using Npgsql; using System; using System.Collections.Generic; using System.ComponentModel; using System.Configuration; using System.Data; using System.Drawing; using System.Linq; using System.Security.Cryptography; using System.Text; using System.Threading.Tasks; using System.Windows.Forms; namespace WindowsFormsApp4 { public partial class Auth: Form { readonly string connStr = ConfigurationManager.ConnectionStrings["PostgreSQL"].ConnectionString; public Auth() { InitializeComponent(); } private void Auth_Load(object sender, EventArgs e) { } private string HashPassword(string password, string salt) { var plainTextWithSaltBytes = Encoding.UTF8.GetBytes(password + salt); using (SHA256 sha256Hash = SHA256.Create()) { return Convert.ToBase64String(sha256Hash.ComputeHash(plainTextWithSaltBytes)); } } private bool VerifyPassword(string enteredPassword, string storedSalt, string storedHash) { var computedHash = HashPassword(enteredPassword, storedSalt); return computedHash == storedHash; } private void Button2_Click(object sender, EventArgs e) { using (NpgsqlConnection connection = new NpgsqlConnection(connStr)) { try { connection.Open(); string Query = "SELECT * FROM authenticate_user(@login)"; using (var command = new NpgsqlCommand(Query, connection)) { command.Parameters.AddWithValue("@login", textBox5.Text); using (var reader = command.ExecuteReader()) { if (reader.Read()) { int userId = reader.GetInt32(0); string dbRoleName = reader.GetString(1); string dbPasswordHash = reader.GetString(2); string dbSalt = reader.GetString(3); string fullname = reader.GetString(4); if (VerifyPassword(textBox1.Text, dbSalt, dbPasswordHash)) { Session.UserId = userId; Session.UserRole = dbRoleName; Session.UserFullName = reader.GetString(4); reader.Close(); string getLibId = "SELECT library_id FROM users WHERE id = @userId"; using (var cmdLib = new NpgsqlCommand(getLibId, connection)) { cmdLib.Parameters.AddWithValue("userId", userId); var libIdResult = cmdLib.ExecuteScalar(); Session.LibraryId = libIdResult != DBNull.Value ? Convert.ToInt32(libIdResult) : (int?)null; } switch (dbRoleName) { case "reader": ReaderMainForm casualForm = new ReaderMainForm(); casualForm.FormClosed += (s, args) => this.Close(); casualForm.Show(); this.Hide(); break; case "employe": bibliot bibliotForm = new bibliot(); bibliotForm.FormClosed += (s, args) => this.Close(); bibliotForm.Show(); this.Hide(); break; case "admin": AdminMainForm adminForm = new AdminMainForm(); adminForm.FormClosed += (s, args) => this.Close(); adminForm.Show(); this.Hide(); break; default: MessageBox.Show("Ошибка: Неизвестная роль пользователя."); break; } } else { MessageBox.Show("Ошибка: Неверный пароль."); } } else { MessageBox.Show("Ошибка: Запись не найдена"); } } } } catch (Exception ex) { MessageBox.Show("Ошибка подключения: " + ex.Message); } } } private void textBox5_TextChanged(object sender, EventArgs e) { } private void headerLabel_Click(object sender, EventArgs e) { } } }