1 00:00:00,990 --> 00:00:06,070 In this video we'll be setting up a logging system for a car and up. 2 00:00:06,090 --> 00:00:13,230 This will require us to make a few changes one to the database and the tool to the overall flow of our 3 00:00:13,230 --> 00:00:14,060 application. 4 00:00:14,340 --> 00:00:20,130 So I'll start off with the database changes are the spring up my management studio and what we need 5 00:00:20,130 --> 00:00:28,260 is a new table which will store the user information so those directly on new on tables go to new table 6 00:00:28,800 --> 00:00:34,380 and then what we want is an I.D. of course which would be of type Integer. 7 00:00:34,380 --> 00:00:42,030 It would be the primary key and we will set it to be identity so it will auto increment and once again 8 00:00:42,030 --> 00:00:46,590 if you're not so familiar with database development then you can check out my course. 9 00:00:46,600 --> 00:00:57,870 My soft askew server for everyone or my askew of database design and mastery so the setting of our I.D. 10 00:00:57,930 --> 00:01:06,780 column we then have the most common user related fields which would be user name which us it does invite 11 00:01:06,840 --> 00:01:20,090 char 50 and password which I will set as an arch R. and I set this one up b a hundred and I'll explain 12 00:01:20,090 --> 00:01:28,340 why I'll also not allow these two to be no as well it doesn't make sense to have a user with neither 13 00:01:28,340 --> 00:01:35,400 use anymore password or either or both must be present for a user to be complete right. 14 00:01:35,420 --> 00:01:40,510 So I just have those three columns for no save this and I'll just call this one. 15 00:01:40,550 --> 00:01:44,210 Users click Okay. 16 00:01:44,210 --> 00:01:45,860 And then we have our new table. 17 00:01:45,940 --> 00:01:50,840 Now some schools of thought would say that you know you want to use that truck. 18 00:01:50,870 --> 00:01:52,780 Exactly which user is doing what. 19 00:01:52,790 --> 00:01:54,140 In your application. 20 00:01:54,140 --> 00:02:01,010 So if that is your desire then what you'd want to do is add foreign keys to your other tables being 21 00:02:01,100 --> 00:02:10,820 types of cars and a car into record so that you can actually see who is interacting with these tables. 22 00:02:10,820 --> 00:02:13,650 What are these records out whatever points. 23 00:02:13,790 --> 00:02:20,020 I wouldn't go that far though I just want a simple logging system so that we can try and restrict access 24 00:02:20,020 --> 00:02:21,750 or application. 25 00:02:21,950 --> 00:02:28,190 So after adding this to the database I have to go back to my code and make a few modifications. 26 00:02:28,190 --> 00:02:35,610 So they've just come out of debug mode and then the first modification I'm going to make is two or EDI 27 00:02:35,910 --> 00:02:36,690 X.. 28 00:02:36,770 --> 00:02:43,430 So whenever you make a change to the database you want your and makes or your entity diagram to be aware 29 00:02:43,430 --> 00:02:44,300 of those changes. 30 00:02:44,330 --> 00:02:52,630 So we added a new table so I get this right click go to update model from database then when this comes 31 00:02:52,630 --> 00:02:59,440 up you'll see the ad tab and under the ad tab you noticed that I have an arrow beside tables and is 32 00:02:59,440 --> 00:03:03,730 showing me that I have a new table that is in the database but not in the diagram. 33 00:03:03,730 --> 00:03:09,850 So I can just click users click finish and then it will go ahead and do whatever process it needs to 34 00:03:09,850 --> 00:03:18,810 do with the end result being the addition of the user table to my to my idea makes that I'm right. 35 00:03:19,150 --> 00:03:26,760 So no my application knows and can access the user's table or user properties right. 36 00:03:26,800 --> 00:03:33,340 If I had set up relationships like I said way it sets up the foreign keys between the tables and these 37 00:03:33,340 --> 00:03:33,700 are tip. 38 00:03:33,700 --> 00:03:38,530 Then you would see lines going all around the place because these two are related and the end user would 39 00:03:38,530 --> 00:03:42,640 be related to types of car as well as current record. 40 00:03:43,000 --> 00:03:44,680 But that's that wasn't done. 41 00:03:44,680 --> 00:03:48,140 So here a diagram should look like this. 42 00:03:48,250 --> 00:03:54,160 Of course you build and as you can see my my computer still loading because it's building and we give 43 00:03:54,160 --> 00:03:55,400 it a moment. 44 00:03:55,630 --> 00:03:59,530 And no that's done we can go ahead and design our log in form. 45 00:03:59,530 --> 00:04:06,260 So I'm just going to go back to solution explorer act like our projects go to ad and then I want a new 46 00:04:06,260 --> 00:04:06,920 farm. 47 00:04:07,270 --> 00:04:09,550 And this one is going to be logging. 48 00:04:09,550 --> 00:04:15,100 So I'm just going to call it it's the log in and then I click I'd give it some time to process all of 49 00:04:15,100 --> 00:04:16,070 that. 50 00:04:16,090 --> 00:04:20,770 All right so I went ahead and designed it and I use the same techniques you've been using up until this 51 00:04:20,770 --> 00:04:21,370 point. 52 00:04:21,730 --> 00:04:27,370 I used the label for the label at the top to depict that it's a log in farm. 53 00:04:27,520 --> 00:04:32,580 I use that table labeled and on the left I put the labels for using a my password. 54 00:04:32,710 --> 00:04:37,990 So the write up with the text boxes and then I have to make sure that my ticks boxes have the correct 55 00:04:37,990 --> 00:04:38,710 names. 56 00:04:38,710 --> 00:04:44,500 So I have TB user name and I have TB password right. 57 00:04:44,530 --> 00:04:46,140 So you can the spores of video. 