public bool ValidateUser(string username, string password)
{
username = Sanitizer.GetSafeHtmlFragment(username);
password = Sanitizer.GetSafeHtmlFragment(password);
LastLoginStatus = LoginAttemptStatus.LoginSuccessful;
var account = GetAccountByUserName(username);
if (account == null)
{
LastLoginStatus = LoginAttemptStatus.UserNotFound;
return(false);
}
var passwordMatches = password == account.Password;
if (!passwordMatches)
{
LastLoginStatus = LoginAttemptStatus.PasswordIncorrect;
return(false);
}
return(LastLoginStatus == LoginAttemptStatus.LoginSuccessful);
}
public bool ValidateUser(string email, string password)
{
email = Sanitizer.GetSafeHtmlFragment(email);
password = Sanitizer.GetSafeHtmlFragment(password);
LastLoginStatus = LoginAttemptStatus.LoginSuccessful;
var user = GetEmail(email);
if (user == null)
{
LastLoginStatus = LoginAttemptStatus.UserNotFound;
return(false);
}
var passwordMatches = Hash.Instance.ComputeSha256Hash(password) == user.Password;
if (!passwordMatches)
{
LastLoginStatus = LoginAttemptStatus.PasswordIncorrect;
return(false);
}
return(LastLoginStatus == LoginAttemptStatus.LoginSuccessful);
}
public bool ChangePassword(string userName, string password, string newpassword)
{
userName = StringUtils.SafePlainText(userName);
password = StringUtils.SafePlainText(password);
newpassword = StringUtils.SafePlainText(newpassword);
LastLoginStatus = LoginAttemptStatus.LoginSuccessful;
var user = GetUser(userName);
if (user == null)
{
LastLoginStatus = LoginAttemptStatus.UserNotFound;
return(false);
}
var salt = user.PasswordSalt;
var hash = StringUtils.GenerateSaltedHash(password, salt);
var passwordMatches = hash == user.Password;
if (!passwordMatches)
{
LastLoginStatus = LoginAttemptStatus.PasswordIncorrect;
return(false);
}
var newhash = StringUtils.GenerateSaltedHash(newpassword, salt);
user.Password = newhash;
user.LastPasswordChangedDate = DateTime.UtcNow;
Update(user);
return(LastLoginStatus == LoginAttemptStatus.LoginSuccessful);
}
/// <summary>
/// Validate a user by password
/// </summary>
/// <param name="userName"></param>
/// <param name="password"></param>
/// <param name="maxInvalidPasswordAttempts"> </param>
/// <returns></returns>
public bool ValidateUser(string userName, string password, int maxInvalidPasswordAttempts)
{
userName = StringUtils.SafePlainText(userName);
password = StringUtils.SafePlainText(password);
_lastLoginStatus = LoginAttemptStatus.LoginSuccessful;
var user = _membershipRepository.GetUser(userName);
if (user == null)
{
_lastLoginStatus = LoginAttemptStatus.UserNotFound;
return(false);
}
if (user.IsLockedOut)
{
_lastLoginStatus = LoginAttemptStatus.UserLockedOut;
return(false);
}
if (!user.IsApproved)
{
_lastLoginStatus = LoginAttemptStatus.UserNotApproved;
return(false);
}
var allowedPasswordAttempts = maxInvalidPasswordAttempts;
if (user.FailedPasswordAttemptCount >= allowedPasswordAttempts)
{
_lastLoginStatus = LoginAttemptStatus.PasswordAttemptsExceeded;
return(false);
}
var salt = user.PasswordSalt;
var hash = GenerateSaltedHash(password, salt);
var passwordMatches = hash == user.Password;
user.FailedPasswordAttemptCount = passwordMatches ? 0 : user.FailedPasswordAttemptCount + 1;
if (user.FailedPasswordAttemptCount >= allowedPasswordAttempts)
{
user.IsLockedOut = true;
user.LastLockoutDate = DateTime.UtcNow;
}
if (!passwordMatches)
{
_lastLoginStatus = LoginAttemptStatus.PasswordIncorrect;
return(false);
}
return(_lastLoginStatus == LoginAttemptStatus.LoginSuccessful);
}
public static LoginEventType ToEventType(this LoginAttemptStatus status)
{
switch (status)
{
case LoginAttemptStatus.Success: return(LoginEventType.Login);
case LoginAttemptStatus.PendingMultifactor: return(LoginEventType.LoginPendingMultiFactor);
default:
return(LoginEventType.LoginFailed);
}
}
public bool ValidateUser(string userName, string password)
{
LastLoginStatus = LoginAttemptStatus.LoginSuccessful;
var user = GetUser(userName);
if (user == null)
{
LastLoginStatus = LoginAttemptStatus.UserNotFound;
return(false);
}
