private void btnLogin_Click(object sender, EventArgs e) { //create salt byte[] salt; new RNGCryptoServiceProvider().GetBytes(salt = new byte[SaltSize]); //generate hash with salt string hash = PasswordHashHelper.Hash(txtPassword.Text, salt, 1000); var checkLogin = from cc_users in db.cc_users where cc_users.UserName == txtusername.Text select new { username = cc_users.UserName, password = cc_users.Password, salt = cc_users.Salt }; foreach (var user in checkLogin) { //var saltByte = new byte[user.salt.Length]; if (PasswordHashHelper.Verify(txtPassword.Text, user.password)) { //MessageBox.Show("Passwords Match"); Properties.Settings.Default.Username = txtusername.Text; Properties.Settings.Default.Save(); Dashboard dashboard = new Dashboard(); dashboard.Show(); } else { MessageBox.Show("Login failed"); } } }
public IWebSession ChangePassword(string oldPassword, string newPassword) { var userId = m_session.User.Id; oldPassword = oldPassword.Trim(); newPassword = newPassword.Trim(); if (oldPassword == newPassword) { return(null); } if (newPassword.Length < 6) { throw new InvalidOperationException("Heslo musí mít alespoň 6 znaků"); } using (var tran = m_database.OpenTransaction()) { var user = m_database.SelectFrom <IUser>().Where(i => i.Id == WebSession.User.Id).Execute().FirstOrDefault(); if (user == null) { return(null); } if (!WebSession.VerifyPassword(user.PasswordHash, oldPassword, user.UsesDefaultPassword)) { throw new InvalidOperationException("Staré heslo není platné"); } user.PasswordHash = PasswordHashHelper.Hash(newPassword); user.UsesDefaultPassword = false; m_database.Save(user); WebSession.Logout(); WebSession.Login(user.EMail, newPassword); WebSession.Logout(); tran.Commit(); } m_repository.InvalidateUserCache(userId); return(WebSession); }
public static void CreateUser() { Linq.dbStructureDataContext db = new Linq.dbStructureDataContext(); Form1 frm = new Form1(); //create salt byte[] salt; new RNGCryptoServiceProvider().GetBytes(salt = new byte[SaltSize]); //generate hash with salt string hash = PasswordHashHelper.Hash(frm.txtNewPass.Text, salt, 1000); var checkUser = from cc_users in db.cc_users where cc_users.UserName == frm.txtNewUser.Text select cc_users.UserName; if (checkUser.Count() == 1) { MessageBox.Show("Username already exists"); } else { var createUser = new Linq.cc_user() { UserName = frm.txtNewUser.Text, Password = hash, Created = DateTime.Now.ToLongDateString(), Salt = Convert.ToBase64String(salt) }; db.cc_users.InsertOnSubmit(createUser); try { db.SubmitChanges(); MessageBox.Show("User created"); Properties.Settings.Default.Username = frm.txtNewUser.Text; Properties.Settings.Default.Save(); } catch (Exception ex) { MessageBox.Show(ex.Message); } } }
public async Task <ActionResult <RegistrationResponse> > RegisterAsync(RegistrationRequest request) { using (await _locker.EnterAsync(request.Username)) { // ensure username is unique if (await _users.GetByNameAsync(request.Username) != null) { return(BadRequest($"Cannot use the username '{request.Username}'.")); } var user = new User { Username = request.Username, Secret = _hash.Hash(request.Password), Permissions = _options.DefaultUserPermissions }; await _users.UpdateAsync(user); await _snapshot.CreatedAsync(user, default, SnapshotType.System, user.Id);
public static void Login() { Linq.dbStructureDataContext db = new Linq.dbStructureDataContext(); Form1 frm = new Form1(); //create salt byte[] salt; new RNGCryptoServiceProvider().GetBytes(salt = new byte[SaltSize]); //generate hash with salt string hash = PasswordHashHelper.Hash(frm.txtNewPass.Text, salt, 1000); var checkLogin = from cc_users in db.cc_users where cc_users.UserName == frm.txtLoginUser.Text select new { username = cc_users.UserName, password = cc_users.Password, salt = cc_users.Salt }; foreach (var user in checkLogin) { //var saltByte = new byte[user.salt.Length]; if (PasswordHashHelper.Verify(frm.txtLoginPass.Text, user.password)) { //MessageBox.Show("Passwords Match"); Properties.Settings.Default.Username = frm.txtLoginUser.Text; Properties.Settings.Default.Save(); Dashboard dashboard = new Dashboard(); dashboard.Show(); } else { MessageBox.Show("Login failed"); } } }