58 00:04:46,240 --> 00:04:49,430 And then I'll force out the log in button at the end of the day. 59 00:04:49,520 --> 00:04:54,910 Taken pause a video here and do your design you know similar to mine if you want if you have a different 60 00:04:54,940 --> 00:04:56,000 vision that's fine. 61 00:04:56,140 --> 00:05:02,170 But at the end of the day we've been learning this so I'm not going to go over the same things are these 62 00:05:02,170 --> 00:05:08,890 basic things over and over and over again because help you call it open you're familiar with it if you're 63 00:05:08,890 --> 00:05:14,470 not then you can review the previous videos and get up to speed with some of these controls and how 64 00:05:14,470 --> 00:05:15,610 they work. 65 00:05:15,850 --> 00:05:21,980 The next step however would be to make sure that the log in button works because once the person provides 66 00:05:22,000 --> 00:05:23,830 username and the password. 67 00:05:23,830 --> 00:05:27,850 The next step is for them to actually log in our click log in. 68 00:05:27,850 --> 00:05:31,170 So of course on click we want to do something. 69 00:05:31,320 --> 00:05:37,930 Now that's something that we're going to want to do involves us interacting with the database and looking 70 00:05:37,960 --> 00:05:45,490 and retrieving the user name and password to make sure that whatever was entered matches what is in 71 00:05:45,490 --> 00:05:46,540 the database. 72 00:05:46,540 --> 00:05:54,340 So by way of testing firstly I'm going to go back to the database and I'm going to add our red card. 73 00:05:54,370 --> 00:05:57,250 So let me just refresh my tables. 74 00:05:57,250 --> 00:06:06,430 Go to my users tables See edit top 200 rows and then I'm going to put in a manual username admin and 75 00:06:06,430 --> 00:06:13,660 the password here is going to be the word password all lowercase and then that's our first user in our 76 00:06:13,660 --> 00:06:14,260 database. 77 00:06:14,290 --> 00:06:15,520 So admin password. 78 00:06:15,550 --> 00:06:22,570 So that means when I get to the log in form if I provide credentials username admin and the password 79 00:06:22,570 --> 00:06:23,920 is the word password. 80 00:06:24,050 --> 00:06:30,730 Then when I click the log in it should be able to look in the database verify that the user name I provided 81 00:06:30,730 --> 00:06:32,340 matches the one that the database. 82 00:06:32,440 --> 00:06:33,370 The password. 83 00:06:33,610 --> 00:06:34,750 Likewise. 84 00:06:34,750 --> 00:06:36,760 And then say yes or no. 85 00:06:36,760 --> 00:06:38,030 I can go through. 86 00:06:38,140 --> 00:06:38,490 All right. 87 00:06:38,860 --> 00:06:44,830 So Mark in our code or like I said we need to interact with the database. 88 00:06:44,890 --> 00:06:56,260 So that means that we need something for that so we can store Private Read only and then our object 89 00:06:56,470 --> 00:07:07,800 of car and entities and call the object on the score be and then I will initialize this on the score 90 00:07:07,810 --> 00:07:13,300 D.B. is equal to a new instance of car rental and it is. 91 00:07:13,300 --> 00:07:14,600 There we go. 92 00:07:14,600 --> 00:07:18,780 Now in the click event I want to wrap it in a traffic get from no. 93 00:07:18,790 --> 00:07:23,470 So just say Try sorry let me try this again. 94 00:07:23,470 --> 00:07:29,440 Try a double tap the C double the top tab and it generates that snippet. 95 00:07:29,560 --> 00:07:30,180 Right. 96 00:07:30,280 --> 00:07:37,920 And then I'll just write up my exception so I'll give a generic arrow. 97 00:07:37,930 --> 00:07:42,280 So it's never a good idea to actually show the exception message to the user. 98 00:07:42,280 --> 00:07:46,940 Like I've said before even though I've done it before I'm just showing you that you can. 99 00:07:46,960 --> 00:07:51,880 But generally speaking you probably don't want to because that means nothing to the user so you just 100 00:07:51,880 --> 00:07:54,280 want to see something went wrong. 101 00:07:54,390 --> 00:07:54,910 Dragon 102 00:07:59,940 --> 00:08:04,640 right so then that's what you want to do. 103 00:08:05,150 --> 00:08:13,030 And then for the trial what we're going to try is to retrieve the values from our farm so I can save 104 00:08:13,040 --> 00:08:28,670 our user name is equal to TB user name dot text and then the same way of our password is equal to TB 105 00:08:28,790 --> 00:08:31,520 password text. 106 00:08:31,760 --> 00:08:35,990 So we've retrieved the user name retrieve the password that the user has entered. 107 00:08:35,990 --> 00:08:40,910 No the thing with the user name is that you may want to terminate a true means that you're taking off 108 00:08:40,910 --> 00:08:47,780 white spaces on either side so I can actually say something like string dot trim 109 00:08:51,330 --> 00:08:51,930 Oh sorry. 110 00:08:51,960 --> 00:08:56,130 No it wouldn't be strewn about trim string does not have that trim function. 111 00:08:56,130 --> 00:08:57,780 You would actually be taxed. 112 00:08:57,890 --> 00:08:59,080 Not true. 113 00:08:59,100 --> 00:09:00,010 Right. 114 00:09:00,030 --> 00:09:06,410 So when we say Trim whatever string value it is our string variable that we see a trim. 115 00:09:06,600 --> 00:09:13,560 Then what it will do is take off any leading whitespace or trailing with whitespace from the user name 116 00:09:13,560 --> 00:09:16,910 because if I wrote my username I write if I wrote space. 117 00:09:17,000 --> 00:09:23,270 All right inadvertently press the space bar while writing or before writing or after writing the user 118 00:09:23,270 --> 00:09:27,990 name then it would not be directed much so you just want to trim it to make sure you don't have any 119 00:09:28,170 --> 00:09:33,030 trailing whitespace or leading whitespace so that the text is more absolute. 120 00:09:33,030 --> 00:09:37,110 During a comparison you don't want to do that with a password though because you want to make sure that 121 00:09:37,110 --> 00:09:45,290 a person puts in the exact text that is in the database that they put into the actual text box art. 122 00:09:45,360 --> 00:09:52,980 So after retrieving the user name and password the next thing I want to do is actually compare this 123 00:09:52,980 --> 00:09:57,950 or try to find something in the database that matches this combination. 124 00:09:58,090 --> 00:10:06,150 So I'm going to say var user which is my object that's I'm going to use to retrieve from my database 125 00:10:06,440 --> 00:10:09,290 and of my users table. 126 00:10:09,600 --> 00:10:10,790 Any record. 