var hash = GenerateHash.Instance.ComputeSha256Hash(password);
var passwordMatches = hash == user.password;
if (!passwordMatches)
{
LastLoginStatus = LoginAttemptStatus.PasswordIncorrect;
return(false);
}
return(LastLoginStatus == LoginAttemptStatus.LoginSuccessful);
}
/// <summary>
/// Validate a user by password
/// </summary>
/// <param name="userName"></param>
/// <param name="password"></param>
/// <param name="maxInvalidPasswordAttempts"> </param>
/// <returns></returns>
public bool ValidateUser(string userName, string password, int maxInvalidPasswordAttempts)
{
userName = StringUtils.SafePlainText(userName);
password = StringUtils.SafePlainText(password);
LastLoginStatus = LoginAttemptStatus.LoginSuccessful;
var user = GetUser(userName);
if (user == null)
{
LastLoginStatus = LoginAttemptStatus.UserNotFound;
return false;
}
if (user.IsBanned)
{
LastLoginStatus = LoginAttemptStatus.Banned;
return false;
}
if (user.IsLockedOut)
{
LastLoginStatus = LoginAttemptStatus.UserLockedOut;
return false;
}
if (!user.IsApproved)
{
LastLoginStatus = LoginAttemptStatus.UserNotApproved;
return false;
}
var allowedPasswordAttempts = maxInvalidPasswordAttempts;
if (user.FailedPasswordAttemptCount >= allowedPasswordAttempts)
{
LastLoginStatus = LoginAttemptStatus.PasswordAttemptsExceeded;
return false;
}
var salt = user.PasswordSalt;
var hash = StringUtils.GenerateSaltedHash(password, salt);
var passwordMatches = hash == user.Password;
user.FailedPasswordAttemptCount = passwordMatches ? 0 : user.FailedPasswordAttemptCount + 1;
if (user.FailedPasswordAttemptCount >= allowedPasswordAttempts)
{
user.IsLockedOut = true;
user.LastLockoutDate = DateTime.UtcNow;
}
if (!passwordMatches)
{
LastLoginStatus = LoginAttemptStatus.PasswordIncorrect;
return false;
}
return LastLoginStatus == LoginAttemptStatus.LoginSuccessful;
}
/// <summary>
/// Validate a user by password
/// </summary>
/// <param name="userName"></param>
/// <param name="password"></param>
/// <param name="maxInvalidPasswordAttempts"> </param>
/// <returns></returns>
public MembershipUser ValidateUser(string userName, string password, int maxInvalidPasswordAttempts)
{
userName = StringUtils.SafePlainText(userName);
password = StringUtils.SafePlainText(password);
LastLoginStatus = LoginAttemptStatus.LoginSuccessful;
var user = GetUser(userName);
if (user == null)
{
LastLoginStatus = LoginAttemptStatus.UserNotFound;
}
if (user.IsBanned)
{
LastLoginStatus = LoginAttemptStatus.Banned;
}
if (user.IsLockedOut)
{
LastLoginStatus = LoginAttemptStatus.UserLockedOut;
}
if (!user.IsApproved)
{
LastLoginStatus = LoginAttemptStatus.UserNotApproved;
}
var allowedPasswordAttempts = maxInvalidPasswordAttempts;
if (user.FailedPasswordAttemptCount >= allowedPasswordAttempts)
{
LastLoginStatus = LoginAttemptStatus.PasswordAttemptsExceeded;
}
if (LastLoginStatus == LoginAttemptStatus.LoginSuccessful)
{
var salt = user.PasswordSalt;
var hash = StringUtils.GenerateSaltedHash(password, salt);
var passwordMatches = hash == user.Password;
user.FailedPasswordAttemptCount = passwordMatches ? 0 : user.FailedPasswordAttemptCount + 1;
if (user.FailedPasswordAttemptCount >= allowedPasswordAttempts)
{
user.IsLockedOut = true;
user.LastLockoutDate = DateTime.UtcNow;
}
if (!passwordMatches)
{
LastLoginStatus = LoginAttemptStatus.PasswordIncorrect;
}
else
{
user.LastLoginDate = DateTime.UtcNow;
}
var Cmd = _context.CreateCommand();
Cmd.CommandText = "UPDATE [MembershipUser] SET FailedPasswordAttemptCount = @FailedPasswordAttemptCount,IsLockedOut = @IsLockedOut,LastLockoutDate = @LastLockoutDate,LastLoginDate = @LastLoginDate WHERE [Id] = @Id";
Cmd.Parameters.Add("Id", SqlDbType.UniqueIdentifier).Value = user.Id;
Cmd.Parameters.Add("FailedPasswordAttemptCount", SqlDbType.Int).Value = user.FailedPasswordAttemptCount;
Cmd.Parameters.Add("IsLockedOut", SqlDbType.Bit).Value = user.IsLockedOut;
Cmd.Parameters.Add("LastLockoutDate", SqlDbType.DateTime).Value = user.LastLockoutDate;
Cmd.Parameters.Add("LastLoginDate", SqlDbType.DateTime).Value = user.LastLoginDate;
