/// <summary>
/// Changes the password after first validating the existing password
/// </summary>
/// <param name="user">The user.</param>
/// <param name="oldPassword">The old password.</param>
/// <param name="newPassword">The new password.</param>
/// <returns></returns>
public bool ChangePassword( User user, string oldPassword, string newPassword )
{
if ( !Validate( user, oldPassword ) )
return false;
user.Password = EncodePassword( newPassword );
user.LastPasswordChangedDate = DateTime.Now;
return true;
}
/// <summary>
/// Return <c>true</c> if the user is authorized to perform the selected action on this object.
/// </summary>
/// <param name="action">The action.</param>
/// <param name="user">The user.</param>
/// <returns></returns>
public virtual bool Authorized( string action, User user )
{
return Security.Authorization.Authorized( this, action, user );
}
/// <summary>
/// Handles the Click event of the btnCodeReset control.
/// </summary>
/// <param name="sender">The source of the event.</param>
/// <param name="e">The <see cref="System.EventArgs"/> instance containing the event data.</param>
protected void btnCodeReset_Click( object sender, EventArgs e )
{
ConfirmationCode = tbConfirmationCode.Text;
user = userService.GetByConfirmationCode( ConfirmationCode );
ShowResetPassword();
}
/// <summary>
/// Handles the Click event of the btnCodeDelete control.
/// </summary>
/// <param name="sender">The source of the event.</param>
/// <param name="e">The <see cref="System.EventArgs"/> instance containing the event data.</param>
protected void btnCodeDelete_Click( object sender, EventArgs e )
{
ConfirmationCode = tbConfirmationCode.Text;
user = userService.GetByConfirmationCode( ConfirmationCode );
ShowDelete();
}
/// <summary>
/// Raises the <see cref="E:System.Web.UI.Control.Load"/> event.
/// </summary>
/// <param name="e">The <see cref="T:System.EventArgs"/> object that contains the event data.</param>
protected override void OnLoad( EventArgs e )
{
base.OnLoad( e );
pnlCode.Visible = false;
pnlConfirmed.Visible = false;
pnlResetPassword.Visible = false;
pnlResetSuccess.Visible = false;
pnlDelete.Visible = false;
pnlDeleted.Visible = false;
pnlInvalid.Visible = false;
userService = new UserService();
if (!Page.IsPostBack)
{
lDeleted.Text = AttributeValue( "DeletedCaption" );
string invalidCaption = AttributeValue( "InvalidCaption" );
if ( invalidCaption.Contains( "{0}" ) )
invalidCaption = string.Format( invalidCaption, ResolveUrl( "~/NewAccount" ) );
lInvalid.Text = invalidCaption;
ConfirmationCode = Request.QueryString["cc"];
user = userService.GetByConfirmationCode( ConfirmationCode );
string action = Request.QueryString["action"] ?? "";
switch ( action.ToLower() )
{
case "delete":
ShowDelete();
break;
case "reset":
ShowResetPassword();
break;
default:
ShowConfirmed();
break;
}
}
}
protected void btnResetPassword_Click( object sender, EventArgs e )
{
user = userService.GetByConfirmationCode( ConfirmationCode );
ShowResetSuccess();
}
/// <summary>
/// Handles the Click event of the btnDelete control.
/// </summary>
/// <param name="sender">The source of the event.</param>
/// <param name="e">The <see cref="System.EventArgs"/> instance containing the event data.</param>
protected void btnDelete_Click( object sender, EventArgs e )
{
user = userService.GetByConfirmationCode( ConfirmationCode );
ShowDeleted();
}
private XElement MenuXmlElement( int levelsDeep, User user )
{
if ( levelsDeep >= 0 && this.DisplayInNav( user ) )
{
XElement pageElement = new XElement( "page",
new XAttribute( "id", this.Id ),
new XAttribute( "title", this.Title ?? this.Name ),
new XAttribute( "url", this.Url),
new XAttribute( "display-description", this.MenuDisplayDescription.ToString().ToLower() ),
new XAttribute( "display-icon", this.MenuDisplayIcon.ToString().ToLower() ),
new XAttribute( "display-child-pages", this.MenuDisplayChildPages.ToString().ToLower() ),
new XElement( "description", this.Description ?? "" ),
new XElement( "icon-url", this.IconUrl ?? "" ) );
XElement childPagesElement = new XElement( "pages" );
pageElement.Add( childPagesElement );
if ( levelsDeep > 0 && this.MenuDisplayChildPages)
foreach ( Page page in Pages )
{
XElement childPageElement = page.MenuXmlElement( levelsDeep - 1, user );
if ( childPageElement != null )
childPagesElement.Add( childPageElement );
}
return pageElement;
}
else
return null;
}
/// <summary>
/// Returns XML for a page menu.
