public override bool ChangePassword(string username, string oldPassword, string newPassword)
{
SecUtility.CheckParameter(ref username, true, true, true, 256, "username");
SecUtility.CheckParameter(ref oldPassword, true, true, false, 128, "oldPassword");
SecUtility.CheckParameter(ref newPassword, true, true, false, 128, "newPassword");
//if (!CheckPassword(username, oldPassword, false))
//{
// return false;
//}
if (newPassword.Length < MinRequiredPasswordLength)
{
throw new ArgumentException(SR.GetString(
SR.Password_too_short,
"newPassword",
MinRequiredPasswordLength.ToString(CultureInfo.InvariantCulture)));
}
int count = 0;
for (int i = 0; i < newPassword.Length; i++)
{
if (!char.IsLetterOrDigit(newPassword, i))
{
count++;
}
}
if (count < MinRequiredNonAlphanumericCharacters)
{
throw new ArgumentException(SR.GetString(
SR.Password_need_more_non_alpha_numeric_chars,
"newPassword",
MinRequiredNonAlphanumericCharacters.ToString(CultureInfo.InvariantCulture)));
}
if (PasswordStrengthRegularExpression.Length > 0)
{
if (!Regex.IsMatch(newPassword, PasswordStrengthRegularExpression))
{
throw new ArgumentException(SR.GetString(SR.Password_does_not_match_regular_expression,
"newPassword"));
}
}
string pass = EncodePassword(newPassword);
if (pass.Length > 128)
{
throw new ArgumentException(SR.GetString(SR.Membership_password_too_long), "newPassword");
}
return(SqlHelper.ExecuteNonQuery(CommandType.Text, "update tbOper set cnvcPwd = '" + pass + "' where cnvcOperName = '" + username + "'") > 0);
}
public void min_required_non_alpha_chars_returns_true_when_2_required_non_alpha_chars_are_required_and_3_are_found()
{
// Arrange
string password = "******";
string username = "******";
int numOfRequiredNonAlphaChars = 2;
// Act
var rule = new MinRequiredNonAlphanumericCharacters(username, password, numOfRequiredNonAlphaChars);
bool actual = rule.Validate();
// Assert
Assert.IsTrue(actual);
}
public void min_required_non_alpha_chars_returns_false_when_non_zero_amount_of_required_non_alpha_chars_are_required_and_none_are_found()
{
// Arrange
string password = "******";
string username = "******";
int numOfRequiredNonAlphaChars = 1;
// Act
var rule = new MinRequiredNonAlphanumericCharacters(username, password, numOfRequiredNonAlphaChars);
bool actual = rule.Validate();
// Assert
Assert.IsFalse(actual);
}
public void min_required_non_alpha_chars_returns_proper_error_message()
{
// Arrange
string password = "******";
string username = "******";
int numOfRequiredNonAlphaChars = 1;
// Act
var rule = new MinRequiredNonAlphanumericCharacters(username, password, numOfRequiredNonAlphaChars);
string actual = rule.ErrorMessage;
// Assert
Assert.AreEqual("The password for 'myusername' does not contain the minimum number of required alphanumeric characters.", actual);
}
public void ValidateNewPassword(string username, string newPassword, bool isNewUser)
{
if (newPassword.Length < MinRequiredPasswordLength)
{
throw new ArgumentException(String.Format("The length of parameter 'newPassword' needs to be greater or equal to '{0}'.",
MinRequiredPasswordLength.ToString(Invariants.NumberFormat)));
}
if (MinRequiredNonAlphanumericCharacters > 0)
{
int count = 0;
for (int i = 0; i < newPassword.Length; i++)
{
if (!Char.IsLetterOrDigit(newPassword, i))
{
count++;
}
}
if (count < MinRequiredNonAlphanumericCharacters)
{
throw new ArgumentException(String.Format("Non alpha numeric characters in 'newPassword' needs to be greater than or equal to '{0}'.",
MinRequiredNonAlphanumericCharacters.ToString(Invariants.NumberFormat)));
}
}
if (!string.IsNullOrEmpty(PasswordStrengthRegularExpression) &&
!Regex.IsMatch(newPassword, PasswordStrengthRegularExpression))
{
throw new ArgumentException("The parameter 'newPassword' does not match the regular expression specified in config file.");
}
ValidatePasswordEventArgs args = new ValidatePasswordEventArgs(username, newPassword, true);
OnValidatingPassword(args);
if (args.Cancel)
{
if (args.FailureInformation != null)
{
throw args.FailureInformation;
}
else
{
throw new MembershipPasswordException("Change password canceled due to new password validation failure.");
}
}
}
public override bool ChangePassword(string username, string oldPassword, string newPassword)
{
if (!ValidateUser(username, oldPassword))
{
return(false);
}
username = username.ToLower();
if (newPassword.Length < MinRequiredPasswordLength)
{
throw new ArgumentException(String.Format("The length of parameter 'newPassword' needs to be greater or equal to '{0}'.", MinRequiredPasswordLength.ToString(CultureInfo.InvariantCulture)));
}
int count = 0;
for (int i = 0; i < newPassword.Length; i++)
{
if (!char.IsLetterOrDigit(newPassword, i))
{
count++;
}
}
if (count < MinRequiredNonAlphanumericCharacters)
{
throw new ArgumentException(String.Format("Non alpha numeric characters in 'newPassword' needs to be greater than or equal to '{0}'.", MinRequiredNonAlphanumericCharacters.ToString(CultureInfo.InvariantCulture)));
}
if (PasswordStrengthRegularExpression.Length > 0)
{
if (!Regex.IsMatch(newPassword, PasswordStrengthRegularExpression))
{
throw new ArgumentException("The parameter 'newPassword' does not match the regular expression specified in config file.");
}
}
ValidatePasswordEventArgs args = new ValidatePasswordEventArgs(username, newPassword, true);
OnValidatingPassword(args);
if (args.Cancel)
{
if (args.FailureInformation != null)
{
throw args.FailureInformation;
}
else
{
throw new MembershipPasswordException("Change password canceled due to new password validation failure.");
}
}
return(this.SetPassword(username, newPassword));
}