Cmd.command.ExecuteNonQuery();
Cmd.cacheStartsWithToClear(CacheKeys.Member.StartsWith);
Cmd.Close();
}
if (LastLoginStatus != LoginAttemptStatus.LoginSuccessful)
{
return(null);
}
return(user);
}
/// <summary>
/// Validate a user by password
/// </summary>
/// <param name="userName"></param>
/// <param name="password"></param>
/// <param name="maxInvalidPasswordAttempts"> </param>
/// <returns></returns>
public bool ValidateUser(string userName, string password, int maxInvalidPasswordAttempts)
{
userName = Sanitizer.GetSafeHtmlFragment(userName);
password = Sanitizer.GetSafeHtmlFragment(password);
LastLoginStatus = LoginAttemptStatus.LoginSuccessful;
var user = GetUser(userName);
if (user == null)
{
LastLoginStatus = LoginAttemptStatus.UserNotFound;
return(false);
}
if (user.IsBanned)
{
LastLoginStatus = LoginAttemptStatus.Banned;
return(false);
}
if (user.IsLockedOut)
{
LastLoginStatus = LoginAttemptStatus.UserLockedOut;
return(false);
}
if (!user.IsApproved)
{
LastLoginStatus = LoginAttemptStatus.UserNotApproved;
return(false);
}
var allowedPasswordAttempts = maxInvalidPasswordAttempts;
if (user.FailedPasswordAttemptCount >= allowedPasswordAttempts)
{
LastLoginStatus = LoginAttemptStatus.PasswordAttemptsExceeded;
return(false);
}
var salt = user.PasswordSalt;
var hash = StringUtils.GenerateSaltedHash(password, salt);
var passwordMatches = hash == user.Password;
user.FailedPasswordAttemptCount = passwordMatches ? 0 : user.FailedPasswordAttemptCount + 1;
if (user.FailedPasswordAttemptCount >= allowedPasswordAttempts)
{
user.IsLockedOut = true;
user.LastLockoutDate = DateTime.Now;
}
if (!passwordMatches)
{
LastLoginStatus = LoginAttemptStatus.PasswordIncorrect;
return(false);
}
return(LastLoginStatus == LoginAttemptStatus.LoginSuccessful);
}
public bool ValidateUser(string email, string password, int maxInvalidPasswordAttempts)
{
email = StringUtils.SafePlainText(email);
password = StringUtils.SafePlainText(password);
LastLoginStatus = LoginAttemptStatus.LoginSuccessful;
var user = GetUserByEmail(email);
if (user == null)
{
LastLoginStatus = LoginAttemptStatus.EmailNotFound;
return(false);
}
if (user.Active == false)
{
LastLoginStatus = LoginAttemptStatus.AccountNotActive;
return(false);
}
//if (user.IsBanned)
//{
// LastLoginStatus = LoginAttemptStatus.Banned;
// return false;
//}
//if (user.IsLockedOut)
//{
// LastLoginStatus = LoginAttemptStatus.UserLockedOut;
// return false;
//}
//if (!user.IsApproved)
//{
// LastLoginStatus = LoginAttemptStatus.UserNotApproved;
// return false;
//}
//var allowedPasswordAttempts = maxInvalidPasswordAttempts;
//if (user.FailedPasswordAttemptCount >= allowedPasswordAttempts)
//{
// LastLoginStatus = LoginAttemptStatus.PasswordAttemptsExceeded;
// return false;
//}
var salt = user.PasswordSalt;
var hash = StringUtils.GenerateSaltedHash(password, salt);
var passwordMatches = hash == user.Password;
//user.FailedPasswordAttemptCount = passwordMatches ? 0 : user.FailedPasswordAttemptCount + 1;
//if (user.FailedPasswordAttemptCount >= allowedPasswordAttempts)
//{
// user.IsLockedOut = true;
// user.LastLockoutDate = DateTime.UtcNow;
//}
if (!passwordMatches)
{
LastLoginStatus = LoginAttemptStatus.PasswordIncorrect;
return(false);
}
return(LastLoginStatus == LoginAttemptStatus.LoginSuccessful);
}
public LoginAttemptStatus ValidateUser(string userName, string password, int maxInvalidPasswordAttempts)
{
userName = StringUtils.SafePlainText(userName);
password = StringUtils.SafePlainText(password);
this._lastLoginStatus = LoginAttemptStatus.LoginSuccessful;
var user = this._userRepository.GetUser(userName);
if (user == null)
{
this._lastLoginStatus = LoginAttemptStatus.UserNotFound;
return this._lastLoginStatus;
}
if (user.Password == GeneratePasswordHash(password))
{
this._lastLoginStatus = LoginAttemptStatus.LoginSuccessful;
}
else
{
this._lastLoginStatus = LoginAttemptStatus.PasswordIncorrect;
}
if (!user.ActivationKey.IsNullEmpty())
{
this._lastLoginStatus = LoginAttemptStatus.UserNotApproved;
}
return this._lastLoginStatus;
}