/// </summary>
/// <param name="levelsDeep">The page levels deep.</param>
/// <param name="user">The user.</param>
/// <returns></returns>
public XDocument MenuXml( int levelsDeep, User user )
{
XElement menuElement = MenuXmlElement( levelsDeep, user );
return new XDocument( new XDeclaration( "1.0", "UTF-8", "yes" ), menuElement );
}
/// <summary>
/// Returns XML for a page menu. XML will be 1 level deep
/// </summary>
/// <param name="user">The user.</param>
/// <returns></returns>
public XDocument MenuXml( User user )
{
return MenuXml( 1, user );
}
/// <summary>
/// <c>true</c> or <c>false</c> value of whether the page can be displayed in a navigation menu
/// based on the <see cref="DisplayInNavWhen"/> property value and the security of the currently logged in user
/// </summary>
/// <param name="user">The current user.</param>
/// <returns></returns>
public bool DisplayInNav( User user )
{
switch ( this.DisplayInNavWhen )
{
case CMS.DisplayInNavWhen.Always:
return true;
case CMS.DisplayInNavWhen.WhenAllowed:
return this.Authorized( "View", user );
default:
return false;
}
}
/// <summary>
/// Changes the password.
/// </summary>
/// <param name="user">The user.</param>
/// <param name="password">The password.</param>
public void ChangePassword( User user, string password )
{
user.Password = EncodePassword( password );
user.LastPasswordChangedDate = DateTime.Now;
}
private void UpdateFailureCount(User user)
{
int passwordAttemptWindow = 0;
int maxInvalidPasswordAttempts = int.MaxValue;
Rock.Web.Cache.GlobalAttributes globalAttributes = Rock.Web.Cache.GlobalAttributes.Read();
if ( !Int32.TryParse( globalAttributes.AttributeValue( "PasswordAttemptWindow" ), out passwordAttemptWindow ) )
passwordAttemptWindow = 0;
if ( !Int32.TryParse( globalAttributes.AttributeValue( "MaxInvalidPasswordAttempts" ), out maxInvalidPasswordAttempts ) )
maxInvalidPasswordAttempts = int.MaxValue;
DateTime firstAttempt = user.FailedPasswordAttemptWindowStart ?? DateTime.MinValue;
int attempts = user.FailedPasswordAttemptCount ?? 0;
TimeSpan window = new TimeSpan( 0, passwordAttemptWindow, 0 );
if ( DateTime.Now.CompareTo( firstAttempt.Add( window ) ) < 0 )
{
attempts++;
if ( attempts >= maxInvalidPasswordAttempts )
{
user.IsLockedOut = true;
user.LastLockedOutDate = DateTime.Now;
}
user.FailedPasswordAttemptCount = attempts;
}
else
{
user.FailedPasswordAttemptCount = 1;
user.FailedPasswordAttemptWindowStart = DateTime.Now;
}
}
/// <summary>
/// Validates the specified user.
/// </summary>
/// <param name="user">The user.</param>
/// <param name="password">The password.</param>
/// <returns></returns>
public bool Validate( User user, string password )
{
if ( EncodePassword( password ) == user.Password )
{
if ( user.IsConfirmed ?? false )
if ( !user.IsLockedOut.HasValue || !user.IsLockedOut.Value )
{
user.LastLoginDate = DateTime.Now;
this.Save( user, null );
return true;
}
return false;
}
else
{
UpdateFailureCount( user );
this.Save( user, null );
return false;
}
}
/// <summary>
/// Unlocks the user.
/// </summary>
/// <param name="user">The user.</param>
public void Unlock( User user )
{
user.IsLockedOut = false;
this.Save( user, null );
}
/// <summary>
/// Creates a new user.
/// </summary>
/// <param name="person">The person.</param>
/// <param name="authenticationType">Type of the authentication.</param>
/// <param name="username">The username.</param>
/// <param name="password">The password.</param>
/// <param name="isConfirmed">if set to <c>true</c> [is confirmed].</param>
/// <param name="currentPersonId">The current person id.</param>
/// <returns></returns>
public User Create( Rock.CRM.Person person,
AuthenticationType authenticationType,
string username,
string password,
bool isConfirmed,
int? currentPersonId )
{
User user = this.GetByUserName( username );
if ( user != null )
throw new ArgumentOutOfRangeException( "username", "Username already exists" );
DateTime createDate = DateTime.Now;
user = new User();
user.UserName = username;
user.Password = EncodePassword( password );
user.IsConfirmed = isConfirmed;
user.CreationDate = createDate;
user.LastPasswordChangedDate = createDate;
if ( person != null )
user.PersonId = person.Id;
user.AuthenticationType = authenticationType;
this.Add( user, currentPersonId );
this.Save( user, currentPersonId );
return user;
}
