edv/VERAG_Homepage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Verbesserung der trennung der Logiken wischen mobiler und Desktopansicht. Dadurch Verbesseurng der Leistung.

Browse Source
This commit is contained in:
ja
2022-02-01 09:02:40 +01:00
parent 5f417bb8b7
commit fe2d41e4db
5 changed files with 3370 additions and 3263 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
App_Code/VERAG_VARIABLES.vb
View File

@@ -44,14 +44,14 @@ Public Class VERAG_VARIABLES
Argon.Salt = salt Argon.Salt = salt
Argon.DegreeOfParallelism = 28 Argon.DegreeOfParallelism = 28
Argon.Iterations = nIterations * VERAG_VARIABLES.RandomInteger(2, 3) Argon.Iterations = nIterations * VERAG_VARIABLES.RandomInteger(2, 3)
Argon.MemorySize = My.Computer.Info.AvailablePhysicalMemory / 30 Argon.MemorySize = (((nIterations * 15.98 - (nIterations * 10.23) / 14 * 2) / 4.058) + 1 * 190)
Return Argon.GetBytes(nHash) Return Argon.GetBytes(nHash)
Else Else
Dim Argon As Argon2id = New Argon2id(Encoding.UTF8.GetBytes(VERAG_PROG_ALLGEMEIN.cCryptography3.Encrypt(password))) Dim Argon As Argon2id = New Argon2id(Encoding.UTF8.GetBytes(VERAG_PROG_ALLGEMEIN.cCryptography3.Encrypt(password)))
Argon.Salt = salt Argon.Salt = salt
Argon.DegreeOfParallelism = 48 Argon.DegreeOfParallelism = 48
Argon.Iterations = nIterations * VERAG_VARIABLES.RandomInteger(2, 4) Argon.Iterations = nIterations * VERAG_VARIABLES.RandomInteger(2, 4)
Argon.MemorySize = My.Computer.Info.AvailablePhysicalMemory / 30 Argon.MemorySize = (((nIterations * 17.98 - (nIterations * 10.23) / 1.85 * 2.28) / 10.28) + 1024 * 878) / 13.1
Return Argon.GetBytes(nHash) Return Argon.GetBytes(nHash)
End If End If
@@ -64,14 +64,14 @@ Public Class VERAG_VARIABLES
Argon.Salt = salt Argon.Salt = salt
Argon.DegreeOfParallelism = 24 Argon.DegreeOfParallelism = 24
Argon.Iterations = nIterations * VERAG_VARIABLES.RandomInteger(2, 3) Argon.Iterations = nIterations * VERAG_VARIABLES.RandomInteger(2, 3)
Argon.MemorySize = My.Computer.Info.AvailablePhysicalMemory / 30 Argon.MemorySize = (((nIterations * 15.98 - (nIterations * 10.23) / 14 * 2) / 4.058) + 1 * 190)
Return Await Argon.GetBytesAsync(nHash) Return Await Argon.GetBytesAsync(nHash)
Else Else
Dim Argon As Argon2id = New Argon2id(Encoding.UTF8.GetBytes(VERAG_PROG_ALLGEMEIN.cCryptography3.Encrypt(password))) Dim Argon As Argon2id = New Argon2id(Encoding.UTF8.GetBytes(VERAG_PROG_ALLGEMEIN.cCryptography3.Encrypt(password)))
Argon.Salt = salt Argon.Salt = salt
Argon.DegreeOfParallelism = 48 Argon.DegreeOfParallelism = 48
Argon.Iterations = nIterations * VERAG_VARIABLES.RandomInteger(2, 4) Argon.Iterations = nIterations * VERAG_VARIABLES.RandomInteger(2, 4)
Argon.MemorySize = My.Computer.Info.AvailablePhysicalMemory / 30 Argon.MemorySize = (((nIterations * 17.98 - (nIterations * 10.23) / 1.85 * 2.28) / 10.28) + 1024 * 878) / 13.1
Return Await Argon.GetBytesAsync(nHash) Return Await Argon.GetBytesAsync(nHash)
End If End If
End Function End Function

BIN
Berechnung Memorysize argon2.xlsx
View File

Binary file not shown.

