protected override bool?VerifyUserImpl(string username, string password)
{
using (var ctx = LearnLanguagesContextManager.Instance.GetManager())
{
var results = from userData in ctx.ObjectContext.UserDatas
where userData.Username == username
select userData;
if (results.Count() == 1)
{
var user = results.First();
var authenticated = (SaltedHashedPassword.GetHashedPasswordValue(password, user.Salt) == user.SaltedHashedPasswordValue);
//RETURNS SUCCESS IF VALIDATION IS AUTHENTICATED OR NOT. DOES *NOT* THROW EXCEPTION
//IF CREDENTIALS ARE INVALID.
return(authenticated);
}
else
{
if (results.Count() == 0)
{
return(false); //FALSE BECAUSE USER NOT FOUND
}
else
{
//results.count is not one or zero. either it's negative, which would be framework absurd, or its more than one,
//which means that we have multiple users with the same username. this is very bad.
var errorMsg = string.Format(DalResources.ErrorMsgVeryBadException,
DalResources.ErrorMsgVeryBadExceptionDetail_ResultCountNotOneOrZero);
throw new Exceptions.VeryBadException(errorMsg);
}
}
}
}
//private string _TestValidPassword = "******";
//private string _TestSaltedHashedPassword = @"瞌訖ꎚ壿喐ຯ缟㕧";
//private int _TestSalt = -54623530;
//private string _TestInvalidUsername = "******";
//private string _TestInvalidPassword = "******";
/// <summary>
/// Returns Success(true) if verify user is valid, Success(false) if invalid. Throws exceptions if something bad happens.
/// </summary>
/// <param name="username"></param>
/// <param name="password"></param>
/// <returns></returns>
protected override bool?VerifyUserImpl(string username, string password)
{
bool?retResult = null;
var results = from u in SeedData.Ton.Users
where u.Username == username
select u;
if (results.Count() == 1)
{
//USERNAME FOUND. CHECK PASSWORD
var userDto = results.First();
SaltedHashedPassword saltedHashedPasswordObj =
new SaltedHashedPassword(password, userDto.Salt);
if (string.Compare(userDto.SaltedHashedPasswordValue,
saltedHashedPasswordObj.Value,
StringComparison.InvariantCulture) == 0)
{
//PASSWORDS MATCH
retResult = true;
}
else
{
//PASSWORDS DO *NOT* MATCH
retResult = false;
}
}
else if (results.Count() == 0)
{
//USERNAME NOT FOUND.
retResult = false;
}
else
{
//?? VERY BAD EXCEPTION. MULTIPLE USERS WITH THAT USERNAME FOUND?
throw new Exceptions.VeryBadException();
}
return(retResult);
}
