Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- public static string myConnectionString = "SERVER=localhost;" + "DATABASE=cd;" + "UID=root;" + "PASSWORD=;";
- public static MySqlConnection connection;
- public static MySqlCommand command;
- public static MySqlDataReader Reader;
- public static class PasswordDerivation
- {
- public const int defaultSaltSize = 16;
- public const int defaultKeySize = 16;
- public const int defaultIterations = 15000;
- public static string Derive(string plainPassword, int saltSize = defaultSaltSize, int iterations = defaultIterations, int keySize = defaultKeySize)
- {
- using (var derive = new Rfc2898DeriveBytes(plainPassword, saltSize: saltSize, iterations: iterations))
- {
- var b64Pwd = Convert.ToBase64String(derive.GetBytes(keySize));
- var b64Salt = Convert.ToBase64String(derive.Salt);
- return string.Join(":", b64Salt, iterations.ToString(), keySize.ToString(), b64Pwd);
- }
- }
- public static bool Verify(string saltedPassword, string plainPassword)
- {
- var passwordParts = saltedPassword.Split(':');
- var salt = Convert.FromBase64String(passwordParts[0]);
- var iters = int.Parse(passwordParts[1]);
- var keySize = int.Parse(passwordParts[2]);
- var pwd = Convert.FromBase64String(passwordParts[3]);
- using (var derive = new Rfc2898DeriveBytes(plainPassword, salt: salt, iterations: iters))
- {
- var hashedInput = derive.GetBytes(keySize);
- // we ensure that the resulting salted hash is equal to our original hash, if so, the two passwords match.
- return hashedInput.SequenceEqual(pwd);
- }
- }
- }
- public static Boolean CreateAccount(string username, string password)
- {
- String saltedPassword = PasswordDerivation.Derive(password);
- bool result = false;
- try
- {
- using (connection = new MySqlConnection(myConnectionString))
- using (command = connection.CreateCommand())
- command.CommandText = "INSERT INTO AccountsTable (username, password) VALUES (@username, @password)";
- command.Prepare();
- command.Parameters.AddWithValue("@username", username);
- command.Parameters.AddWithValue("@password", saltedPassword);
- result = command.ExecuteNonQuery() > 0;
- }
- catch (Exception err) { Console.WriteLine(err); }
- finally { connection.Close(); }
- return result;
- }
- public static Boolean LoginAccount(string username, string password)
- {
- bool result = false;
- try
- {
- using (connection = new MySqlConnection(myConnectionString))
- using (command = connection.CreateCommand())
- command.CommandText = "SELECT password FROM AccountsTable WHERE username=@username";
- command.Prepare();
- command.Parameters.AddWithValue("@username", username);
- connection.Open();
- string saltedPassword = (string)command.ExecuteScalar();
- result = PasswordDerivation.Verify(saltedPassword, password);
- }
- catch (Exception err) { Console.WriteLine(err); }
- finally { connection.Close(); }
- return result;
- }
- [Command("login","[Usage] /login Username Password")]
- public void LoginCommand(Client player, string username, string password)
- {
- var result = CnRGamemode.CreateAccount(username, password);
- if (result)
- {
- CreateAccount(username, password);
- }
- else
- {
- }
- }
- [Command("register", "[Usage] /register Username Password")]
- public void RegisterCommand(Client player, string username, string password)
- {
- var result = CnRGamemode.LoginAccount(username, password);
- if (result)
- {
- LoginAccount(username, password);
- }
- else
- {
- // password is wrong, do anything!
- }
- }
Add Comment
Please, Sign In to add comment