6418
VERAG_Homepage/{11EF0CDA-BC19-40FB-91C4-25C81F3A27AC}/CodeAnalysisLog.xml
View File

File diff suppressed because it is too large Load Diff

3
login/login_FLEX.aspx
View File

@@ -450,8 +450,7 @@
<asp:RegularExpressionValidator ID="valid_getNumberInput" ControlToValidate="txt_CustomerID" Font-Size="18px" ForeColor="Red" ValidationGroup="Login" runat="server" Display="Dynamic" SetFocusOnError="false" ErrorMessage="The Customer-ID is not valid." ValidationExpression="[0-9]{1,10}"></asp:RegularExpressionValidator> <asp:RegularExpressionValidator ID="valid_getNumberInput" ControlToValidate="txt_CustomerID" Font-Size="18px" ForeColor="Red" ValidationGroup="Login" runat="server" Display="Dynamic" SetFocusOnError="false" ErrorMessage="The Customer-ID is not valid." ValidationExpression="[0-9]{1,10}"></asp:RegularExpressionValidator>
</td> </td>
</tr> </tr>
</table> </table>
<asp:Label ID="Testlbl" runat="server">Prozessoren:<%=My.Computer.Info.AvailablePhysicalMemory.ToString + Environment.NewLine + Environment.ProcessorCount.ToString%></asp:Label>
</center> </center>
</LayoutTemplate> </LayoutTemplate>
</asp:Login> </asp:Login>