127 00:10:10,830 --> 00:10:12,480 So I want one record. 128 00:10:12,760 --> 00:10:13,140 All right. 129 00:10:13,140 --> 00:10:16,700 So a nearby variable user because I'm expecting one record. 130 00:10:16,830 --> 00:10:22,980 There shouldn't be tool users with the same user name and password combination and even if they have 131 00:10:22,980 --> 00:10:26,880 the same password additions of the same user name at any given point. 132 00:10:26,880 --> 00:10:29,670 So I'm expecting only one use it to come back really. 133 00:10:29,820 --> 00:10:35,430 And I'm want to say first order default and then I'm going to throw up a lambda expression and then 134 00:10:35,430 --> 00:10:42,360 I would just say I want the first default user who has a user name that matches the user name I just 135 00:10:42,360 --> 00:10:51,480 got from my text box and say I can use that and then they are just like if I was doing an if statement 136 00:10:52,140 --> 00:10:59,530 and the password in the database there are actually much as the password in the text box. 137 00:10:59,580 --> 00:11:00,450 All right. 138 00:11:00,450 --> 00:11:05,670 So on side with that I'm not going to check if I got but I user or not. 139 00:11:05,670 --> 00:11:17,620 So I say if user is equivalent to no then and if the user is equivalent to no that means after search 140 00:11:17,620 --> 00:11:20,470 the database for the first or default user. 141 00:11:20,530 --> 00:11:21,850 Well default means no. 142 00:11:21,880 --> 00:11:28,250 So for the first user that has the same user name that was entered into the text box and the same password 143 00:11:28,250 --> 00:11:30,320 that was intended into the text box. 144 00:11:30,430 --> 00:11:33,790 If that user comes back as no. 145 00:11:33,830 --> 00:11:34,290 All right. 146 00:11:34,300 --> 00:11:43,940 So if after that operation this is no then we want to say something like please provide valid credentials. 147 00:11:43,990 --> 00:11:44,320 All right. 148 00:11:44,320 --> 00:11:48,510 So as far as we're concerned nobody in the database much is that. 149 00:11:48,640 --> 00:11:54,290 No you don't want to tell them exactly what's wrong as in you don't want to say yes I phoned that user 150 00:11:54,290 --> 00:11:57,430 name but your password might be wrong or vice versa. 151 00:11:57,430 --> 00:12:02,920 Because if it was somebody who is trying to maliciously get into your system you would have solved half 152 00:12:02,920 --> 00:12:08,660 of the equation for them letting them know why they couldn't get you into your application. 153 00:12:08,660 --> 00:12:09,040 All right. 154 00:12:09,430 --> 00:12:20,560 So you want to say if it is no if no user exists like that then you know please provide valid credentials. 155 00:12:20,770 --> 00:12:28,840 We can leave the else blank for no of course that's what would happen if it is if everything is okay 156 00:12:28,870 --> 00:12:32,710 then that's what would happen so I'm just going to see flaws are. 157 00:12:32,740 --> 00:12:39,340 So just for experiment sake just for all we're going to see if it is not correct then the screen should 158 00:12:39,340 --> 00:12:43,170 just give us a message box if it is okay then the screen will just close. 159 00:12:43,190 --> 00:12:43,810 All right. 160 00:12:43,930 --> 00:12:51,750 No if we want this window to come up when we press start then we need to modify or programmed out six. 161 00:12:51,760 --> 00:12:54,590 So right now it's going to launch the main window first. 162 00:12:54,630 --> 00:13:00,250 What I want for the floor if my application is that when you double click that application to run it 163 00:13:00,490 --> 00:13:07,810 it's actually going to launch the log in screen first and then if it launches a log in screen then you 164 00:13:07,990 --> 00:13:12,670 get to an Nah you don't get it you either get further which means you get to the main window which is 165 00:13:12,670 --> 00:13:17,800 our MDI period which we've designed to hold as every other window on functionality of our application 166 00:13:18,190 --> 00:13:20,100 or you're stuck at the log in screen. 167 00:13:20,110 --> 00:13:20,380 All right. 168 00:13:20,680 --> 00:13:26,850 So I wanted to see a launch the log in the window first. 169 00:13:26,950 --> 00:13:29,710 So when the application runs launch log in. 170 00:13:29,740 --> 00:13:34,690 So when I click start then we see our log in window come up. 171 00:13:34,750 --> 00:13:43,870 So if I type in admin 1 and I type in the word password and click the log in then nothing comes up. 172 00:13:43,870 --> 00:13:44,790 All right. 173 00:13:44,920 --> 00:13:51,330 So you see that please provide valid valid credentials and I'll show you exactly how I got these squares. 174 00:13:51,340 --> 00:13:56,380 So you're probably typing inside of it and you're seeing the word password come up and you're seeing 175 00:13:56,380 --> 00:14:03,730 squares going up in mine which just represents the generic card so showing that you know it's obscured 176 00:14:03,730 --> 00:14:04,470 it's masked. 177 00:14:04,500 --> 00:14:07,630 So I want to show you exactly who I am masked mine. 178 00:14:07,930 --> 00:14:12,400 I did send a text box and I did I skip this step of showing you so that's fine I'll go back. 179 00:14:12,400 --> 00:14:17,640 But the point is that when I type in invited credentials it won't let me go further. 180 00:14:17,890 --> 00:14:21,940 If I type in admin and password and I click log in then it closes. 181 00:14:21,940 --> 00:14:28,660 So we see that's our application or our log in logic is working because it went to the database and 182 00:14:28,660 --> 00:14:34,720 it checked and it saw admin as a username password as a password and so it did whatever it was supposed 183 00:14:34,720 --> 00:14:37,720 to do in the else statement. 184 00:14:37,810 --> 00:14:38,170 All right. 185 00:14:38,560 --> 00:14:43,060 So let me just go back to the design quickly initially what what's did to the text box for the text 186 00:14:43,060 --> 00:14:51,790 box to Moss cured your text then what you need to do is provide the password char so why going to password 187 00:14:51,820 --> 00:14:54,670 char and providing I notice it's this char. 188 00:14:54,760 --> 00:14:56,060 So that means give it a symbol. 