/// <summary>
/// Checks if the given nickname is already taken. If so, true is returned, otherwise false.
/// </summary>
/// <param name="sNickName">NickName to check</param>
/// <returns>true if nickname already exists in the database, false otherwise</returns>
public static bool CheckIfNickNameExists(string nickName)
{
UserEntity user = new UserEntity();
user.FetchUsingUCNickName(nickName);
return(!user.IsNew);
}
/// <summary>
/// Checks if the user with the given NickName exists in the database. This is necessary to check if a user which gets authenticated through
/// forms authentication is still available in the database.
/// </summary>
/// <param name="nickName">The nickname of the user to check if he/she exists in the database</param>
/// <returns>true if user exists, false otherwise.</returns>
public static bool DoesUserExist(string nickName)
{
UserEntity user = new UserEntity();
// fetch the user using the unique constraint functionality.
return(user.FetchUsingUCNickName(nickName));
}
/// <summary>
/// Authenticates the user with the given Nickname and the given Password.
/// </summary>
/// <param name="nickName">Nickname of the user</param>
/// <param name="password">Password of the user</param>
/// <returns>AuthenticateResult.AllOk if the user could be authenticated,
/// AuthenticateResult.WrongUsernamePassword if user couldn't be authenticated given the current credentials,
/// AuthenticateResult.IsBanned if the user is banned. </returns>
public static AuthenticateResult AuthenticateUser(string nickName, string password, out UserEntity user)
{
// fetch the Roles related to the user when fetching the user, using a prefetchPath object.
PrefetchPath prefetchPath = new PrefetchPath((int)EntityType.UserEntity);
prefetchPath.Add(UserEntity.PrefetchPathRoles);
// fetch the user data using the nickname which has a unique constraint
user = new UserEntity();
bool fetchResult = user.FetchUsingUCNickName(nickName, prefetchPath);
if (!fetchResult)
{
// not found. Simply return that the user has specified a wrong username/password combination.
return(AuthenticateResult.WrongUsernamePassword);
}
// user was found, check if the user can be authenticated and has specified the correct password.
if (user.IsBanned)
{
// user is banned. We'll report that to the caller
return(AuthenticateResult.IsBanned);
}
else
{
// check password and UserID. We disallow the user with id 0 to login as that's the anonymous coward ID for a user not logged in.
string md5HashedPassword = HnDGeneralUtils.CreateMD5HashedBase64String(password);
if ((md5HashedPassword == user.Password) && (user.UserID != Globals.UserIDToDenyLogin))
{
// correct username/password combination
return(AuthenticateResult.AllOk);
}
else
{
// something was wrong, report wrong authentication combination
return(AuthenticateResult.WrongUsernamePassword);
}
}
}
/// <summary>
/// Resets the user's Password by generating a new random password which is mailed to
/// the emailaddress specified. Will fail if the nickname doesn't exist or the emailaddress
/// doesn't match with the specified emailaddress of the nickname in the database.
/// </summary>
/// <param name="nickName">Nickname of user which password should be reset</param>
/// <param name="emailAddress">Emailaddress of user</param>
/// <param name="emailTemplate">The email template.</param>
/// <param name="emailData">The email data.</param>
/// <returns>true if succeed, false otherwise</returns>
/// <exception cref="NickNameNotFoundException">Throws NickNameNotFoundException when the nickname isn't found.</exception>
/// <exception cref="EmailAddressDoesntMatchException">Throws EmailAddressDoesntMatchException when the emailaddress of the nickname isn't matching
/// with the emailaddress specified.</exception>
public static bool ResetPassword(string nickName, string emailAddress, string emailTemplate, Dictionary <string, string> emailData)
{
UserEntity user = new UserEntity();
// fetch the user using the unique constraint fetch logic on nickname
bool fetchResult = user.FetchUsingUCNickName(nickName);
if (!fetchResult)
{
// not found
throw new NickNameNotFoundException("Nickname: '" + nickName + "' not found");
}
// check emailaddress
if (user.EmailAddress.ToLowerInvariant() != emailAddress.ToLowerInvariant())
{
// no match
throw new EmailAddressDoesntMatchException("Emailaddress '" + emailAddress + "' doesn't match.");
}
// does match, reset the password
string newPassword = HnDGeneralUtils.GenerateRandomPassword();
// hash the password with an MD5 hash and store that hashed value into the database.
user.Password = HnDGeneralUtils.CreateMD5HashedBase64String(newPassword);
// store it
bool result = user.Save();
if (result)
{
// mail it
result = HnDGeneralUtils.EmailPassword(newPassword, emailAddress, emailTemplate, emailData);
}
//done
return(result);
}