204
login/login_FLEX.aspx.vb
View File

@@ -102,7 +102,7 @@ Partial Class login_FLEX
End Try End Try
End Sub End Sub
Protected Async Sub ValidateUser(sender As Object, e As EventArgs) Protected Async Sub ValidateUser(sender As Object, e As EventArgs) Handles Login1.LoggingIn
Dim ConnectionString = "" Dim ConnectionString = ""
If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
VERAG_PROG_ALLGEMEIN.cAllgemein.TESTSYSTEM = True VERAG_PROG_ALLGEMEIN.cAllgemein.TESTSYSTEM = True
@@ -150,19 +150,7 @@ Partial Class login_FLEX
End If End If
End If End If
End If End If
If String.IsNullOrEmpty(tb_M.Text) = False AndAlso String.IsNullOrEmpty(tb.Text) = True Then
reqfieldvaluserID.Enabled = False
reqfieldvaluserID_M.Enabled = True
If reqfieldvaluserID_M.IsValid = True Then
regexusername_M.Validate()
If regexusername_M.IsValid Then
Customer_ID = tb_M.Text
Else
VERAG_VARIABLES.seterrorcount(2)
regexusername_M.ErrorMessage = VERAG_VARIABLES.geterrornumb + "Customer-ID does not have any special characters in it."
End If
End If
End If
If String.IsNullOrEmpty(tb2.Text) = False AndAlso String.IsNullOrEmpty(tb2_M.Text) = True Then If String.IsNullOrEmpty(tb2.Text) = False AndAlso String.IsNullOrEmpty(tb2_M.Text) = True Then
reqfieldvaluserName.Enabled = True reqfieldvaluserName.Enabled = True
reqfieldvaluserName_M.Enabled = False reqfieldvaluserName_M.Enabled = False
@@ -178,43 +166,18 @@ Partial Class login_FLEX
reqfieldvaluserName.ErrorMessage = String.Empty reqfieldvaluserName.ErrorMessage = String.Empty
End If End If
End If End If
If String.IsNullOrEmpty(tb2_M.Text) = False AndAlso String.IsNullOrEmpty(tb2.Text) = True Then
reqfieldvaluserName.Enabled = False
reqfieldvaluserName_M.Enabled = True
reqfieldvaluserName_M.Validate()
If reqfieldvaluserName_M.IsValid = True Then
regexusername_M.Validate()
If regexusername.IsValid Then
UserNaMe = tb2_M.Text
Else
VERAG_VARIABLES.seterrorcount(3)
regexusername.ErrorMessage = VERAG_VARIABLES.geterrornumb + "Password has to match the criterias of tge info button."
End If
End If
End If
If String.IsNullOrEmpty(tb3.Text) = False AndAlso String.IsNullOrEmpty(tb3_M.Text) = True Then If String.IsNullOrEmpty(tb3.Text) = False AndAlso String.IsNullOrEmpty(tb3_M.Text) = True Then
reqfieldvalpassw.Enabled = True reqfieldvalpassw.Enabled = True
reqfieldvalpassw_M.Enabled = False reqfieldvalpassw_M.Enabled = False
reqfieldvalpassw.Validate() reqfieldvalpassw.Validate()
If reqfieldvalpassw.IsValid = True Then If reqfieldvalpassw.IsValid = True Then
intzahl = VERAG_VARIABLES.RandomInteger(107, Math.Pow(2, 10)) intzahl = VERAG_VARIABLES.RandomInteger(107, Math.Pow(2, 10))
Dim hashpw1 As Byte() = Await VERAG_VARIABLES.HashPasswordAsync(tb3.Text, salt, intzahliterats, intzahl) Dim hashpw1 As Byte() = Await VERAG_VARIABLES.HashPasswordAsync(tb3_M.Text, salt, intzahliterats, intzahl)
passw = tb3.Text
End If
End If
If String.IsNullOrEmpty(tb3_M.Text) = False AndAlso String.IsNullOrEmpty(tb3.Text) = True Then
reqfieldvalpassw.Enabled = False
reqfieldvalpassw_M.Enabled = True
reqfieldvalpassw_M.Validate()
intzahl = VERAG_VARIABLES.RandomInteger(147, Math.Pow(2, 10))
If reqfieldvalpassw_M.IsValid = True Then
Dim hashpw_M As Byte() = Await VERAG_VARIABLES.HashPasswordAsync(tb3_M.Text, salt, intzahliterats, intzahl)
passw = tb3_M.Text passw = tb3_M.Text
Else
VERAG_VARIABLES.seterrorcount(4)
reqfieldvalpassw_M.ErrorMessage = String.Empty
End If End If
End If End If
' Dim constr As String = ConfigurationManager.ConnectionStrings("constr").ConnectionString ' Dim constr As String = ConfigurationManager.ConnectionStrings("constr").ConnectionString
Using con As New SqlConnection(ConnectionString) Using con As New SqlConnection(ConnectionString)
' Using cmd As New SqlCommand("Validate_User") ' Using cmd As New SqlCommand("Validate_User")
@@ -253,8 +216,9 @@ Partial Class login_FLEX
VERAG_VARIABLES.seterrorcount(8) VERAG_VARIABLES.seterrorcount(8)
Login1.FailureText = VERAG_VARIABLES.geterrornumb + "Username is not in the database!" Login1.FailureText = VERAG_VARIABLES.geterrornumb + "Username is not in the database!"
End If End If
If String.Equals(tb3.Text, dr("Password")) = True Then If String.Equals(tb3.Text, dr("Password")) = True Then
intzahl = VERAG_VARIABLES.RandomInteger(105, Math.Pow(2, 7)) intzahl = VERAG_VARIABLES.RandomInteger(VERAG_VARIABLES.RandomInteger(95, 200), Math.Pow(2, 7))