189 00:14:56,080 --> 00:15:01,960 If you put slashes and slashes will appear if you put an asterisk then the asterisk will up here. 190 00:15:01,960 --> 00:15:09,250 The reason I'm getting squares however is that I changed the font so by changing the funds to my left 191 00:15:09,640 --> 00:15:12,430 I was just experimenting and I changed my to lit. 192 00:15:12,460 --> 00:15:18,070 So what happens is that there is apparently no asterisk in that font right. 193 00:15:18,070 --> 00:15:22,810 So then it just gave you those generic squares to show that well it's masking you would love to use 194 00:15:22,810 --> 00:15:27,720 the asterisk but I don't have an asterisk in this fun so I'm just going to give you the generic square. 195 00:15:27,880 --> 00:15:36,680 So you know the symbol aside the point is that you can mask your text by using that password char because 196 00:15:36,730 --> 00:15:42,550 of course you don't want the word password or the person the sponsor to be in plain text while being 197 00:15:42,610 --> 00:15:44,610 entered into the database. 198 00:15:44,710 --> 00:15:45,870 No. 199 00:15:45,940 --> 00:15:47,520 To fix the flaw. 200 00:15:47,530 --> 00:15:50,700 All we need to say next are sick closer into. 201 00:15:50,750 --> 00:15:59,500 Else what I want to do is actually launch the main window someone to see var mean window is equal to 202 00:15:59,500 --> 00:16:07,210 a new instance of mean window and then I'm going to see. 203 00:16:07,920 --> 00:16:15,050 Well of course my semicolon and I see a mean window that's sure. 204 00:16:17,570 --> 00:16:18,440 All right. 205 00:16:18,510 --> 00:16:21,250 And then I want this window to hide. 206 00:16:21,450 --> 00:16:25,760 So the thing is that let me just show you exactly what's going to happen. 207 00:16:25,770 --> 00:16:35,860 So when I launch my application and then I go ahead and provide valid credentials so ad men and this 208 00:16:35,970 --> 00:16:42,600 word and click log in then it's going to bring up the main window but logging is going to be there lingering 209 00:16:42,600 --> 00:16:45,000 in the background which I don't really want. 210 00:16:45,000 --> 00:16:46,190 It's not that big of a deal. 211 00:16:46,200 --> 00:16:50,970 But what happens is that if I wanted to close the application I would have to close the main window 212 00:16:51,240 --> 00:16:55,100 and then come back and close the log in because they're two entirely different windows. 213 00:16:55,100 --> 00:17:00,120 I didn't see that log in should be an MDI child off the mean window. 214 00:17:00,120 --> 00:17:00,450 All right. 215 00:17:00,450 --> 00:17:04,070 So there are two separate windows and they're both a part of the application. 216 00:17:04,080 --> 00:17:07,620 So as long as they're both running the application would not close. 217 00:17:07,620 --> 00:17:10,470 So what I would want to do is hide. 218 00:17:10,710 --> 00:17:17,220 And the reason I do hide I'm not close is that if I say close here the logging window might actually 219 00:17:17,220 --> 00:17:20,220 close before the main window shows. 220 00:17:20,220 --> 00:17:22,500 All right I've actually seen that happen before. 221 00:17:22,620 --> 00:17:24,720 So I'm going to just say hide. 222 00:17:25,020 --> 00:17:29,670 So that means when I provide valid credentials. 223 00:17:29,670 --> 00:17:30,240 All right. 224 00:17:30,570 --> 00:17:37,650 And then I go ahead and click to log in then it will check the database verify me large the window and 225 00:17:37,650 --> 00:17:41,080 then hide the log in windows so that looks a bit cleaner. 226 00:17:41,140 --> 00:17:43,710 So log in and I'm in my application. 227 00:17:43,710 --> 00:17:49,730 But then when I close this main window notice I'm still in debug mode so debug mode represents that 228 00:17:49,740 --> 00:17:54,000 the application is still running right now which I don't want. 229 00:17:54,030 --> 00:18:00,120 So that means a log in window is still it's hidden and I can't even get to it because it's really hidden 230 00:18:00,130 --> 00:18:02,490 it's not even showing up in my taskbar. 231 00:18:02,610 --> 00:18:06,480 If you're if you're experiencing this right now it won't be showing up in your eyes either. 232 00:18:06,480 --> 00:18:10,920 So I actually have to click stop and that's still not desirable because then that means a process thread 233 00:18:11,220 --> 00:18:15,750 would still be running until that person's computer is shut down. 234 00:18:15,780 --> 00:18:24,780 So we don't want that someone to just modify this code a bit more so that we can see our application 235 00:18:24,990 --> 00:18:26,840 flow a bit better. 236 00:18:26,850 --> 00:18:33,900 So what I want to do is that when I launch my main window I want it to launch with the notion or with 237 00:18:33,900 --> 00:18:37,140 the knowledge of the log in window being somewhere. 238 00:18:37,140 --> 00:18:40,560 So you realize that these forms are kind of autonomous. 239 00:18:40,560 --> 00:18:47,010 So when you launch one or you see Dot show the only time one hears about the other is if it's an MBA 240 00:18:47,010 --> 00:18:52,710 appearance off that one all the children don't care about each other they only know about their MBA 241 00:18:52,710 --> 00:18:55,530 appearance in this situation. 242 00:18:55,530 --> 00:19:02,160 The main window is its own immediate appearance with its own children and the Logan farm is a sibling 243 00:19:02,160 --> 00:19:06,330 meaning it's on the same level as the mean window it's not a child. 244 00:19:06,330 --> 00:19:10,590 And it is I mean window in and of itself even though it's not an MBA appearance. 245 00:19:10,590 --> 00:19:17,830 So the point is that you can't if you have to let one know off the other deliberately. 246 00:19:18,000 --> 00:19:18,480 Right. 247 00:19:18,510 --> 00:19:25,950 But the cool thing is that once you get to one normal the other meaning once I mean window no that there 248 00:19:25,950 --> 00:19:33,450 is a log in window somewhere then I can actually manipulate the log in window through the main window 249 00:19:34,680 --> 00:19:35,550 at any point. 