public override string ResetPassword(string username, string answer)
{
username = Util.GetUserName(username);
if (!EnablePasswordReset)
{
throw new NotSupportedException("Password reset is not enabled.");
}
var db = GetDb();
var user = db.Users.SingleOrDefault(u => u.Username == username);
if (user == null)
{
throw new MembershipPasswordException("The supplied user name is not found.");
}
if (answer == null && RequiresQuestionAndAnswer)
{
UpdateFailureCount(db, user, "passwordAnswer");
throw new ProviderException("Password answer required for password reset.");
}
var newPassword = Membership.GeneratePassword(newPasswordLength, MinRequiredNonAlphanumericCharacters);
var args = new ValidatePasswordEventArgs(username, newPassword, true);
OnValidatingPassword(args);
if (args.Cancel)
{
if (args.FailureInformation != null)
{
throw args.FailureInformation;
}
else
{
throw new MembershipPasswordException("Reset password canceled due to password validation failure.");
}
}
if (user.IsLockedOut)
{
throw new MembershipPasswordException("The supplied user is locked out.");
}
if (RequiresQuestionAndAnswer && !CheckPassword(answer, user.PasswordAnswer))
{
UpdateFailureCount(db, user, "passwordAnswer");
throw new MembershipPasswordException("Incorrect password answer.");
}
user.Password = EncodePassword(newPassword);
user.LastPasswordChangedDate = Util.Now;
ApiSessionModel.DeleteSession(db, user);
db.SubmitChanges();
return(newPassword);
}
public override bool ChangePassword(string username, string oldPwd, string newPwd)
{
username = Util.GetUserName(username);
if (!ValidateUser(username, oldPwd))
{
return(false);
}
var args = new ValidatePasswordEventArgs(username, newPwd, true);
OnValidatingPassword(args);
if (args.Cancel)
{
if (args.FailureInformation != null)
{
throw args.FailureInformation;
}
else
{
throw new MembershipPasswordException("Change password canceled due to new password validation failure.");
}
}
if (!AdminOverride)
{
if (newPwd.Length < MinRequiredPasswordLength)
{
throw new ArgumentException("Password must contain at least {0} chars".Fmt(MinRequiredPasswordLength));
}
if (MembershipService.RequireSpecialCharacter)
{
if (newPwd.All(char.IsLetterOrDigit))
{
throw new ArgumentException("Password needs at least 1 non-alphanumeric chars");
}
}
if (MembershipService.RequireOneNumber)
{
if (!newPwd.Any(char.IsDigit))
{
throw new ArgumentException("Password needs at least 1 number");
}
}
if (MembershipService.RequireOneUpper)
{
if (!newPwd.Any(char.IsUpper))
{
throw new ArgumentException("Password needs at least 1 uppercase letter");
}
}
}
var db = GetDb();
var user = db.Users.Single(u => u.Username == username);
user.Password = EncodePassword(newPwd);
user.MustChangePassword = false;
user.LastPasswordChangedDate = Util.Now;
ApiSessionModel.DeleteSession(db, user);
db.SubmitChanges();
return(true);
}