salt = VERAG_VARIABLES.GenerateSalt(intzahl) salt = VERAG_VARIABLES.GenerateSalt(intzahl)
Dim hashpw As Byte() = Await VERAG_VARIABLES.HashPasswordAsync(passw, salt, intzahliterats, intzahl) Dim hashpw As Byte() = Await VERAG_VARIABLES.HashPasswordAsync(passw, salt, intzahliterats, intzahl)
If Await VERAG_VARIABLES.VerifyhashAsync(dr("Password").ToString, salt, hashpw, intzahliterats, intzahl) = True Then If Await VERAG_VARIABLES.VerifyhashAsync(dr("Password").ToString, salt, hashpw, intzahliterats, intzahl) = True Then
@@ -264,10 +228,9 @@ Partial Class login_FLEX
End If End If
Else Else
VERAG_VARIABLES.seterrorcount(9) VERAG_VARIABLES.seterrorcount(9)
Login1.FailureText = VERAG_VARIABLES.geterrornumb + "Password is not in the database!" Login1.FailureText = VERAG_VARIABLES.geterrornumb + "Password is not in the Database!"
End If End If
'MsgBox("Erfolgreich validiert.") 'MsgBox("Erfolgreich validiert.")
Session.Add("test", UserNaMe) Session.Add("test", UserNaMe)
Session.Add("CustomerID", Customer_ID) Session.Add("CustomerID", Customer_ID)
@@ -281,9 +244,7 @@ Partial Class login_FLEX
End Using End Using
If String.IsNullOrEmpty(tb2_M.Text) = False AndAlso String.IsNullOrEmpty(tb2.Text) = True Then If String.IsNullOrEmpty(tb2_M.Text) = False AndAlso String.IsNullOrEmpty(tb2.Text) = True Then
FormsAuthentication.SetAuthCookie(Login1.UserName, cb_M.Checked) FormsAuthentication.SetAuthCookie(Login1.UserName, cb.Checked)
ElseIf String.IsNullOrEmpty(tb2.Text) = False AndAlso String.IsNullOrEmpty(tb2_M.Text) = True Then
FormsAuthentication.SetAuthCookie(Login2.UserName, cb.Checked)
End If End If
'If (String.IsNullOrEmpty(passw) = False And String.IsNullOrEmpty(UserNaMe) = False And String.IsNullOrEmpty(Customer_ID) = False) Then 'If (String.IsNullOrEmpty(passw) = False And String.IsNullOrEmpty(UserNaMe) = False And String.IsNullOrEmpty(Customer_ID) = False) Then
'Dim str = gensaltToken(UserNaMe, passw, Customer_ID, Session.IsNewSession) 'Dim str = gensaltToken(UserNaMe, passw, Customer_ID, Session.IsNewSession)
@@ -291,7 +252,154 @@ Partial Class login_FLEX
'End If 'End If
FormsAuthentication.RedirectFromLoginPage(UserNaMe, True) FormsAuthentication.RedirectFromLoginPage(UserNaMe, True)
End Sub End Sub
Protected Async Sub ValidateUser_M(sender As Object, e As EventArgs) Handles Login2.LoggingIn
Dim ConnectionString = ""
If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
VERAG_PROG_ALLGEMEIN.cAllgemein.TESTSYSTEM = True
'ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=sa;Pwd=BmWr501956"
ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
Else
VERAG_PROG_ALLGEMEIN.cAllgemein.TESTSYSTEM = False
ConnectionString = "Server=DEVELOPER.verag.ost.dmn\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
'ConnectionString = "Server=db593295684.db.1and1.com;Database=db593295684;Uid=dbo593295684;Pwd=atilla#2;"
End If
Dim tb As TextBox = Login1.FindControl("txt_CustomerID")
Dim tb_M As TextBox = Login2.FindControl("txt_CustomerID_M")
Dim tb2 As TextBox = Login1.FindControl("Username")
Dim tb2_M As TextBox = Login2.FindControl("Username")
Dim tb3 As TextBox = Login1.FindControl("Password")
Dim tb3_M As TextBox = Login2.FindControl("Password")
Dim reqfieldvaluserID As RequiredFieldValidator = Login1.FindControl("CustomerIDrequired")
Dim reqfieldvaluserID_M As RequiredFieldValidator = Login2.FindControl("CustomerID_M_required")
Dim reqfieldvaluserName As RequiredFieldValidator = Login1.FindControl("UserNamerequired")
Dim reqfieldvaluserName_M As RequiredFieldValidator = Login2.FindControl("UserName_M_required")
Dim reqfieldvalpassw As RequiredFieldValidator = Login1.FindControl("Passwordrequired")
Dim reqfieldvalpassw_M As RequiredFieldValidator = Login2.FindControl("Passwordrequired_M")
Dim regexuserID As RegularExpressionValidator = Login1.FindControl("valid_getNumberInput")
Dim regexuserID_M As RegularExpressionValidator = Login2.FindControl("valid_getNumber_M_Input")
Dim regexusername As RegularExpressionValidator = Login1.FindControl("check_UserName_regex")
Dim regexusername_M As RegularExpressionValidator = Login2.FindControl("check_UserName_M_regex")
Dim cb As CheckBox = Login1.FindControl("RememberMe")
Dim cb_M As CheckBox = Login2.FindControl("RememberMe_M")
If String.IsNullOrEmpty(tb_M.Text) = False AndAlso String.IsNullOrEmpty(tb.Text) = True Then
reqfieldvaluserID.Enabled = False
