/// <summary>
/// Update the user.
/// </summary>
/// <param name="user">The membership user.</param>
public void UpdateUser(System.Web.Security.MembershipUser user)
{
// Get the user data.
Nequeo.DataAccess.CloudInteraction.Data.User userData = GetSpecificUser(user.UserName);
// Update the user.
if (user != null)
{
new Nequeo.DataAccess.CloudInteraction.Data.Extension.User().
Update.UpdateItemPredicate(
new Data.User()
{
Password = userData.Password,
PasswordAnswer = userData.PasswordAnswer,
Email = user.Email,
LastLoginDate = user.LastLoginDate,
LoggedIn = user.IsOnline,
UserSuspended = user.IsLockedOut,
LastActivityDate = user.LastActivityDate,
PasswordQuestion = user.PasswordQuestion,
LastPasswordChangedDate = user.LastPasswordChangedDate,
UserSuspendedDate = user.LastLockoutDate,
Comments = user.Comment
}, u =>
(u.Username == user.UserName) &&
(u.ApplicationName == ApplicationName)
);
}
}
/// <summary>
/// Change password question and answer.
/// </summary>
/// <param name="username">The username.</param>
/// <param name="password">The password.</param>
/// <param name="newPasswordQuestion">The new password question.</param>
/// <param name="newPasswordAnswer">The new password question.</param>
/// <returns>True if complete; else false.</returns>
public bool ChangePasswordQuestionAndAnswer(string username, string password, string newPasswordQuestion, string newPasswordAnswer)
{
// Validate the user.
if (!ValidateUser(username, password))
{
return(false);
}
bool ret = false;
// Get the user data.
Nequeo.DataAccess.CloudInteraction.Data.User user = GetSpecificUser(username);
// User exists.
if (user != null)
{
// Update the question and answer.
ret = new Nequeo.DataAccess.CloudInteraction.Data.Extension.User().
Update.UpdateItemPredicate(
new Data.User()
{
Password = user.Password,
PasswordQuestion = newPasswordQuestion,
PasswordAnswer = newPasswordAnswer
}, u =>
(u.Username == username) &&
(u.ApplicationName == ApplicationName)
);
}
// Return the result.
return(ret);
}
/// <summary>
/// Get the specific user for the current application.
/// </summary>
/// <param name="username">The user username.</param>
/// <param name="password">The user password.</param>
/// <returns>The user; else null.</returns>
protected Nequeo.DataAccess.CloudInteraction.Data.User GetSpecificUser(string username, string password)
{
// Get the client data.
Nequeo.DataAccess.CloudInteraction.Data.Extension.User userExt = new Nequeo.DataAccess.CloudInteraction.Data.Extension.User();
Nequeo.DataAccess.CloudInteraction.Data.User user = userExt.Select.SelectDataEntity(u => (u.Username == username) && (u.Password == password));
// Return the user.
return(user);
}
/// <summary>
/// Get the specific user for the current application.
/// </summary>
/// <param name="userID">The userID.</param>
/// <returns>The user; else null.</returns>
protected Nequeo.DataAccess.CloudInteraction.Data.User GetSpecificUser(long userID)
{
// Get the client data.
Nequeo.DataAccess.CloudInteraction.Data.Extension.User userExt = new Nequeo.DataAccess.CloudInteraction.Data.Extension.User();
Nequeo.DataAccess.CloudInteraction.Data.User user = userExt.Select.SelectDataEntity(u => (u.UserID == userID));
// Return the user.
return(user);
}
/// <summary>
/// Get the specific user for the current application.
/// </summary>
/// <param name="username">The username.</param>
/// <returns>The user; else null.</returns>
private Nequeo.DataAccess.CloudInteraction.Data.User GetSpecificUser(string username)
{
// Get the user data.
Nequeo.DataAccess.CloudInteraction.Data.Extension.User userExt = new Nequeo.DataAccess.CloudInteraction.Data.Extension.User();
Nequeo.DataAccess.CloudInteraction.Data.User user =
userExt.Select.SelectDataEntity(
u =>
(u.Username == username) &&
(u.ApplicationName == ApplicationName)
);
// Return the user.
return(user);
}
/// <summary>
/// Reset password.
