public override MembershipUser CheckedCreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status)
{
if (password.Length < MinRequiredPasswordLength)
{
throw new MembershipCreateUserException(MembershipCreateStatus.InvalidPassword);
}
ValidatePasswordEventArgs args = new ValidatePasswordEventArgs(username, password, true);
OnValidatingPassword(args);
if (args.Cancel)
{
status = MembershipCreateStatus.InvalidPassword;
return(null);
}
var user = new User();
user.Username = username;
password = password.Trim();
user.PasswordSalt = PasswordUtil.CreateRandomSalt();
user.PasswordHash = PasswordUtil.HashPassword(password, user.PasswordSalt);
user.Email = email;
user.ApplicationName = this.ApplicationName;
user.DateCreated = DateTime.Now;
using (var session = this.DocumentStore.OpenSession())
{
session.Advanced.UseOptimisticConcurrency = true;
try
{
session.Store(user);
session.Store(new ReservationForUniqueFieldValue {
Id = "username/" + user.Username
});
session.Store(new ReservationForUniqueFieldValue {
Id = "email/" + user.Email
});
session.SaveChanges();
status = MembershipCreateStatus.Success;
return(new MembershipUser(_providerName, username, user.Id, email, null, null, true, false, user.DateCreated,
new DateTime(1900, 1, 1), new DateTime(1900, 1, 1), DateTime.Now, new DateTime(1900, 1, 1)));
}
catch (ConcurrencyException e)
{
status = InterpretConcurrencyException(user.Username, user.Email, e);
}
catch (Exception ex)
{
// TODO: log exception properly
Console.WriteLine(ex.ToString());
status = MembershipCreateStatus.ProviderError;
}
}
return(null);
}
public override string ResetPassword(string username, string answer)
{
using (var session = this.DocumentStore.OpenSession())
{
try
{
var q = from u in session.Query <User>()
where u.Username == username && u.ApplicationName == this.ApplicationName
select u;
var user = q.SingleOrDefault();
if (user == null)
{
throw new Exception("The user to reset the password for could not be found.");
}
var newPassword = Membership.GeneratePassword(8, 2);
user.PasswordSalt = PasswordUtil.CreateRandomSalt();
user.PasswordHash = PasswordUtil.HashPassword(newPassword, user.PasswordSalt);
session.SaveChanges();
return(newPassword);
}
catch (Exception ex)
{
// TODO: log exception properly
Console.WriteLine(ex.ToString());
throw;
}
}
}
public override MembershipUser CreateUser(string username, string password, string email,
string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey,
out MembershipCreateStatus status)
{
ValidatePasswordEventArgs args = new ValidatePasswordEventArgs(username, password, true);
OnValidatingPassword(args);
if (args.Cancel)
{
status = MembershipCreateStatus.InvalidPassword;
return(null);
}
//If we require a qeustion and answer for password reset/retrieval and they were not provided throw exception
if (((_enablePasswordReset || _enablePasswordRetrieval) && _requiresQuestionAndAnswer) && string.IsNullOrEmpty(passwordAnswer))
{
throw new ArgumentException("Requires question and answer is set to true and a question and answer were not provided.");
}
var user = new User();
user.Username = username;
user.PasswordSalt = PasswordUtil.CreateRandomSalt();
user.PasswordHash = EncodePassword(password, user.PasswordSalt);
user.Email = email;
user.ApplicationName = ApplicationName;
user.DateCreated = DateTime.Now;
user.PasswordQuestion = passwordQuestion;
user.PasswordAnswer = string.IsNullOrEmpty(passwordAnswer) ? passwordAnswer : EncodePassword(passwordAnswer, user.PasswordSalt);
user.IsApproved = isApproved;
user.IsLockedOut = false;
user.IsOnline = false;
using (var session = DocumentStore.OpenSession())
{
if (RequiresUniqueEmail)
{
var existingUser = session.Query <User>()
.Where(x => x.Email == email && x.ApplicationName == ApplicationName)
.FirstOrDefault();
if (existingUser != null)
{
status = MembershipCreateStatus.DuplicateEmail;
return(null);
}
}
session.Store(user);
session.SaveChanges();
status = MembershipCreateStatus.Success;
return(new MembershipUser(ProviderName, username, user.Id, email, passwordQuestion,
user.Comment, isApproved, false, user.DateCreated, new DateTime(1900, 1, 1),
new DateTime(1900, 1, 1), DateTime.Now, new DateTime(1900, 1, 1)));
}
}
public override bool CheckedChangePassword(string username, string oldPassword, string newPassword)
{
using (var session = this.DocumentStore.OpenSession())
{
var q = from u in session.Query <User>()
where u.Username == username && u.ApplicationName == this.ApplicationName
select u;
var user = q.SingleOrDefault();
if (user == null || user.PasswordHash != PasswordUtil.HashPassword(oldPassword, user.PasswordSalt))
{
throw new MembershipPasswordException("Invalid username or old password.");
}
user.PasswordSalt = PasswordUtil.CreateRandomSalt();
user.PasswordHash = PasswordUtil.HashPassword(newPassword, user.PasswordSalt);
session.SaveChanges();
}
return(true);
}
private User CreateUserFake()
{
return(new User()
{
Username = "******",
PasswordHash = "1234ABCD",
PasswordSalt = PasswordUtil.CreateRandomSalt(),
Email = "*****@*****.**",
PasswordQuestion = "A QUESTION",
PasswordAnswer = "A ANSWER",
IsOnline = true,
IsApproved = true,
Comment = "A FAKE USER",
ApplicationName = "TestApp",
DateCreated = DateTime.Now,
DateLastLogin = DateTime.Now,
FailedPasswordAttempts = 0,
FullName = "Wilby Jackson",
IsLockedOut = false
});
}