reqfieldvaluserID_M.Enabled = True
If reqfieldvaluserID_M.IsValid = True Then
regexusername_M.Validate()
If regexusername_M.IsValid Then
Customer_ID = tb_M.Text
Else
VERAG_VARIABLES.seterrorcount(2)
regexusername_M.ErrorMessage = VERAG_VARIABLES.geterrornumb + "Customer-ID does not have any special characters in it."
End If
End If
End If
If String.IsNullOrEmpty(tb2_M.Text) = False AndAlso String.IsNullOrEmpty(tb2.Text) = True Then
reqfieldvaluserName.Enabled = False
reqfieldvaluserName_M.Enabled = True
reqfieldvaluserName_M.Validate()
If reqfieldvaluserName_M.IsValid = True Then
regexusername_M.Validate()
If regexusername.IsValid Then
UserNaMe = tb2_M.Text
Else
VERAG_VARIABLES.seterrorcount(3)
regexusername.ErrorMessage = VERAG_VARIABLES.geterrornumb + "Password has to match the criterias of tge info button."
End If
End If
End If
If String.IsNullOrEmpty(tb3_M.Text) = False AndAlso String.IsNullOrEmpty(tb3.Text) = True Then
reqfieldvalpassw.Enabled = False
reqfieldvalpassw_M.Enabled = True
reqfieldvalpassw_M.Validate()
intzahl = VERAG_VARIABLES.RandomInteger(147, Math.Pow(2, 10))
If reqfieldvalpassw_M.IsValid = True Then
Dim hashpw_M As Byte() = Await VERAG_VARIABLES.HashPasswordAsync(tb3_M.Text, salt, intzahliterats, intzahl)
passw = tb3_M.Text
Else
VERAG_VARIABLES.seterrorcount(4)
reqfieldvalpassw_M.ErrorMessage = String.Empty
End If
End If
' Dim constr As String = ConfigurationManager.ConnectionStrings("constr").ConnectionString
Using con As New SqlConnection(ConnectionString)
' Using cmd As New SqlCommand("Validate_User")
Using cmd As New SqlCommand("SELECT KundenNr,Username,Password FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND Password=@Password AND KundenNr=@KundenNr")
' cmd.CommandType = CommandType.StoredProcedure
cmd.Parameters.AddWithValue("@Username", UserNaMe)
cmd.Parameters.AddWithValue("@KundenNr", Customer_ID)
cmd.Parameters.AddWithValue("@Password", passw)
cmd.Connection = con
con.Open()
cmd.ExecuteScalar()
' userId = Convert.ToInt32(cmd.ExecuteScalar())
Dim dr As SqlDataReader = cmd.ExecuteReader()
If dr.HasRows = True Then
dr.Read()
'MsgBox(dr.Item(0).ToString())
Select Case dr.Item(0)
Case 0
VERAG_VARIABLES.seterrorcount(5)
Login2.FailureText = VERAG_VARIABLES.geterrornumb + "Username and/or Password do not match."
Exit Select
Case -2
VERAG_VARIABLES.seterrorcount(6)
Login2.FailureText = VERAG_VARIABLES.geterrornumb + "Account is not activated."
Exit Select
Case Else
If tb_M.Text = dr("KundenNr").ToString Then
Customer_ID = dr("KundenNr").ToString
Else
VERAG_VARIABLES.seterrorcount(7)
Login2.FailureText = VERAG_VARIABLES.geterrornumb + "ID cannot be found in the database!"
End If
If tb2_M.Text = dr("Username") Then
UserNaMe = dr("Username").ToString
Else
VERAG_VARIABLES.seterrorcount(8)
Login2.FailureText = VERAG_VARIABLES.geterrornumb + "Username is not in the database!"
End If
If String.Equals(tb3_M.Text, dr("Password")) = True Then
intzahl = VERAG_VARIABLES.RandomInteger(VERAG_VARIABLES.RandomInteger(95, 200), Math.Pow(2, 7))
salt = VERAG_VARIABLES.GenerateSalt(intzahl)
Dim hashpw As Byte() = Await VERAG_VARIABLES.HashPasswordAsync(passw, salt, intzahliterats, intzahl)
If Await VERAG_VARIABLES.VerifyhashAsync(dr("Password").ToString, salt, hashpw, intzahliterats, intzahl) = True Then
passw = dr("Password").ToString
Else
passw = String.Empty
End If
Else
VERAG_VARIABLES.seterrorcount(9)
Login2.FailureText = VERAG_VARIABLES.geterrornumb + "Password is not in the Database!"
End If
'MsgBox("Erfolgreich validiert.")
Session.Add("test", UserNaMe)
Session.Add("CustomerID", Customer_ID)
Session.Add("PW", passw)
Exit Select
End Select
End If
dr.Close()
con.Close()
End Using
End Using
If String.IsNullOrEmpty(tb2.Text) = False AndAlso String.IsNullOrEmpty(tb2_M.Text) = True Then
FormsAuthentication.SetAuthCookie(Login2.UserName, cb_M.Checked)
End If
'If (String.IsNullOrEmpty(passw) = False And String.IsNullOrEmpty(UserNaMe) = False And String.IsNullOrEmpty(Customer_ID) = False) Then
'Dim str = gensaltToken(UserNaMe, passw, Customer_ID, Session.IsNewSession)
'MsgBox(str)
'End If
FormsAuthentication.RedirectFromLoginPage(UserNaMe, True)
End Sub
Protected Sub LoginButton_Click(sender As Object, e As EventArgs) Protected Sub LoginButton_Click(sender As Object, e As EventArgs)
Validate("Login") Validate("Login")
Session.Add("test", UserNaMe) Session.Add("test", UserNaMe)