public IUser CreateUser(CreateUserParams createUserParams)
{
Logger.Information("CreateUser {0} {1}", createUserParams.Username, createUserParams.Email);
var registrationSettings = _coeveryServices.WorkContext.CurrentSite.As<RegistrationSettingsPart>();
var user = new UserRecord();
user.UserName = createUserParams.Username;
user.Email = createUserParams.Email;
user.NormalizedUserName = createUserParams.Username.ToLowerInvariant();
user.HashAlgorithm = "SHA1";
SetPassword(user, createUserParams.Password);
if (registrationSettings != null) {
user.RegistrationStatus = registrationSettings.UsersAreModerated ? UserStatus.Pending : UserStatus.Approved;
user.EmailStatus = registrationSettings.UsersMustValidateEmail ? UserStatus.Pending : UserStatus.Approved;
}
if (createUserParams.IsApproved) {
user.RegistrationStatus = UserStatus.Approved;
user.EmailStatus = UserStatus.Approved;
}
var userContext = new UserContext {User = user, Cancel = false, UserParameters = createUserParams};
foreach (var userEventHandler in _userEventHandlers) {
userEventHandler.Creating(userContext);
}
if (userContext.Cancel) {
return null;
}
_userRecordRepository.Create(user);
foreach (var userEventHandler in _userEventHandlers) {
userEventHandler.Created(userContext);
if (user.RegistrationStatus == UserStatus.Approved) {
userEventHandler.Approved(user);
}
}
if (registrationSettings != null
&& registrationSettings.UsersAreModerated
&& registrationSettings.NotifyModeration
&& !createUserParams.IsApproved) {
var usernames = String.IsNullOrWhiteSpace(registrationSettings.NotificationsRecipients)
? new string[0]
: registrationSettings.NotificationsRecipients.Split(new[] {',', ' '}, StringSplitOptions.RemoveEmptyEntries);
foreach (var userName in usernames) {
if (String.IsNullOrWhiteSpace(userName)) {
continue;
}
var recipient = GetUser(userName);
if (recipient != null) {
var template = _shapeFactory.Create("Template_User_Moderated", Arguments.From(createUserParams));
template.Metadata.Wrappers.Add("Template_User_Wrapper");
var parameters = new Dictionary<string, object> {
{"Subject", T("New account").Text},
{"Body", _shapeDisplay.Display(template)},
{"Recipients", new[] {recipient.Email}}
};
_messageService.Send("Email", parameters);
}
}
}
return user;
}
private bool ValidatePassword(UserRecord userRecord, string password)
{
// Note - the password format stored with the record is used
// otherwise changing the password format on the site would invalidate
// all logins
switch (userRecord.PasswordFormat) {
case MembershipPasswordFormat.Clear:
return ValidatePasswordClear(userRecord, password);
case MembershipPasswordFormat.Hashed:
return ValidatePasswordHashed(userRecord, password);
case MembershipPasswordFormat.Encrypted:
return ValidatePasswordEncrypted(userRecord, password);
default:
throw new ApplicationException("Unexpected password format value");
}
}
private bool ValidatePasswordEncrypted(UserRecord userRecord, string password)
{
return String.Equals(password, Encoding.UTF8.GetString(_encryptionService.Decode(Convert.FromBase64String(userRecord.Password))), StringComparison.Ordinal);
}
private void SetPasswordEncrypted(UserRecord userRecord, string password)
{
userRecord.Password = Convert.ToBase64String(_encryptionService.Encode(Encoding.UTF8.GetBytes(password)));
userRecord.PasswordSalt = null;
userRecord.PasswordFormat = MembershipPasswordFormat.Encrypted;
}
private static bool ValidatePasswordHashed(UserRecord userRecord, string password)
{
var saltBytes = Convert.FromBase64String(userRecord.PasswordSalt);
var passwordBytes = Encoding.Unicode.GetBytes(password);
var combinedBytes = saltBytes.Concat(passwordBytes).ToArray();
byte[] hashBytes;
using (var hashAlgorithm = HashAlgorithm.Create(userRecord.HashAlgorithm)) {
hashBytes = hashAlgorithm.ComputeHash(combinedBytes);
}
return userRecord.Password == Convert.ToBase64String(hashBytes);
}
private static bool ValidatePasswordClear(UserRecord userRecord, string password)
{
return userRecord.Password == password;
}
private static void SetPasswordHashed(UserRecord userRecord, string password)
{
var saltBytes = new byte[0x10];
using (var random = new RNGCryptoServiceProvider()) {
random.GetBytes(saltBytes);
}
var passwordBytes = Encoding.Unicode.GetBytes(password);
var combinedBytes = saltBytes.Concat(passwordBytes).ToArray();
byte[] hashBytes;
using (var hashAlgorithm = HashAlgorithm.Create(userRecord.HashAlgorithm)) {
hashBytes = hashAlgorithm.ComputeHash(combinedBytes);
}
userRecord.PasswordFormat = MembershipPasswordFormat.Hashed;
userRecord.Password = Convert.ToBase64String(hashBytes);
userRecord.PasswordSalt = Convert.ToBase64String(saltBytes);
}
private static void SetPasswordClear(UserRecord userRecord, string password)
{
userRecord.PasswordFormat = MembershipPasswordFormat.Clear;
userRecord.Password = password;
userRecord.PasswordSalt = null;
}