Auth.cs 5.6 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134
  1. using Npgsql;
  2. using System;
  3. using System.Collections.Generic;
  4. using System.ComponentModel;
  5. using System.Configuration;
  6. using System.Data;
  7. using System.Drawing;
  8. using System.Linq;
  9. using System.Security.Cryptography;
  10. using System.Text;
  11. using System.Threading.Tasks;
  12. using System.Windows.Forms;
  13. namespace WindowsFormsApp4
  14. {
  15. public partial class Auth: Form
  16. {
  17. readonly string connStr = ConfigurationManager.ConnectionStrings["PostgreSQL"].ConnectionString;
  18. public Auth()
  19. {
  20. InitializeComponent();
  21. }
  22. private void Auth_Load(object sender, EventArgs e)
  23. {
  24. }
  25. private string HashPassword(string password, string salt)
  26. {
  27. var plainTextWithSaltBytes = Encoding.UTF8.GetBytes(password + salt);
  28. using (SHA256 sha256Hash = SHA256.Create())
  29. {
  30. return Convert.ToBase64String(sha256Hash.ComputeHash(plainTextWithSaltBytes));
  31. }
  32. }
  33. private bool VerifyPassword(string enteredPassword, string storedSalt, string storedHash)
  34. {
  35. var computedHash = HashPassword(enteredPassword, storedSalt);
  36. return computedHash == storedHash;
  37. }
  38. private void Button2_Click(object sender, EventArgs e)
  39. {
  40. using (NpgsqlConnection connection = new NpgsqlConnection(connStr))
  41. {
  42. try
  43. {
  44. connection.Open();
  45. string Query = "SELECT * FROM authenticate_user(@login)";
  46. using (var command = new NpgsqlCommand(Query, connection))
  47. {
  48. command.Parameters.AddWithValue("@login", textBox5.Text);
  49. using (var reader = command.ExecuteReader())
  50. {
  51. if (reader.Read())
  52. {
  53. int userId = reader.GetInt32(0);
  54. string dbRoleName = reader.GetString(1);
  55. string dbPasswordHash = reader.GetString(2);
  56. string dbSalt = reader.GetString(3);
  57. string fullname = reader.GetString(4);
  58. if (VerifyPassword(textBox1.Text, dbSalt, dbPasswordHash))
  59. {
  60. Session.UserId = userId;
  61. Session.UserRole = dbRoleName;
  62. Session.UserFullName = reader.GetString(4);
  63. reader.Close();
  64. string getLibId = "SELECT library_id FROM users WHERE id = @userId";
  65. using (var cmdLib = new NpgsqlCommand(getLibId, connection))
  66. {
  67. cmdLib.Parameters.AddWithValue("userId", userId);
  68. var libIdResult = cmdLib.ExecuteScalar();
  69. Session.LibraryId = libIdResult != DBNull.Value ? Convert.ToInt32(libIdResult) : (int?)null;
  70. }
  71. switch (dbRoleName)
  72. {
  73. case "reader":
  74. ReaderMainForm casualForm = new ReaderMainForm();
  75. casualForm.FormClosed += (s, args) => this.Close();
  76. casualForm.Show();
  77. this.Hide();
  78. break;
  79. case "employe":
  80. bibliot bibliotForm = new bibliot();
  81. bibliotForm.FormClosed += (s, args) => this.Close();
  82. bibliotForm.Show();
  83. this.Hide();
  84. break;
  85. case "admin":
  86. AdminMainForm adminForm = new AdminMainForm();
  87. adminForm.FormClosed += (s, args) => this.Close();
  88. adminForm.Show();
  89. this.Hide();
  90. break;
  91. default:
  92. MessageBox.Show("Ошибка: Неизвестная роль пользователя.");
  93. break;
  94. }
  95. }
  96. else
  97. {
  98. MessageBox.Show("Ошибка: Неверный пароль.");
  99. }
  100. }
  101. else
  102. {
  103. MessageBox.Show("Ошибка: Запись не найдена");
  104. }
  105. }
  106. }
  107. }
  108. catch (Exception ex)
  109. {
  110. MessageBox.Show("Ошибка подключения: " + ex.Message);
  111. }
  112. }
  113. }
  114. private void textBox5_TextChanged(object sender, EventArgs e)
  115. {
  116. }
  117. private void headerLabel_Click(object sender, EventArgs e)
  118. {
  119. }
  120. }
  121. }