250 00:19:35,550 --> 00:19:44,130 So what I'm going to do is pass is in this declaration of an object I'm going to declare that or pass 251 00:19:44,190 --> 00:19:50,850 in an instance of this or remember that this keyword means that whatever class I'm operating in this 252 00:19:50,940 --> 00:19:53,250 represents I'm object of that class. 253 00:19:53,280 --> 00:20:00,690 So I'm saying I'm passing an object off the log in class are the log in form into me and window. 254 00:20:00,690 --> 00:20:05,670 Now you're seeing that this red line appears because there's no constructor for me in a window that 255 00:20:05,670 --> 00:20:13,440 takes an argument off the log in someone to modify my main window and say just hold on control and click 256 00:20:13,440 --> 00:20:15,950 me and window and it jumps over to that form. 257 00:20:15,960 --> 00:20:17,980 So if you didn't know that or that code or other. 258 00:20:18,150 --> 00:20:19,430 So if it didn't know that shortcut. 259 00:20:19,430 --> 00:20:20,480 No you do. 260 00:20:20,670 --> 00:20:30,760 And then what I want to do is let here know let me know in the law that there is property or give it 261 00:20:30,760 --> 00:20:36,470 up property of type A log in and I'm going to call it underscore the log in. 262 00:20:37,160 --> 00:20:47,650 All right but then I'm also going to create another constructor so see tor me use up my shortcuts here 263 00:20:47,950 --> 00:20:49,740 and then this main window. 264 00:20:49,750 --> 00:20:58,180 This other constructor other is going to take an object called log in and so what. 265 00:20:58,200 --> 00:21:01,370 This one is going to do after initializing components. 266 00:21:01,380 --> 00:21:07,290 Remember you always have to initialize component but then you're all it's also going to initialize my 267 00:21:07,620 --> 00:21:11,940 local and private log in property that I just created. 268 00:21:12,360 --> 00:21:19,660 It's going to initialize it to the value that is coming over in the constructor being initialized here. 269 00:21:19,680 --> 00:21:20,040 All right. 270 00:21:21,090 --> 00:21:24,950 So once again what this allows me to do know is that throw the rest of the code once. 271 00:21:24,960 --> 00:21:30,720 This constructor is used then I have access to the property on the score log in and then I can do what 272 00:21:30,720 --> 00:21:32,100 I want with the log in. 273 00:21:32,100 --> 00:21:32,400 All right. 274 00:21:32,850 --> 00:21:40,770 So all I'm going to do know is say that main window so I'll just bring up my design for main window 275 00:21:41,910 --> 00:21:50,160 and then I'm going to tell the men we know that I wanted to have a closing event tonight so we didn't 276 00:21:50,160 --> 00:21:51,180 put our load events. 277 00:21:51,180 --> 00:21:52,310 No that's fine. 278 00:21:52,470 --> 00:22:01,260 But then I want to say that when you are closing and I'm just going to look very carefully for the closing 279 00:22:01,320 --> 00:22:07,900 events all right just scroll too far down there it is form closing so you have form closed. 280 00:22:08,270 --> 00:22:10,250 And you have form closing. 281 00:22:10,590 --> 00:22:15,690 Write some words to say when you are closing I want you to do something. 282 00:22:15,700 --> 00:22:21,030 So I'm going to double click in that space and I get the form closing event and then all I'm going to 283 00:22:21,030 --> 00:22:29,750 see is that when you are closing I want you to tell the log in object or the log in form that will call 284 00:22:29,770 --> 00:22:38,300 do you initially and passed over itself into your school so that you know about it till it so close. 285 00:22:38,410 --> 00:22:39,270 All right. 286 00:22:39,570 --> 00:22:46,020 So what's going to happen is that when the log in window is going to launch me in the window it's going 287 00:22:46,020 --> 00:22:49,900 to pass over an object off itself into the mean window. 288 00:22:50,040 --> 00:22:58,340 When the main window launches main window will have launched with knowledge of this log in window and 289 00:22:58,350 --> 00:23:00,370 it would be doing whatever it needs to do. 290 00:23:00,470 --> 00:23:05,100 All the children are operating whatever it's doing it's doing but then at the end of the day when it's 291 00:23:05,100 --> 00:23:09,060 closing it will say well when I'm closing I want you to close. 292 00:23:09,090 --> 00:23:13,920 So you log in window you close while I am closing and then everybody's happy. 293 00:23:13,950 --> 00:23:16,770 So let's test and see if that works. 294 00:23:16,770 --> 00:23:23,450 So when I click start and then I log in all right. 295 00:23:23,460 --> 00:23:28,230 So we have main window and we know that we can do whatever we want to do in main window but then when 296 00:23:28,230 --> 00:23:35,520 we click close man window then the expectation is that it closes the log in screen also and Visual Studio 297 00:23:35,760 --> 00:23:41,820 exiting debug mode is proof that our code worked out. 298 00:23:42,180 --> 00:23:48,960 So when that that's one way of setting up a log in form I'm not saying that is the way I've done this 299 00:23:48,960 --> 00:23:54,900 in quite a few ways before but that is certainly one way that you could use and I think this was the 300 00:23:54,900 --> 00:23:59,230 simplest one to show to somebody who's just getting used to wind farms. 301 00:23:59,280 --> 00:24:06,030 But you know some people actually launch it as the MDI child and then you know you get into that vacation 302 00:24:06,030 --> 00:24:11,940 where you have to log into to proceed to get access to the other windows and other menu options you 303 00:24:11,940 --> 00:24:19,800 have a number of ways to implement this kind of flow between your forms now coming back to our log in 304 00:24:19,800 --> 00:24:27,000 farm there's another major modification that we have to make to our application to make it actually 305 00:24:27,000 --> 00:24:33,480 secure because the fact is that if somebody gets access to this database and they look and they see 306 00:24:33,870 --> 00:24:38,460 admin and the word password it's all in plain text. 307 00:24:38,460 --> 00:24:40,980 You never want to store usernames. 