How should my method look like for automatic authentication?

Question

0.00/5 (No votes)

See more:

Hello,

I have a login form which has only one field for the password.My approach is using an RFID reader that reads values from the NFC tag and display it in a textbox.I have passwordbox that fills up with the SN of the card when the user swipes the card of the card reader.This happening,in the passwordbox will apear the SN and I want to check the SN with the values from the db.If the value exists,the user will automatically enter in the system without pressing any button or doing any sort of action.I have my method for now that checks the value,but i don't know how to do it so that it will automatically log in the user into the system.I've searched for examples in hope that I will find some relevant connection to what I have,but unfortunately I couldn't find anything suitable in my case.My RFID reader is working perfectly,my basic method works fine.Could someone please give me an example of how this should be made?I'm using WPF with MVVM and db first.Thank you in advance!

What I have tried:

This is my basic method for log in:

public void SubmitButton(object param)
     {

         SqlConnection conn = new SqlConnection(@"Data Source=(LocalDB)\MSSQLLocalDB;AttachDbFilename=C:\Users\User\source\repos\VIAApp2Demo\VIAApp2Demo\DB\DatabaseStudents.mdf;Integrated Security=True;Connect Timeout=30");
         try
         {


             if (conn.State == System.Data.ConnectionState.Closed)
                 conn.Open();
             String query = "SELECT COUNT (*) FROM Login where pwd=@pwd";
             SqlCommand cmd = new SqlCommand(query, conn);
             cmd.CommandType = CommandType.Text;



             SqlParameter Pwd = cmd.Parameters.AddWithValue("@pwd", SqlDbType.Int);
             //cmd.Parameters["@pwd"].Value = _pwd.pwd;
             cmd.Parameters["@pwd"].Value = TestPassword;
             if (Pwd.Value == null)
             {
                 Pwd.Value = DBNull.Value;
             }

             int count = Convert.ToInt32(cmd.ExecuteScalar());
             if (count > 0)

             {
                 MainWindow main = new MainWindow();
                 main.Show();

             }
             else
             {
                 MessageBox.Show("Password is incorrect!");
             }

         }

         catch (Exception ex)
         {
             MessageBox.Show(ex.Message);
         }
         finally
         {
             conn.Close();
         }
     }

Posted 23-Mar-18 2:32am

Daniel Andrei Popescu

Updated 23-Mar-18 2:51am

v2

Add a Solution

Comments

F-ES Sitecore 23-Mar-18 10:12am

You'll need to identify an event that you can use to trigger the auto-login. We don't have access to your hardware, we don't know how it works, we don't know what your serial numbers are so we can't really say. If it triggers key press events in the textbox you can listen to that event and if the serial number is always the same length you can do the login when that length is reached. That's just one idea, as I said it depends on your specific implementation.

Richard Deeming 23-Mar-18 12:37pm

NEVER store passwords in plain text!

Secure Password Authentication Explained Simply[^]
Salted Password Hashing - Doing it Right[^]

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

#realJSOP · Answer 1 · 2018-03-23T02:52:00

Solution 1

So you want to log them in immediately upon swiping their card? That is pretty insecure because ANYBODY could swipe the card (even someone else's card).

Two-factor authentication (something you have - the card, and something you know - your password) is highly recommended.

If that's not what you're after, modify your question.

EDIT ====================

Since you're using MVVM, you can hook the PropertyChanged event in your viewmodel for the property that holds the serial number, and perform any processing required when that event for that property is fired.

Posted 23-Mar-18 2:52am

#realJSOP

Updated 23-Mar-18 5:11am

v2

Comments

Daniel Andrei Popescu 23-Mar-18 9:38am

Hello,
This doesn't depend on what I want.I'm an intern at the university where I'm studying and the staff there told me that this is how they want the system to be.I also made a normal authentication in case someone happens to forget the card.The app is used only by lecturers,and it's their responsibility if this sort of things happen.Every card has a serial nr inside and it is unique.In this case,not anybody can access the system since only the lecturers have the card and on every lecturer's card it's a different serial nr.

#realJSOP 23-Mar-18 11:08am

Yeah, but like I said, a card could get lost/stolen and used by someone that isn't supposed to have access to it. Just sayin...

In any case, I'm going to modify my answer.

Daniel Andrei Popescu 5-Apr-18 3:08am

Thank you,I understand what you are saying but this is not up to me,it's up to my boss,so any help would be appreciated :)