Beispiel #1
0
 // public for testing, not part of interface
 public void IncrementFailedCount( User User )
 {
     if ( User.LoginFailStartDate != null && User.LoginFailStartDate.Value.Add( this.settingRepository.LoginFailWindow ) > DateTime.Now ) {
         User.LoginFailCount++;
     } else {
         User.LoginFailCount = 1;
         User.LoginFailStartDate = DateTime.Now;
     }
     this.userRepository.Save( User );
 }
Beispiel #2
0
 // public for testing, not part of interface
 public void ClearFailedCount( User User )
 {
     if ( User.LoginFailStartDate != null || User.LoginFailCount > 0 ) {
         User.LoginFailStartDate = null;
         User.LoginFailCount = 0;
         this.userRepository.Save( User );
     } else {
         // Already clear
     }
 }
Beispiel #3
0
 // public for testing, not part of interface
 public bool HashedPassMatches( User User, string PasswordFromGui )
 {
     if ( string.IsNullOrEmpty( User.Salt ) || string.IsNullOrEmpty( User.Password ) ) {
         throw new ArgumentNullException( "User", "UserId " + User.UserId + " has a blank password or salt" );
     }
     if ( string.IsNullOrEmpty( User.Salt ) || string.IsNullOrEmpty( User.Password ) ) {
         throw new ArgumentNullException( "User", "UserId " + User.UserId + " has a blank password or salt" );
     }
     string hashedPass = this.hashHelper.GenerateHash( this.settingRepository.HashType, PasswordFromGui, User.Salt );
     return (hashedPass == User.Password);
 }
 public void EnsureAdminExists()
 {
     // TODO: Check for at least 1 active admin account?
     if ( !this.userRepository.Any() ) {
         User user = new User {
             Email = "*****@*****.**",
             FirstName = "Admin",
             LastName = "Admin",
             IsAdmin = true
         };
         this.loginService.SaveEmailPasswordChanges( user, "Admin", "@dm1n" );
     }
 }
Beispiel #5
0
 public bool UserHasRole( User User, Role Role )
 {
     bool result = false;
     if ( User != null ) {
         switch ( Role ) {
             case Role.Admin:
                 result = User.IsAdmin;
                 break;
             default:
                 throw new ArgumentOutOfRangeException( "Role", Role, Role + " is not a " + typeof( Role ).Name );
         }
     }
     return result;
 }
Beispiel #6
0
        // public for testing, not part of interface
        public bool IsLockedOut( User User )
        {
            if ( User == null ) {
                throw new ArgumentNullException( "User" );
            }

            if ( User.LoginFailCount <= this.settingRepository.MaxLoginFailCount ) {
                return false;
            }
            if ( User.LoginFailStartDate == null ) {
                return false;
            }
            if ( User.LoginFailStartDate.Value.Add( this.settingRepository.LoginFailWindow ) <= DateTime.Now ) {
                return false;
            }

            return true;
        }
Beispiel #7
0
 public void SetPassword( User User, string PasswordFromGui )
 {
     User.Salt = this.hashHelper.GenerateSalt( this.settingRepository.MinSaltLength, this.settingRepository.MaxSaltLength );
     User.Password = this.hashHelper.GenerateHash( this.settingRepository.HashType, PasswordFromGui, User.Salt );
 }
Beispiel #8
0
 public void SaveEmailPasswordChanges( User User, string EmailFromGui, string PasswordFromGui )
 {
     if ( string.IsNullOrEmpty( EmailFromGui ) ) {
         throw new ArgumentNullException( "EmailFromGui" );
     }
     if ( !string.Equals( User.Email, EmailFromGui, StringComparison.InvariantCultureIgnoreCase ) || !string.IsNullOrEmpty( PasswordFromGui ) ) {
         User.AuthenticationToken = Guid.NewGuid().ToString( "N" ); // Reset authentication token, effectively kill their cookie
     }
     User.Email = EmailFromGui;
     if ( !string.IsNullOrEmpty( PasswordFromGui ) ) {
         this.SetPassword( User, PasswordFromGui );
     }
     this.userRepository.Save( User );
 }
Beispiel #9
0
 public bool UserIsAdmin( User User )
 {
     return User != null && User.IsAdmin;
 }
Beispiel #10
0
        public ActionResult Edit(int id, UserModel Model)
        {
            if (Model == null) {
                return this.RedirectToAction("Edit", new {id});
            }
            if (this.ModelState.IsValid && id < 1) {
                if (string.IsNullOrEmpty(Model.Email)) {
                    this.ModelState.AddModelError("Email", "Email is required to create a new user");
                }
                if (string.IsNullOrEmpty(Model.Password)) {
                    this.ModelState.AddModelError("Password", "Password is required for new users");
                }
            }
            if (!this.userRepository.EmailAvailable(id, Model.Email)) {
                this.ModelState.AddModelError("Email", "Email is in use, please choose a new username");
            }
            // TODO: Validate that the password is complex enough

            if (this.ModelState.IsValid) {
                User user = this.userRepository.GetById(id);
                if (user == null) {
                    if (id > 0) {
                        return this.View("NotFound");
                    }
                    user = new User {
                        Email = Model.Email,
                        Salt = "notnull",
                        Password = "******"
                    };
                }
                this.UserFromModel(user, Model);
                this.userRepository.Save(user);
                this.loginService.SaveEmailPasswordChanges(user, Model.Email, Model.Password);
                return this.RedirectToAction("Index"); // Success
            }
            return this.View(Model); // Fix your errors
        }
Beispiel #11
0
 private UserModel UserToModel(User User)
 {
     UserModel model = new UserModel {
         UserId = User.UserId,
         Email = User.Email,
         FirstName = User.FirstName,
         LastName = User.LastName,
         IsAdmin = User.IsAdmin,
         IsElectable = User.IsElectable,
         IsActive = User.IsActive,
     };
     return model;
 }
Beispiel #12
0
 private void UserFromModel(User User, UserModel Model)
 {
     User.FirstName = Model.FirstName;
     User.LastName = Model.LastName;
     User.IsAdmin = Model.IsAdmin;
     User.IsElectable = Model.IsElectable;
     User.IsActive = Model.IsActive;
     // Specifically don't set Email and Password -- those are set differently
 }