308 00:24:41,040 --> 00:24:44,400 Sorry you don't want to store passwords in plain text. 309 00:24:44,400 --> 00:24:47,340 You always want to do what you call an encryption. 310 00:24:47,340 --> 00:24:56,430 So we need to encrypt or you know our password to make sure that if somebody gain access to the database 311 00:24:56,430 --> 00:25:01,620 by whatever means even though we're walking away a shoulder into office when you are doing this work 312 00:25:01,920 --> 00:25:06,150 that they wouldn't be able to decipher what that password is. 313 00:25:06,570 --> 00:25:11,640 So in order to do encryption we need to get the help of some third party libraries. 314 00:25:11,640 --> 00:25:19,200 There are a number of encryption algorithms out there of SHA 2 5 6 you have SHA 1 you have MP 5 you 315 00:25:19,200 --> 00:25:25,800 could go and research them but I'm going to help you get some tools get some help into this project 316 00:25:26,100 --> 00:25:28,980 and then we can do some encryption together. 317 00:25:28,980 --> 00:25:34,620 So what we want to do is go to the solution explore right click our project and then we'll be using 318 00:25:34,650 --> 00:25:37,790 new get monied package manager. 319 00:25:37,800 --> 00:25:38,140 All right. 320 00:25:38,610 --> 00:25:48,000 So this will allow us to browse an open source kind of market place to see what we can get to help us 321 00:25:48,270 --> 00:25:52,640 along the way so I go to bro's it bro's installed and updates. 322 00:25:52,740 --> 00:25:58,050 You saw that you had the entity framework installed which is what allows us to do link and interact 323 00:25:58,200 --> 00:25:59,700 with our database. 324 00:25:59,760 --> 00:26:09,560 But what I'm really interested in is encryption so I can look for encryption all right encryption didn't 325 00:26:09,560 --> 00:26:12,640 really show me anything less stress security. 326 00:26:12,640 --> 00:26:18,160 So sometimes you'll come here you don't necessarily know exactly what you are looking for because there 327 00:26:18,170 --> 00:26:24,620 are so many libraries to choose from but what I'm really looking for is something regarding security 328 00:26:25,100 --> 00:26:27,320 and what I would want. 329 00:26:27,320 --> 00:26:33,160 So you see that idea of quite a few ones here of system. 330 00:26:33,170 --> 00:26:41,640 I thought I just saw Microsoft that nets thought security and no cell phone the one that's I'm interested 331 00:26:41,640 --> 00:26:47,370 in which is system dot Security dot cryptography dot algorithm. 332 00:26:47,390 --> 00:26:52,020 So if you look to the right you'll see a nice description about all the tests to offer. 333 00:26:52,040 --> 00:26:57,080 I'm sorry if it's up here small on my screen but hopefully you're viewing it on your screen and it is 334 00:26:57,080 --> 00:26:57,940 more clear. 335 00:26:58,040 --> 00:27:06,130 But they you'll see that they have a RSA Shah h h Mark M.D. five on a bunch of others. 336 00:27:06,130 --> 00:27:06,590 All right. 337 00:27:06,620 --> 00:27:10,190 So you can actually just click on this one and then the awful. 338 00:27:10,220 --> 00:27:15,940 Of course you want to make sure that you're using there a safe publisher. 339 00:27:15,950 --> 00:27:22,640 So it doesn't get much safer than Microsoft to be in the published ICAC by Microsoft. 340 00:27:22,640 --> 00:27:27,840 So the write off the actual title and if you see Microsoft then you can trust it. 341 00:27:27,950 --> 00:27:30,090 You'll see all the big names that you can trust. 342 00:27:30,110 --> 00:27:36,910 But then the thing is that certain peoples don't mean these libraries and not discrediting them or anything. 343 00:27:36,920 --> 00:27:42,670 But not everyone has their best interests at heart some of them are malicious as much as you get to 344 00:27:42,670 --> 00:27:51,500 me try to weed out the malicious ones they do tell you that they are not responsible for anything that 345 00:27:51,500 --> 00:27:54,170 may happen to you or your product. 346 00:27:54,170 --> 00:27:57,590 What if you don't load anything from them. 347 00:27:57,590 --> 00:27:58,290 Right. 348 00:27:58,340 --> 00:28:02,490 So you want to use this one so you can click this. 349 00:28:02,590 --> 00:28:08,700 That's a black arrow to the right or you can just click install and then you can give it some time nowhere 350 00:28:08,750 --> 00:28:11,640 it's going to go ahead together all dependencies. 351 00:28:11,750 --> 00:28:18,740 It may use more than one libraries and then it's going to download what we'll call the L's which are 352 00:28:18,740 --> 00:28:21,490 like packages that have a bunch of libraries. 353 00:28:21,500 --> 00:28:28,360 So you know every time we write a class how we say using this or using that those actually dials or 354 00:28:28,370 --> 00:28:30,170 libraries full of functions. 355 00:28:30,170 --> 00:28:30,670 Right. 356 00:28:30,680 --> 00:28:37,100 So it's just don't loading a bunch of libraries so you can just say I accept the load to don't load 357 00:28:37,130 --> 00:28:39,090 as many as it may need to. 358 00:28:39,090 --> 00:28:45,970 So we give it some time and then when it's done if you go over to a solution they explore and drop donor 359 00:28:45,960 --> 00:28:49,970 references then you're going to see a bunch of new references. 360 00:28:49,970 --> 00:28:54,350 You probably didn't do this before so you in the state and although the federal system about security 361 00:28:54,350 --> 00:29:00,230 system does security does cryptography that algorithms any of a bunch of others you will also see the 362 00:29:00,230 --> 00:29:05,780 entity framework ones that got our data when we added our EDF mix diagram and so on. 363 00:29:05,780 --> 00:29:11,270 So that's what new gets it brings to the table which allows you to just install a package with those 364 00:29:11,270 --> 00:29:16,410 going and fetching these from all over the internets and trying to inject them into your project manually. 365 00:29:16,780 --> 00:29:17,090 All right. 