public override bool UnlockUser(string username)
{
try
{
using (SecurityDAO secDAO = new SecurityDAO())
{
User user = secDAO.ReadUserByName(username);
if (user == null)
{
return false;
}
user.Blocked = false;
secDAO.UpdateUser(user);
//TODO record somewhere into the db that the user got unblocked
return true;
}
}
catch (Exception)
{
return false;
}
}
public override bool ValidateUser(string username, string password)
{
using (SecurityDAO secDAO = new SecurityDAO())
{
User user = secDAO.ReadUserByName(username);
if (user == null)
return false;
string hashedPassword = secDAO.EncodePassword(password, user.Salt);
bool isValid = (!user.Blocked && user.Password == hashedPassword);
if (isValid)
{
secDAO.RecordUserLoginSuccess(user);
}
else
{
//TODO record user login attemp failure
secDAO.RecordUserLoginFailure(user);
}
return isValid;
}
}
/// <summary>
/// Takes, as input, a user name and a Boolean value indicating whether to update the LastActivityDate value for the user to show that the user is currently online. The GetUser method returns a MembershipUser object populated with current values from the data source for the specified user. If the user name is not found in the data source, the GetUser method returns null (Nothing in Visual Basic).
/// </summary>
/// <param name="username"></param>
/// <param name="userIsOnline"></param>
/// <returns></returns>
public override MembershipUser GetUser(string username, bool userIsOnline)
{
using (SecurityDAO secDAO = new SecurityDAO())
{
User dbUser = secDAO.ReadUserByName(username);
MembershipUser user = secDAO.ConvertUserToMembershipUser(dbUser, this.Name);
if (userIsOnline)
{
secDAO.RecordUserActivity(dbUser);
}
return user;
}
}
