI = _DR.Field <string>("EDIPI"),
I_EMAIL = _DR.Field <string>("EMAIL"),
I_ACTIVE = "Y",
I_VERIFIED = "Y",
});
IdentitiesId = IdentitiesModel.O_IDENTITIES_ID;
VerificationHelper VH = new VerificationHelper();
VH.MarkVerificationsForID(_Connect, IDENTITIES_ID, "CreateUser");
VH.DisableVerificationsForID(_Connect, IDENTITIES_ID, "CreateUser");
}
break;
}
}
return(DecryptedPassword);
}
public DataTable GetPendingUser(IConnectToDB _Connect, DataTable _DT, string Username, string SubmittedPassword, string VerifyUUID)
{
ER_Query er_query = new ER_Query();
ER_Query.Parameter_Run SQlinUserName = new ER_Query.Parameter_Run();
ER_Query.Parameter_Run SQlinPassword = new ER_Query.Parameter_Run();
SQlinUserName._dbParameters = new List <DBParameters>
{
new DBParameters {
ParamName = "UUID", MSSqlParamDataType = SqlDbType.VarChar, ParamValue = VerifyUUID
},
new DBParameters {
ParamName = "USER_NAME", MSSqlParamDataType = SqlDbType.VarChar, ParamValue = Username.ToLower()
},
};
SQlinUserName.sqlIn = "Select a.* from CSA.IDENTITIES a inner join CSA.VW__VERIFY b on (a.IDENTITIES_ID = b.IDENTITIES_ID and b.UUID = @UUID) where LOWER(a.User_name) = @USER_NAME or LOWER(a.Email) = @USER_NAME";
DataTable usernamedt = er_query.RUN_PARAMETER_QUERY(_Connect, SQlinUserName);
if (usernamedt.Rows.Count == 1)
{
foreach (DataRow _DR in usernamedt.Rows)
{
if (_DR.Field <string>("User_name").ToLower() == Username.ToLower() || _DR.Field <string>("Email").ToLower() == Username.ToLower())
{
SQlinPassword._dbParameters = new List <DBParameters>
{
new DBParameters {
ParamName = "IDENTITIES_ID", MSSqlParamDataType = SqlDbType.BigInt, ParamValue = _DR.Field <long?>("identities_id")
}
};
SQlinPassword.sqlIn = "Select a.* from CSA.ID_PASSWORD a inner join CSA.ID_PASSWORD b on a.IDENTITIES_ID = b.IDENTITIES_ID and a.RENDITION in (select max(c.RENDITION) from CSA.ID_PASSWORD c where c.Identities_id = b.Identities_ID) where a.identities_id = @IDENTITIES_ID";
DataTable passdt = er_query.RUN_PARAMETER_QUERY(_Connect, SQlinPassword);
byte[] EncryptedPassword = (byte[])passdt.Rows[0]["Password"];
long? IDENTITIES_ID = (long?)passdt.Rows[0]["IDENTITIES_ID"];
ER_Sec er_sec = new ER_Sec();
string DecryptedPasswordHash = er_sec.DecryptStringFromBytes_Aes(EncryptedPassword, er_sec.GetCryptPairforID(_Connect, IDENTITIES_ID, new ER_CRYPT_PAIR()));
if (passdt.Rows.Count != 0 && ER_Sec.VerifyHash(SubmittedPassword, "SHA512", DecryptedPasswordHash)
)
{
_DT = usernamedt;
ER_DML er_dml = new ER_DML();
//er_dml.OBJECT_DML(_Connect, "Update", "Identities", "ENABLED", IDENTITIES_ID, new Object_Value { _String = "Y" }); Commented out because this is already being set to yes when the identity is created.
er_dml.OBJECT_DML(_Connect, "Update", "Identities", "ACTIVE", IDENTITIES_ID, new Object_Value {
_String = "Y"
});
er_dml.OBJECT_DML(_Connect, "Update", "Identities", "VERIFIED", IDENTITIES_ID, new Object_Value {
_String = "Y"
});
VerificationHelper VH = new VerificationHelper();
VH.DisableVerificationsForID(_Connect, IDENTITIES_ID, "CreateUser");
}
break;
}
}
}
return(_DT);
}