/// </summary>
/// <param name="username">The username.</param>
/// <param name="answer">The answer.</param>
/// <returns>The new password.</returns>
public string ResetPassword(string username, string answer)
{
// Get the user data.
Nequeo.DataAccess.CloudInteraction.Data.User user = GetSpecificUser(username);
if (!EnablePasswordReset)
{
throw new NotSupportedException("Password reset is not enabled.");
}
if (user == null)
{
throw new NotSupportedException("The supplied user name has not been found.");
}
// If a password answer is required.
if (answer == null && RequiresQuestionAndAnswer)
{
UpdateFailureCount(username, "passwordAnswer", user);
throw new Exception("Password answer required for password reset.");
}
// Generate the new password.
string newPassword = System.Web.Security.Membership.GeneratePassword(MinRequiredPasswordLength, MinRequiredNonAlphanumericCharacters);
// If a password answer is required.
if (RequiresQuestionAndAnswer && !CheckPassword(answer, user.PasswordAnswer))
{
UpdateFailureCount(username, "passwordAnswer", user);
throw new Exception("Incorrect password answer.");
}
// Update the password.
user.Password = newPassword;
user.LastPasswordChangedDate = DateTime.Now;
bool ret = new Nequeo.DataAccess.CloudInteraction.Data.Extension.User().Update.UpdateItem(user);
// Return the password.
if (ret)
{
return(newPassword);
}
else
{
throw new Exception("User not found, or user is locked out. Password not Reset.");
}
}
/// <summary>
/// Unlock the user.
/// </summary>
/// <param name="userName">The username.</param>
/// <returns>True if complete; else false.</returns>
public bool UnlockUser(string userName)
{
bool ret = false;
// Get the user data.
Nequeo.DataAccess.CloudInteraction.Data.User user = GetSpecificUser(userName);
// Update the user.
if (user != null)
{
user.UserSuspended = false;
ret = new Nequeo.DataAccess.CloudInteraction.Data.Extension.User().Update.UpdateItem(user);
}
// Return the result.
return(ret);
}
/// <summary>
/// Get password.
/// </summary>
/// <param name="username">The username.</param>
/// <param name="answer">The answer.</param>
/// <returns>The password.</returns>
public string GetPassword(string username, string answer)
{
string password = "";
string passwordAnswer = "";
if (!EnablePasswordRetrieval)
{
throw new Exception("Password Retrieval Not Enabled.");
}
if (PasswordFormat == System.Web.Security.MembershipPasswordFormat.Hashed)
{
throw new Exception("Cannot retrieve Hashed passwords.");
}
// Get the user data.
Nequeo.DataAccess.CloudInteraction.Data.User user = GetSpecificUser(username);
if (user == null)
{
throw new NotSupportedException("The supplied user name has not been found.");
}
// Assing the password data.
password = user.Password;
passwordAnswer = user.PasswordAnswer;
// If a password answer is required.
if (RequiresQuestionAndAnswer && !CheckPassword(answer, passwordAnswer))
{
UpdateFailureCount(username, "passwordAnswer", user);
throw new Exception("Incorrect password answer.");
}
// Unencode the password.
if (PasswordFormat == System.Web.Security.MembershipPasswordFormat.Encrypted)
{
password = UnEncodePassword("", password);
}
// Return the password.
return(password);
}
/// <summary>
/// Validate the user.
/// </summary>
/// <param name="username">The username.</param>
/// <param name="password">The password.</param>
/// <returns>True if complete; else false.</returns>
public bool ValidateUser(string username, string password)
{
bool isValid = false;
// Attempt to validate the user.
Nequeo.DataAccess.CloudInteraction.Data.User user = GetSpecificUser(username);
// User maybe suspended (LockedOut).
if (user != null)
{
// If user is suspended.
if (user.UserSuspended)
{
isValid = false;
}
else
{
// Check the password format.
if (CheckPassword(password, user.Password))
{
// If the user has been approved.
if (user.IsApproved)
{
// User is valid.
isValid = true;
// Update the user data.
user.LastLoginDate = DateTime.Now;
new Nequeo.DataAccess.CloudInteraction.Data.Extension.User().Update.UpdateItem(user);
}
}
else
{
UpdateFailureCount(username, "password", user);
}
}
}
// Return true if valid else false.
return(isValid);
}
/// <summary>
/// Get user.
