public static bool AddUser(string username, string password) { SaltedHash.SaltedHash sh = new SaltedHash.SaltedHash(); string hash; string salt; sh.GetHashAndSaltString(password, out hash, out salt); int result = Database.Instance.ExecuteNonQuery("INSERT INTO user (username, password, salt) VALUES ('" + username + "','" + hash + "','" + salt + "');"); if (result > 0) { /* ComicListItemFolder userFolder = new ComicListItemFolder(name); ComicIdListItem readingList = new ComicIdListItem("Reading"); userFolder.Items.Add(readingList); ComicIdListItem favoritesList = new ComicIdListItem("Favorites"); userFolder.Items.Add(favoritesList); ((ComicLibrary)Program.Database).ComicLists.Add(userFolder); */ return true; } return false; }
public static bool AddUser(string username, string password) { SaltedHash.SaltedHash sh = new SaltedHash.SaltedHash(); string hash; string salt; sh.GetHashAndSaltString(password, out hash, out salt); int result = Database.Instance.ExecuteNonQuery("INSERT INTO user (username, password, salt) VALUES ('" + username + "','" + hash + "','" + salt + "');"); if (result > 0) { /* * ComicListItemFolder userFolder = new ComicListItemFolder(name); * ComicIdListItem readingList = new ComicIdListItem("Reading"); * userFolder.Items.Add(readingList); * ComicIdListItem favoritesList = new ComicIdListItem("Favorites"); * userFolder.Items.Add(favoritesList); * * ((ComicLibrary)Program.Database).ComicLists.Add(userFolder); */ return(true); } return(false); }
public static bool SetPassword(int userid, string password) { // TODO: validate password strength // TODO: remove active api keys SaltedHash.SaltedHash sh = new SaltedHash.SaltedHash(); string hash; string salt; sh.GetHashAndSaltString(password, out hash, out salt); int result = Database.Instance.ExecuteNonQuery("UPDATE user SET password='******', salt='" + salt + "' WHERE id=" + userid + ";"); return(result > 0); }
public static string LoginUser(string username, string password) { NameValueCollection result = Database.Instance.QuerySingle("SELECT * FROM user WHERE username = '******' COLLATE NOCASE LIMIT 1;"); if (result == null) { return(null); } SaltedHash.SaltedHash sh = new SaltedHash.SaltedHash(); if (!sh.VerifyHashString(password, result["password"], result["salt"])) { // invalid password Console.WriteLine("Invalid password for user " + username); return(null); } //now that the user is validated, create an api key that can be used for subsequent requests var apiKey = Guid.NewGuid().ToString(); Database.Instance.ExecuteNonQuery("INSERT INTO user_apikeys (user_id, apikey) VALUES (" + result["id"] + ", '" + apiKey + "');"); return(apiKey); }
public static string LoginUser(string username, string password) { NameValueCollection result = Database.Instance.QuerySingle("SELECT * FROM user WHERE username = '******' COLLATE NOCASE LIMIT 1;"); if (result == null) return null; SaltedHash.SaltedHash sh = new SaltedHash.SaltedHash(); if (!sh.VerifyHashString(password, result["password"], result["salt"])) { // invalid password Console.WriteLine("Invalid password for user " + username); return null; } //now that the user is validated, create an api key that can be used for subsequent requests var apiKey = Guid.NewGuid().ToString(); Database.Instance.ExecuteNonQuery("INSERT INTO user_apikeys (user_id, apikey) VALUES (" + result["id"] + ", '" + apiKey + "');"); return apiKey; }
public static bool SetPassword(int userid, string password) { // TODO: validate password strength // TODO: remove active api keys SaltedHash.SaltedHash sh = new SaltedHash.SaltedHash(); string hash; string salt; sh.GetHashAndSaltString(password, out hash, out salt); int result = Database.Instance.ExecuteNonQuery("UPDATE user SET password='******', salt='" + salt + "' WHERE id=" + userid + ";"); return result > 0; }