366 00:29:17,480 --> 00:29:24,110 So now that I've added these algorithms it's time to actually put one to use. 367 00:29:24,110 --> 00:29:24,830 All right. 368 00:29:24,830 --> 00:29:31,490 So I'm going to use the SHA 2 5 6 I think that's a good nice secure one and then I'm going to walk you 369 00:29:31,490 --> 00:29:36,710 through exactly what needs to be done in order to get it to encrypt. 370 00:29:36,710 --> 00:29:42,890 So firstly you always want to encrypt your password one way which means that you're encrypting your 371 00:29:42,900 --> 00:29:48,410 password for storage you're never decrypting your password for comparison. 372 00:29:48,410 --> 00:29:52,560 So that means if I am creating a user right. 373 00:29:52,610 --> 00:29:57,480 If I have a form you know like when you sign up for anything on the Internet and put in a user name 374 00:29:57,680 --> 00:30:01,910 and you would have typed your password in plaintext because you type it the way you know to spell it 375 00:30:02,240 --> 00:30:03,840 when you click submit. 376 00:30:03,860 --> 00:30:09,650 What happens is that that system will take that password and encrypted and save it. 377 00:30:09,690 --> 00:30:15,830 Now after that each time you try to log in it will take whatever you put in that password field and 378 00:30:15,830 --> 00:30:21,380 then encrypt it and then compare this encryption with the stored encryption. 379 00:30:21,380 --> 00:30:28,400 It will never take this stored encryption and try to decrypt it to match it against your plaintext. 380 00:30:28,400 --> 00:30:28,790 All right. 381 00:30:28,790 --> 00:30:30,110 I hope that made sense. 382 00:30:30,140 --> 00:30:32,940 So you always encrypt one way. 383 00:30:32,960 --> 00:30:40,620 So what we need to do here is encrypt the password that is being provided and then compare it against. 384 00:30:40,700 --> 00:30:42,660 Well the password that is being stored. 385 00:30:42,680 --> 00:30:44,120 So there are two things we need to fix. 386 00:30:44,120 --> 00:30:49,430 One day encryption for the comparison and to the actual password being stored. 387 00:30:49,430 --> 00:30:51,550 We need to modify that also. 388 00:30:52,220 --> 00:31:02,990 So firstly I'm going to declare a variable or an object rather and this is going to be of type SHA 2 389 00:31:02,990 --> 00:31:11,350 5 6 no SHA 2 5 6 and then the red line is going to come up because then it doesn't recognize it. 390 00:31:11,360 --> 00:31:18,080 And I'm just going to call it Sha is equal to 2 5 6. 391 00:31:18,090 --> 00:31:21,710 That creates red lines go lower. 392 00:31:21,740 --> 00:31:24,190 Let's see what the red lines have to see. 393 00:31:24,200 --> 00:31:31,380 So if I hover over the the red line or the line with the red line the word with the red line it will 394 00:31:31,390 --> 00:31:37,480 to give me the light bulb but it will tell me that I need to include the use of the library see I need 395 00:31:37,480 --> 00:31:38,160 that statement. 396 00:31:38,170 --> 00:31:44,410 So if I create that follow the guidelines then everything is blue I know it looks more acceptable so 397 00:31:44,410 --> 00:31:51,880 I need to include that library to access the encryption algorithm I'm able to use. 398 00:31:51,880 --> 00:32:02,560 So having made reference to this 2 5 6 and then gotten the username and password from our takes box 399 00:32:02,590 --> 00:32:06,070 the next thing I want to do is compute a hash. 400 00:32:06,070 --> 00:32:15,160 So I'm going to convert the input string to a byte Ari and compute the hash so I'm getting the value 401 00:32:15,370 --> 00:32:24,400 password and passing it into the side of compute hash which does an encoding over it and then it converts 402 00:32:24,400 --> 00:32:25,950 it into a byte area. 403 00:32:25,960 --> 00:32:32,470 So in C sharp that's so you declare an array and then that's the data type and the variable is called 404 00:32:32,680 --> 00:32:33,340 data. 405 00:32:33,970 --> 00:32:34,840 All right. 406 00:32:34,840 --> 00:32:39,290 Having done that we need to construct string. 407 00:32:39,610 --> 00:32:43,780 So first that I need to declare a string builder object. 408 00:32:43,830 --> 00:32:44,260 All right. 409 00:32:44,260 --> 00:32:47,560 So that's I can collect the bytes and create a string with it. 410 00:32:47,740 --> 00:32:57,700 And then after I do that string builder I'm going to use a for loop and then construct that string using 411 00:32:57,700 --> 00:33:01,480 the different data points from the bite. 412 00:33:01,480 --> 00:33:02,200 Ari. 413 00:33:02,200 --> 00:33:02,530 All right. 414 00:33:02,950 --> 00:33:05,180 So let me go through this again. 415 00:33:05,230 --> 00:33:09,660 I'm converting everything converting this string into a byte Ari. 416 00:33:09,790 --> 00:33:17,260 Right call data and then I'm just declaring a string build object so that I can further use it inside 417 00:33:17,260 --> 00:33:21,550 of a for loop where I'm seeing give me I equals zero. 418 00:33:21,670 --> 00:33:28,600 Isaiah should run to the length of the data bytes area whatever length that came up to and increment 419 00:33:28,630 --> 00:33:30,100 accordingly. 420 00:33:30,100 --> 00:33:39,040 And then I'm seeing a string builder just append each subscript in my byte Ari while converting it to 421 00:33:39,040 --> 00:33:40,390 a string. 422 00:33:40,390 --> 00:33:40,960 All right 423 00:33:44,710 --> 00:33:52,960 after doing all of that I'm then going to assign the value to a password or to a variable called hashed 424 00:33:53,260 --> 00:33:54,940 password hard. 425 00:33:54,970 --> 00:34:02,170 So string builder dot to string stirring it as hashed buzzer at the end of this operation whatever it 426 00:34:02,170 --> 00:34:10,540 is you changed you typed sorry in as the password would have been completely changed by the end of this 427 00:34:10,570 --> 00:34:14,110 operation into something that you may not recognize. 428 00:34:14,290 --> 00:34:20,380 I do see a man I recognize I really should say should not recognize some just want to set a breakpoint 429 00:34:20,410 --> 00:34:27,640 right here on the line where I tried to fetch the user and I'm going to show you exactly what the word 430 00:34:27,700 --> 00:34:30,380 gets transformed into. 431 00:34:30,630 --> 00:34:34,270 All right so I typed in admin password and we're at a break point. 