} // MatchesEnteredEmail
public bool IsPasswordValid(string sPassword)
{
var pu = new PasswordUtility(CurrentValues.Instance.PasswordHashCycleCount);
if (IsOldPasswordStyle)
{
bool success =
(Password == HashPassword(sPassword, Email, CreationDate)) ||
(Password == HashPassword(sPassword));
if (success)
{
RenewStoredPassword = pu.Generate(Email, sPassword);
}
return(success);
} // if
var storedPassword = new HashedPassword(Email, CycleCount, EzPassword, Salt);
PasswordValidationResult validateResult = pu.Validate(sPassword, storedPassword);
RenewStoredPassword = validateResult.NewPassword;
return(validateResult.Match);
} // IsPasswordValid
} // Name
public override void Execute()
{
bool emptyPassword =
string.IsNullOrWhiteSpace(this.oldPassword) ||
string.IsNullOrWhiteSpace(this.newPassword) ||
string.IsNullOrWhiteSpace(this.newPasswordAgain);
if (emptyPassword)
{
throw new StrategyWarning(this, "Password not specified for broker '" + this.spLoad.ContactEmail + "'.");
}
if (this.oldPassword == this.newPassword)
{
throw new StrategyWarning(
this,
"New and old passwords are the same for broker '" + this.spLoad.ContactEmail + "'."
);
} // if
if (this.newPassword != this.newPasswordAgain)
{
throw new StrategyWarning(
this,
"New password and its confirmation are not the same for broker '" + this.spLoad.ContactEmail + "'."
);
} // if
this.spLoad.ExecuteNonQuery();
if (BrokerID < 1)
{
throw new StrategyWarning(this, "Failed to find broker by email '" + this.spLoad.ContactEmail + "'.");
}
var pu = new PasswordUtility(CurrentValues.Instance.PasswordHashCycleCount);
var currentHashed = new HashedPassword(
this.spLoad.ContactEmail,
this.spLoad.CycleCount,
this.spLoad.EzPassword,
this.spLoad.Salt
);
if (!pu.Validate(this.oldPassword, currentHashed))
{
throw new StrategyWarning(
this,
"Current password does not match for broker by email '" + this.spLoad.ContactEmail + "'."
);
} // if
var hashed = pu.Generate(this.spLoad.ContactEmail, this.newPassword);
new SpBrokerUpdatePassword(BrokerID, hashed, DB, Log).ExecuteNonQuery();
FireToBackground(new BrokerPasswordChanged(BrokerID, this.newPassword));
} // Execute
} // Execute
private void ValidateCredentials()
{
this.spOnSuccess.BrokerID = 0;
SafeReader sr = this.spLoadDataForLoginCheck.GetFirst();
if (sr.IsEmpty)
{
Log.Warn(
"Could not find broker details by email '{0}' and origin '{1}'.",
this.spLoadDataForLoginCheck.Email,
this.spLoadDataForLoginCheck.UiOriginID
);
throw new StrategyWarning(this, "Invalid user name or password.");
} // if
string userName = sr["UserName"];
int originID = sr["OriginID"];
bool mismatch =
!Normalize(this.spLoadDataForLoginCheck.Email).Equals(Normalize(userName)) ||
(originID != this.spLoadDataForLoginCheck.UiOriginID);
if (mismatch)
{
Log.Warn(
"User name and origin returned by email '{0}' with origin '{1}' are '{2}', '{3}' " +
"and differ from the requested user name and origin.",
this.spLoadDataForLoginCheck.Email,
this.spLoadDataForLoginCheck.UiOriginID,
userName,
originID
);
throw new StrategyWarning(this, "Invalid user name or password.");
} // if
var storedPassword = new HashedPassword(
userName,
(string)sr["CycleCount"],
(string)sr["EzPassword"],
(string)sr["Salt"]
);
var pu = new PasswordUtility(CurrentValues.Instance.PasswordHashCycleCount);
PasswordValidationResult validationResult = pu.Validate(this.password, storedPassword);
if (!validationResult.Match)
{
Log.Warn(
"Invalid password specified for broker email '{0}' and origin '{1}'.",
this.spLoadDataForLoginCheck.Email,
this.spLoadDataForLoginCheck.UiOriginID
);
throw new StrategyWarning(this, "Invalid user name or password.");
} // if
this.spOnSuccess.BrokerID = sr["BrokerID"];
if (validationResult.NewPassword == null)
{
this.spOnSuccess.EzPassword = null;
this.spOnSuccess.Salt = null;
this.spOnSuccess.CycleCount = null;
}
else
{
this.spOnSuccess.EzPassword = validationResult.NewPassword.Password;
this.spOnSuccess.Salt = validationResult.NewPassword.Salt;
this.spOnSuccess.CycleCount = validationResult.NewPassword.CycleCount;
} // if
Log.Msg(
"Broker email '{0}' and origin '{1}' was validated as broker #{2}.",
this.spLoadDataForLoginCheck.Email,
this.spLoadDataForLoginCheck.UiOriginID,
this.spOnSuccess.BrokerID
);
} // ValidateCredentials
