/// <summary>
/// Updates the user password
/// </summary>
/// <param name="newPassword">new password</param>
/// <param name="forceExpiration">force expiration</param>
/// <returns>True if the password was set successfully; false otherwise</returns>
public bool SetPassword(string newPassword, bool forceExpiration)
{
bool isAdmin = this.IsAdmin;
PasswordPolicy policy;
if (isAdmin)
{
policy = new MerchantPasswordPolicy();
}
else
{
policy = new CustomerPasswordPolicy();
}
int historyDays = policy.HistoryDays;
int historyCount = policy.HistoryCount;
DateTime lastPasswordDate = LocaleHelper.LocalNow.AddDays(-1 * historyDays);
UserPasswordCollection passwordCollection = this.Passwords;
int passwordCount = passwordCollection.Count;
for (int i = passwordCount - 1; i >= 0; i--)
{
UserPassword oldPassword = passwordCollection[i];
if ((oldPassword.PasswordNumber >= historyCount) && (oldPassword.CreateDate <= lastPasswordDate))
{
passwordCollection[i].Delete();
passwordCollection.RemoveAt(i);
}
else
{
passwordCollection[i].PasswordNumber++;
}
}
UserPassword userPassword = new UserPassword();
userPassword.Password = UserPasswordHelper.EncodePassword(newPassword, policy.PasswordFormat);
userPassword.PasswordFormat = policy.PasswordFormat;
userPassword.PasswordNumber = 1;
userPassword.CreateDate = LocaleHelper.LocalNow;
userPassword.ForceExpiration = forceExpiration;
passwordCollection.Add(userPassword);
this.LastPasswordChangedDate = userPassword.CreateDate;
bool result = (this.Save() != SaveResult.Failed);
if (isAdmin)
{
Logger.Audit(AuditEventType.PasswordChanged, result, string.Empty);
}
return(result);
}
public static UserPasswordCollection LoadForUser(Int32 userId, int maximumRows, int startRowIndex, string sortExpression)
{
//CREATE THE DYNAMIC SQL TO LOAD OBJECT
StringBuilder selectQuery = new StringBuilder();
selectQuery.Append("SELECT");
if (maximumRows > 0)
{
selectQuery.Append(" TOP " + (startRowIndex + maximumRows).ToString());
}
selectQuery.Append(" " + UserPassword.GetColumnNames(string.Empty));
selectQuery.Append(" FROM ac_UserPasswords");
selectQuery.Append(" WHERE UserId = @userId");
if (!string.IsNullOrEmpty(sortExpression))
{
selectQuery.Append(" ORDER BY " + sortExpression);
}
Database database = Token.Instance.Database;
DbCommand selectCommand = database.GetSqlStringCommand(selectQuery.ToString());
database.AddInParameter(selectCommand, "@userId", System.Data.DbType.Int32, userId);
//EXECUTE THE COMMAND
UserPasswordCollection results = new UserPasswordCollection();
int thisIndex = 0;
int rowCount = 0;
using (IDataReader dr = database.ExecuteReader(selectCommand))
{
while (dr.Read() && ((maximumRows < 1) || (rowCount < maximumRows)))
{
if (thisIndex >= startRowIndex)
{
UserPassword userPassword = new UserPassword();
UserPassword.LoadDataReader(userPassword, dr);
results.Add(userPassword);
rowCount++;
}
thisIndex++;
}
dr.Close();
}
return(results);
}