public override MembershipUser CheckedCreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status) { if (password.Length < MinRequiredPasswordLength) { throw new MembershipCreateUserException(MembershipCreateStatus.InvalidPassword); } ValidatePasswordEventArgs args = new ValidatePasswordEventArgs(username, password, true); OnValidatingPassword(args); if (args.Cancel) { status = MembershipCreateStatus.InvalidPassword; return(null); } var user = new User(); user.Username = username; password = password.Trim(); user.PasswordSalt = PasswordUtil.CreateRandomSalt(); user.PasswordHash = PasswordUtil.HashPassword(password, user.PasswordSalt); user.Email = email; user.ApplicationName = this.ApplicationName; user.DateCreated = DateTime.Now; using (var session = this.DocumentStore.OpenSession()) { session.Advanced.UseOptimisticConcurrency = true; try { session.Store(user); session.Store(new ReservationForUniqueFieldValue { Id = "username/" + user.Username }); session.Store(new ReservationForUniqueFieldValue { Id = "email/" + user.Email }); session.SaveChanges(); status = MembershipCreateStatus.Success; return(new MembershipUser(_providerName, username, user.Id, email, null, null, true, false, user.DateCreated, new DateTime(1900, 1, 1), new DateTime(1900, 1, 1), DateTime.Now, new DateTime(1900, 1, 1))); } catch (ConcurrencyException e) { status = InterpretConcurrencyException(user.Username, user.Email, e); } catch (Exception ex) { // TODO: log exception properly Console.WriteLine(ex.ToString()); status = MembershipCreateStatus.ProviderError; } } return(null); }
public override string ResetPassword(string username, string answer) { using (var session = this.DocumentStore.OpenSession()) { try { var q = from u in session.Query <User>() where u.Username == username && u.ApplicationName == this.ApplicationName select u; var user = q.SingleOrDefault(); if (user == null) { throw new Exception("The user to reset the password for could not be found."); } var newPassword = Membership.GeneratePassword(8, 2); user.PasswordSalt = PasswordUtil.CreateRandomSalt(); user.PasswordHash = PasswordUtil.HashPassword(newPassword, user.PasswordSalt); session.SaveChanges(); return(newPassword); } catch (Exception ex) { // TODO: log exception properly Console.WriteLine(ex.ToString()); throw; } } }
public override MembershipUser CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status) { ValidatePasswordEventArgs args = new ValidatePasswordEventArgs(username, password, true); OnValidatingPassword(args); if (args.Cancel) { status = MembershipCreateStatus.InvalidPassword; return(null); } //If we require a qeustion and answer for password reset/retrieval and they were not provided throw exception if (((_enablePasswordReset || _enablePasswordRetrieval) && _requiresQuestionAndAnswer) && string.IsNullOrEmpty(passwordAnswer)) { throw new ArgumentException("Requires question and answer is set to true and a question and answer were not provided."); } var user = new User(); user.Username = username; user.PasswordSalt = PasswordUtil.CreateRandomSalt(); user.PasswordHash = EncodePassword(password, user.PasswordSalt); user.Email = email; user.ApplicationName = ApplicationName; user.DateCreated = DateTime.Now; user.PasswordQuestion = passwordQuestion; user.PasswordAnswer = string.IsNullOrEmpty(passwordAnswer) ? passwordAnswer : EncodePassword(passwordAnswer, user.PasswordSalt); user.IsApproved = isApproved; user.IsLockedOut = false; user.IsOnline = false; using (var session = DocumentStore.OpenSession()) { if (RequiresUniqueEmail) { var existingUser = session.Query <User>() .Where(x => x.Email == email && x.ApplicationName == ApplicationName) .FirstOrDefault(); if (existingUser != null) { status = MembershipCreateStatus.DuplicateEmail; return(null); } } session.Store(user); session.SaveChanges(); status = MembershipCreateStatus.Success; return(new MembershipUser(ProviderName, username, user.Id, email, passwordQuestion, user.Comment, isApproved, false, user.DateCreated, new DateTime(1900, 1, 1), new DateTime(1900, 1, 1), DateTime.Now, new DateTime(1900, 1, 1))); } }
public override bool CheckedChangePassword(string username, string oldPassword, string newPassword) { using (var session = this.DocumentStore.OpenSession()) { var q = from u in session.Query <User>() where u.Username == username && u.ApplicationName == this.ApplicationName select u; var user = q.SingleOrDefault(); if (user == null || user.PasswordHash != PasswordUtil.HashPassword(oldPassword, user.PasswordSalt)) { throw new MembershipPasswordException("Invalid username or old password."); } user.PasswordSalt = PasswordUtil.CreateRandomSalt(); user.PasswordHash = PasswordUtil.HashPassword(newPassword, user.PasswordSalt); session.SaveChanges(); } return(true); }
private User CreateUserFake() { return(new User() { Username = "******", PasswordHash = "1234ABCD", PasswordSalt = PasswordUtil.CreateRandomSalt(), Email = "*****@*****.**", PasswordQuestion = "A QUESTION", PasswordAnswer = "A ANSWER", IsOnline = true, IsApproved = true, Comment = "A FAKE USER", ApplicationName = "TestApp", DateCreated = DateTime.Now, DateLastLogin = DateTime.Now, FailedPasswordAttempts = 0, FullName = "Wilby Jackson", IsLockedOut = false }); }