| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134 |
- using Npgsql;
- using System;
- using System.Collections.Generic;
- using System.ComponentModel;
- using System.Configuration;
- using System.Data;
- using System.Drawing;
- using System.Linq;
- using System.Security.Cryptography;
- using System.Text;
- using System.Threading.Tasks;
- using System.Windows.Forms;
- namespace WindowsFormsApp4
- {
- public partial class Auth: Form
- {
- readonly string connStr = ConfigurationManager.ConnectionStrings["PostgreSQL"].ConnectionString;
- public Auth()
- {
- InitializeComponent();
- }
- private void Auth_Load(object sender, EventArgs e)
- {
- }
- private string HashPassword(string password, string salt)
- {
- var plainTextWithSaltBytes = Encoding.UTF8.GetBytes(password + salt);
- using (SHA256 sha256Hash = SHA256.Create())
- {
- return Convert.ToBase64String(sha256Hash.ComputeHash(plainTextWithSaltBytes));
- }
- }
- private bool VerifyPassword(string enteredPassword, string storedSalt, string storedHash)
- {
- var computedHash = HashPassword(enteredPassword, storedSalt);
- return computedHash == storedHash;
- }
- private void Button2_Click(object sender, EventArgs e)
- {
- using (NpgsqlConnection connection = new NpgsqlConnection(connStr))
- {
- try
- {
- connection.Open();
- string Query = "SELECT * FROM authenticate_user(@login)";
- using (var command = new NpgsqlCommand(Query, connection))
- {
- command.Parameters.AddWithValue("@login", textBox5.Text);
- using (var reader = command.ExecuteReader())
- {
- if (reader.Read())
- {
- int userId = reader.GetInt32(0);
- string dbRoleName = reader.GetString(1);
- string dbPasswordHash = reader.GetString(2);
- string dbSalt = reader.GetString(3);
- string fullname = reader.GetString(4);
- if (VerifyPassword(textBox1.Text, dbSalt, dbPasswordHash))
- {
- Session.UserId = userId;
- Session.UserRole = dbRoleName;
- Session.UserFullName = reader.GetString(4);
- reader.Close();
- string getLibId = "SELECT library_id FROM users WHERE id = @userId";
- using (var cmdLib = new NpgsqlCommand(getLibId, connection))
- {
- cmdLib.Parameters.AddWithValue("userId", userId);
- var libIdResult = cmdLib.ExecuteScalar();
- Session.LibraryId = libIdResult != DBNull.Value ? Convert.ToInt32(libIdResult) : (int?)null;
- }
- switch (dbRoleName)
- {
- case "reader":
- ReaderMainForm casualForm = new ReaderMainForm();
- casualForm.FormClosed += (s, args) => this.Close();
- casualForm.Show();
- this.Hide();
- break;
- case "employe":
- bibliot bibliotForm = new bibliot();
- bibliotForm.FormClosed += (s, args) => this.Close();
- bibliotForm.Show();
- this.Hide();
- break;
- case "admin":
- AdminMainForm adminForm = new AdminMainForm();
- adminForm.FormClosed += (s, args) => this.Close();
- adminForm.Show();
- this.Hide();
- break;
- default:
- MessageBox.Show("Ошибка: Неизвестная роль пользователя.");
- break;
- }
- }
- else
- {
- MessageBox.Show("Ошибка: Неверный пароль.");
- }
- }
- else
- {
- MessageBox.Show("Ошибка: Запись не найдена");
- }
- }
- }
- }
- catch (Exception ex)
- {
- MessageBox.Show("Ошибка подключения: " + ex.Message);
- }
- }
- }
- private void textBox5_TextChanged(object sender, EventArgs e)
- {
- }
- private void headerLabel_Click(object sender, EventArgs e)
- {
- }
- }
- }
|