/// </summary>
/// <param name="username">The username.</param>
/// <param name="userIsOnline">Is the user online.</param>
/// <returns>The membership user.</returns>
public System.Web.Security.MembershipUser GetUser(string username, bool userIsOnline)
{
System.Web.Security.MembershipUser memShipUser = null;
// Get the user data.
Nequeo.DataAccess.CloudInteraction.Data.User user = GetSpecificUser(username);
// Make sure that the user exists.
if (user != null)
{
// Create the membership user.
memShipUser = new System.Web.Security.MembershipUser(
ProviderName,
username,
user.UserID,
user.Email,
user.PasswordQuestion,
user.Comments,
user.IsApproved,
user.UserSuspended,
user.CreationDate,
user.LastLoginDate,
user.LastActivityDate,
user.LastPasswordChangedDate,
user.UserSuspendedDate);
// If user is on line.
if (userIsOnline)
{
user.LastActivityDate = DateTime.Now;
bool ret = new Nequeo.DataAccess.CloudInteraction.Data.Extension.User().Update.UpdateItem(user);
}
}
// Return the membership user.
return(memShipUser);
}
/// <summary>
/// Update the current user failure count.
/// </summary>
/// <param name="username">The username.</param>
/// <param name="failureType">The failure type.</param>
/// <param name="user">The current user.</param>
private void UpdateFailureCount(string username, string failureType, Nequeo.DataAccess.CloudInteraction.Data.User user)
{
DateTime windowStart = new DateTime();
int failureCount = 0;
// Get the failure type 'Password'
if (failureType == "password")
{
failureCount = user.FailedPasswordAttemptCount;
windowStart = user.FailedPasswordAttemptWindowStart;
}
// Get the failure type 'Password Answer'
if (failureType == "passwordAnswer")
{
failureCount = user.FailedPasswordAnswerAttemptCount;
windowStart = user.FailedPasswordAnswerAttemptWindowStart;
}
// Get the number of minutes to lockout the user
// from getting the password again.
DateTime windowEnd = windowStart.AddMinutes(PasswordAttemptWindow);
// First password failure or outside of PasswordAttemptWindow.
// Start a new password failure count from 1 and a new window starting now.
if (failureCount == 0 || DateTime.Now > windowEnd)
{
// Get the failure type 'Password'
if (failureType == "password")
{
user.FailedPasswordAttemptCount = 1;
user.FailedPasswordAttemptWindowStart = DateTime.Now;
new Nequeo.DataAccess.CloudInteraction.Data.Extension.User().Update.UpdateItem(user);
}
// Get the failure type 'Password Answer'
if (failureType == "passwordAnswer")
{
user.FailedPasswordAnswerAttemptCount = 1;
user.FailedPasswordAnswerAttemptWindowStart = DateTime.Now;
new Nequeo.DataAccess.CloudInteraction.Data.Extension.User().Update.UpdateItem(user);
}
}
else
{
// Password attempts have exceeded the failure threshold. Lock out the user.
if (failureCount++ >= MaxInvalidPasswordAttempts)
{
user.UserSuspended = true;
user.UserSuspendedDate = DateTime.Now;
new Nequeo.DataAccess.CloudInteraction.Data.Extension.User().Update.UpdateItem(user);
}
else
{
// Get the failure type 'Password'
if (failureType == "password")
{
user.FailedPasswordAttemptCount = failureCount;
new Nequeo.DataAccess.CloudInteraction.Data.Extension.User().Update.UpdateItem(user);
}
// Get the failure type 'Password Answer'
if (failureType == "passwordAnswer")
{
user.FailedPasswordAnswerAttemptCount = failureCount;
new Nequeo.DataAccess.CloudInteraction.Data.Extension.User().Update.UpdateItem(user);
}
}
}
}
