public static UserInformation Login(string username, string password) { string oracleUsername = earthfusion_backend.Globals.config["EARTH_FUSION_SPATIAL_DB_USERNAME"]; string oraclePassword = earthfusion_backend.Globals.config["EARTH_FUSION_SPATIAL_DB_PASSWORD"]; OracleConnection conn = OracleHelpers.GetOracleConnection(oracleUsername, oraclePassword, false); // Get user information List <UserInformation> selectedResult = GetUserInformation(conn, username); if (selectedResult.Count < 1) { Logging.Warning("EarthFusion.SessionHelpers.Login", "No matching username in raw data"); return(null); } string userPasswordHashed = GenericHelpers.ComputeSha256Hash(password); Logging.Info("EarthFusion.SessionHelpers.Login", "request has a hashed password of " + userPasswordHashed); foreach (UserInformation userInformation in selectedResult) { Logging.Info("EarthFusion.SessionHelpers.Login", "comparing user with uuid " + userInformation.userId.ToString()); Logging.Info("EarthFusion.SessionHelpers.Login", "This user has a hashed password of " + userInformation.userPasswordHashed); if (userPasswordHashed == userInformation.userPasswordHashed) { Logging.Info("EarthFusion.SessionHelpers.Login", "uuid " + userInformation.userId.ToString() + " seems good!"); return(userInformation); } } return(null); }
public static bool CreateUserRow(OracleConnection conn, string username, string emailAddress, string password) { // insert into earthfusion_users // (user_id, user_name, user_email, USER_PASSWORD_HASHED, USER_STATUS, USER_ROLE) // values // (1, 'marshmallow', '*****@*****.**', '5a9fee2cb0e686d7d9022dfc72ccb160d533c668059d1acfcf5da53d517f2d46', 'enabled', 'administrator'); // check duplicate username if (OracleHelpers.IsRowExistInColumnInTableName(conn, username, "SPATIAL_ADMIN.EARTHFUSION_USERS", "user_name")) { return(false); } // generate uuid int uuid = 0; Random random = new System.Random(); while (true) { uuid = random.Next(2, 114514); // tests proved that we can use string to query int if (!OracleHelpers.IsRowExistInColumnInTableName(conn, uuid.ToString(), "SPATIAL_ADMIN.EARTHFUSION_USERS", "user_id")) { break; } } string hashedUserPassword = GenericHelpers.ComputeSha256Hash(password); string insertString = "insert into earthfusion_users "; insertString += "(user_id, user_name, user_email, USER_PASSWORD_HASHED, USER_STATUS, USER_ROLE) "; insertString += "values "; insertString += "("; insertString += uuid.ToString(); insertString += ", '"; insertString += username; insertString += "', '"; insertString += emailAddress; insertString += "', '"; insertString += hashedUserPassword; insertString += "', '"; insertString += "enabled"; insertString += "', '"; insertString += "user"; insertString += "')"; OracleCommand command = new OracleCommand(insertString, conn); conn.Open(); OracleDataReader reader = command.ExecuteReader(); conn.Close(); return(true); }