432 00:34:34,270 --> 00:34:40,130 So first let me show you the text that I typed in would have been password right. 433 00:34:40,180 --> 00:34:43,360 And then the text that is no hashed looks like this. 434 00:34:43,360 --> 00:34:46,440 No this is not the word password. 435 00:34:46,450 --> 00:34:52,540 Well it really is the word password and that's how it should look in our database such that if somebody 436 00:34:52,540 --> 00:34:58,780 comes along and sees the database there is no way they should be able to tell me that this is the word 437 00:34:59,050 --> 00:35:00,410 password. 438 00:35:00,430 --> 00:35:01,900 All right. 439 00:35:01,900 --> 00:35:06,760 And if I continue with the code where I am no one to look into the database. 440 00:35:06,760 --> 00:35:09,920 Well this will continue because it's still looking for. 441 00:35:09,910 --> 00:35:17,740 Just stop the execution and then what I really should be comparing what's in the database with is the 442 00:35:17,740 --> 00:35:21,670 value that is in hushed password and not password. 443 00:35:21,780 --> 00:35:22,260 No. 444 00:35:22,270 --> 00:35:27,580 If I run this again all right and I'm just removing the breakpoint so if I run this again and try to 445 00:35:27,580 --> 00:35:33,580 log in and I'm trying to compare it deposited into database which is skewed password with the hashed 446 00:35:33,580 --> 00:35:40,200 password then it will be a mismatch because our database is stored in the word password and hash password 447 00:35:40,230 --> 00:35:42,820 does not look anything like the word password. 448 00:35:42,820 --> 00:35:49,620 So then that tells me that the hashed password is what should really be in the database. 449 00:35:49,630 --> 00:35:55,420 So let me just click start again and drive that point home real quickly. 450 00:35:55,420 --> 00:35:55,830 All right. 451 00:35:55,840 --> 00:35:59,050 So I typed in admin and password and I couldn't log in. 452 00:35:59,050 --> 00:36:05,020 And then what it will do is try and compare the hashed password with password and you see these provide 453 00:36:05,590 --> 00:36:07,060 valid credentials. 454 00:36:07,120 --> 00:36:07,840 OK. 455 00:36:07,900 --> 00:36:14,770 So if I just put breakpoint here again and then I attempt this log in and I'm doing that just so I can 456 00:36:14,770 --> 00:36:17,830 get a hold of the value that's is in hushed password. 457 00:36:18,130 --> 00:36:25,570 So I want all of this value excluding the quotation marks of course I want to copy this and then I'm 458 00:36:25,570 --> 00:36:26,950 just going to cheat a little. 459 00:36:27,010 --> 00:36:32,550 I want to go into my database and I'm going to put that hash password as the value. 460 00:36:32,560 --> 00:36:33,380 All right. 461 00:36:33,460 --> 00:36:40,350 So that's one of the reasons I set the password length to be 100 var char 100. 462 00:36:40,360 --> 00:36:45,480 I'm not var to our 50 because that's what the password is supposed to look like in your database. 463 00:36:45,490 --> 00:36:50,580 Nobody should be able to look in the database and see that the admins password is the word password. 464 00:36:50,590 --> 00:36:53,550 Let them see 5 8 8 8 blah blah blah. 465 00:36:53,620 --> 00:36:58,300 And if they've taken the time to memorize all of this they need that life really and truly. 466 00:36:58,300 --> 00:36:58,910 All right. 467 00:36:58,930 --> 00:37:02,800 And then decrypting it won't be the easiest thing in the world either. 468 00:37:02,800 --> 00:37:09,190 So let's illustrate that again so no that's I've changed it's in the database right before the comparison 469 00:37:09,190 --> 00:37:10,130 was done. 470 00:37:10,270 --> 00:37:17,230 When it does the comparison and I click continue then it should proceed. 471 00:37:17,230 --> 00:37:17,950 All right. 472 00:37:17,950 --> 00:37:22,570 So let's try that one more time just to make sure that everything is okay. 473 00:37:22,660 --> 00:37:29,680 So I'm going to once again start and then this is going to launch by log in screen which is going to 474 00:37:29,680 --> 00:37:33,920 prompt me to enter my username and password. 475 00:37:34,090 --> 00:37:39,670 So my username is the word admin and my password is the word password. 476 00:37:39,670 --> 00:37:46,120 See that's what I typed that clicked log in it then hashes that password compares it against what's 477 00:37:46,120 --> 00:37:50,330 in the database realizes that the two words hash to be the same. 478 00:37:50,440 --> 00:37:57,310 And then it proceeds so if I make a spelling error instead of my password then the hash is going to 479 00:37:57,310 --> 00:37:58,120 be different. 480 00:37:58,210 --> 00:38:00,380 And it's not valid. 481 00:38:00,400 --> 00:38:00,770 All right. 482 00:38:01,120 --> 00:38:06,880 So of course when creating users if you want to extend this functionality you know puts in some user 483 00:38:06,880 --> 00:38:12,790 management capabilities in this application when you're creating the user if you are the one setting 484 00:38:12,790 --> 00:38:13,380 the password. 485 00:38:13,370 --> 00:38:17,370 Just make sure that you're going to follow these steps. 486 00:38:17,380 --> 00:38:24,340 This algorithm where you declared the algorithm you're using one and try and use one algorithm throw 487 00:38:24,340 --> 00:38:25,600 at the application. 488 00:38:25,600 --> 00:38:30,880 You don't to use empty five here and shout over there because the hashes will look different and you 489 00:38:30,880 --> 00:38:32,140 may run into problems. 490 00:38:32,170 --> 00:38:32,680 Right. 491 00:38:32,710 --> 00:38:42,280 So always use one hashing algorithm and then you create your byte Ari and then you rebuild that string 492 00:38:42,340 --> 00:38:49,540 based on the different parts that went into the byte area and then you use the hashed password after 493 00:38:49,540 --> 00:38:52,020 that for every other operation. 494 00:38:52,150 --> 00:38:58,060 And that is a quick way to add some log in functionality to your application.