Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- protected void registerbutton_Click(object sender, EventArgs e)
- {
- string myPassword = passwordtextbox.Text;
- string mySalt = BCryptHelper.GenerateSalt();
- string myHash = BCryptHelper.HashPassword(myPassword, mySalt);
- bool doesPasswordMatch = BCryptHelper.CheckPassword(myPassword, myHash);
- if (doesPasswordMatch == true)
- {
- using (SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["DefaultConnection"].ConnectionString))
- using (SqlCommand cmd = new SqlCommand("INSERT INTO dbo.Users (Username, Password, FirstName, LastName) VALUES (@username, @password, @firstname, @lastname)", conn))
- {
- cmd.Parameters.Add("@username", SqlDbType.NVarChar).Value = usernametextbox.Text;
- cmd.Parameters.Add("@password", SqlDbType.Char).Value = myHash;
- cmd.Parameters.Add("@firstname", SqlDbType.NVarChar).Value = firstnametextbox.Text;
- cmd.Parameters.Add("@lastname", SqlDbType.NVarChar).Value = lastnametextbox.Text;
- conn.Open();
- cmd.ExecuteNonQuery();
- conn.Close();
- registerlabel3.Text = myHash;
- }
- }
- else
- {
- registerlabel3.Text = "Error";
- }
- }
- protected void loginbutton_Click(object sender, EventArgs e)
- {
- const string query = "SELECT Username, Password FROM dbo.Users WHERE Username = @username";
- using (SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["DefaultConnection"].ConnectionString))
- using (SqlCommand cmd = new SqlCommand(query, conn))
- {
- cmd.Parameters.Add("@username", SqlDbType.NVarChar).Value = usernametextbox.Text;
- conn.Open();
- //string hashedPassword = BCrypt.Net.BCrypt.HashPassword(passwordtextbox.Text);
- using (SqlDataReader reader = cmd.ExecuteReader())
- {
- while (reader.Read())
- {
- var passwordInDb = reader.GetString(1);
- Label3.Text = "submitted = " + passwordtextbox.Text;
- Label4.Text = "database hash = " + passwordInDb;
- if(BCryptHelper.CheckPassword(passwordtextbox.Text, reader.GetString(1)))
- {
- //login
- loginlabel.Text = "Success";
- }
- else
- {
- loginlabel.Text = "Error";
- }
- }
- }
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement