C# (CSharp) DotNetNuke.Entities.Users.Membership MembershipPasswordSettings Examples

Example #1

File: MembershipPasswordController.cs Project: yog-it/Dnn.Platform

        /// <summary>
        /// returns the password history of the supplied user.
        /// </summary>
        /// <param name="portalId">portalid - futureproofing against any setting become site level.</param>
        /// <returns>list of PasswordHistory objects.</returns>
        public List <PasswordHistory> GetPasswordHistory(int userId, int portalId)
        {
            var settings = new MembershipPasswordSettings(portalId);
            List <PasswordHistory> history =
                CBO.FillCollection <PasswordHistory>(this._dataProvider.GetPasswordHistory(userId, settings.NumberOfPasswordsStored, settings.NumberOfDaysBeforePasswordReuse));

            return(history);
        }

Example #2

        /// <summary>
        /// checks to see if the password is in history and adds it if it is not
        /// </summary>
        /// <param name="portalId">portalid - futureproofing against any setting become site level</param>
        /// <param name="newPassword">users new password suggestion</param>
        /// <returns>true if password has not been used in users history, false otherwise</returns>
        public bool IsPasswordInHistory(int userId, int portalId, string newPassword)
        {
            Requires.NotNullOrEmpty("newPassword", newPassword);
            bool isPreviouslyUsed = true;
            var  settings         = new MembershipPasswordSettings(portalId);

            if (settings.EnablePasswordHistory)
            {
                if (IsPasswordPreviouslyUsed(userId, newPassword) == false)
                {
                    AddPasswordHistory(userId, newPassword, settings.NumberOfPasswordsStored);
                    isPreviouslyUsed = false;
                }
            }
            return(isPreviouslyUsed);
        }

Example #3

File: MembershipPasswordController.cs Project: yog-it/Dnn.Platform

        /// <summary>
        /// checks to see if the password is in history and adds it if it is not.
        /// </summary>
        /// <param name="portalId">portalid - futureproofing against any setting become site level.</param>
        /// <param name="newPassword">users new password suggestion.</param>
        /// <param name="autoAdd">If set true then add the password into history if its not used yet.</param>
        /// <returns>true if password has not been used in users history, false otherwise.</returns>
        public bool IsPasswordInHistory(int userId, int portalId, string newPassword, bool autoAdd)
        {
            Requires.NotNullOrEmpty("newPassword", newPassword);
            bool isPreviouslyUsed = false;
            var  settings         = new MembershipPasswordSettings(portalId);

            if (settings.EnablePasswordHistory)
            {
                if (!this.IsPasswordPreviouslyUsed(userId, newPassword))
                {
                    if (autoAdd)
                    {
                        this.AddPasswordHistory(userId, newPassword, settings.NumberOfPasswordsStored, settings.NumberOfDaysBeforePasswordReuse);
                    }
                }
                else
                {
                    isPreviouslyUsed = true;
                }
            }

            return(isPreviouslyUsed);
        }

Example #4

File: Password.ascx.cs Project: chutinhha/onlineexampro

        private void cmdUpdate_Click(Object sender, EventArgs e)
        {
            if (IsUserOrAdmin == false)
            {
                return;
            }
            //1. Check New Password and Confirm are the same
            if (txtNewPassword.Text != txtNewConfirm.Text)
            {
                OnPasswordUpdated(new PasswordUpdatedEventArgs(PasswordUpdateStatus.PasswordMismatch));
                return;
            }
			
			//2. Check New Password is Valid
            if (!UserController.ValidatePassword(txtNewPassword.Text))
            {
                OnPasswordUpdated(new PasswordUpdatedEventArgs(PasswordUpdateStatus.PasswordInvalid));
                return;
            }
			
			//3. Check old Password is Provided
            if (!IsAdmin && String.IsNullOrEmpty(txtOldPassword.Text))
            {
                OnPasswordUpdated(new PasswordUpdatedEventArgs(PasswordUpdateStatus.PasswordMissing));
                return;
            }
			
			//4. Check New Password is ddifferent
            if (!IsAdmin && txtNewPassword.Text == txtOldPassword.Text)
            {
                OnPasswordUpdated(new PasswordUpdatedEventArgs(PasswordUpdateStatus.PasswordNotDifferent));
                return;
            }
            //5. Check New Password is not same as username or banned
            var settings = new MembershipPasswordSettings(User.PortalID);

            if (settings.EnableBannedList)
            {
                var m = new MembershipPasswordController();
                if (m.FoundBannedPassword(txtNewPassword.Text) || User.Username == txtNewPassword.Text)
                {
                    OnPasswordUpdated(new PasswordUpdatedEventArgs(PasswordUpdateStatus.BannedPasswordUsed));
                    return;
                }

            }
            if (!IsAdmin && txtNewPassword.Text == txtOldPassword.Text)
            {
                OnPasswordUpdated(new PasswordUpdatedEventArgs(PasswordUpdateStatus.PasswordNotDifferent));
                return;
            }
            if (!IsAdmin)
            {
                try
                {
                    OnPasswordUpdated(UserController.ChangePassword(User, txtOldPassword.Text, txtNewPassword.Text)
                                          ? new PasswordUpdatedEventArgs(PasswordUpdateStatus.Success)
                                          : new PasswordUpdatedEventArgs(PasswordUpdateStatus.PasswordResetFailed));
                }
                catch (MembershipPasswordException exc)
                {
                    //Password Answer missing
                    Logger.Error(exc);

                    OnPasswordUpdated(new PasswordUpdatedEventArgs(PasswordUpdateStatus.InvalidPasswordAnswer));
                }
                catch (ThreadAbortException)
                {
                    //Do nothing we are not logging ThreadAbortxceptions caused by redirects    
                }
                catch (Exception exc)
                {
                    //Fail
                    Logger.Error(exc);

                    OnPasswordUpdated(new PasswordUpdatedEventArgs(PasswordUpdateStatus.PasswordResetFailed));
                }
            }
            else
            {
                try
                {
                    OnPasswordUpdated(UserController.ResetAndChangePassword(User, txtNewPassword.Text)
                                          ? new PasswordUpdatedEventArgs(PasswordUpdateStatus.Success)
                                          : new PasswordUpdatedEventArgs(PasswordUpdateStatus.PasswordResetFailed));
                }
                catch (MembershipPasswordException exc)
                {
                    //Password Answer missing
                    Logger.Error(exc);

                    OnPasswordUpdated(new PasswordUpdatedEventArgs(PasswordUpdateStatus.InvalidPasswordAnswer));
                }
                catch (ThreadAbortException)
                {
                    //Do nothing we are not logging ThreadAbortxceptions caused by redirects    
                }
                catch (Exception exc)
                {
                    //Fail
                    Logger.Error(exc);

                    OnPasswordUpdated(new PasswordUpdatedEventArgs(PasswordUpdateStatus.PasswordResetFailed));
                }
            }
           
        }

Example #5

File: MembershipPasswordController.cs Project: rut5949/Dnn.Platform

 /// <summary>
 /// checks to see if the password is in history and adds it if it is not
 /// </summary>
 /// <param name="portalId">portalid - futureproofing against any setting become site level</param>
 /// <param name="newPassword">users new password suggestion</param>
 /// <returns>true if password has not been used in users history, false otherwise</returns>
 public bool IsPasswordInHistory(int userId, int portalId, string newPassword)
 {
     Requires.NotNullOrEmpty("newPassword", newPassword);
     bool isPreviouslyUsed = false;
     var settings = new MembershipPasswordSettings(portalId);
     if (settings.EnablePasswordHistory)
     {
         if (IsPasswordPreviouslyUsed(userId, newPassword) == false)
         {
             AddPasswordHistory(userId, newPassword, settings.NumberOfPasswordsStored);
         }
         else
         {
             isPreviouslyUsed = true;
         }
     }
     return isPreviouslyUsed;
 }

Example #6

File: PasswordReset.ascx.cs Project: VegasoftTI/Dnn.Platform

        private void cmdChangePassword_Click(object sender, EventArgs e)
        {
            //1. Check New Password and Confirm are the same
            if (txtPassword.Text != txtConfirmPassword.Text)
            {
                resetMessages.Visible = true;
                var failed = Localization.GetString("PasswordMismatch");
                LogFailure(failed);
                lblHelp.Text = failed;
                return;
            }

            if (UserController.ValidatePassword(txtPassword.Text)==false)
            {
                resetMessages.Visible = true;
                var failed = Localization.GetString("PasswordResetFailed");
                LogFailure(failed);
                lblHelp.Text = failed;
                return;    
            }

            //Check New Password is not same as username or banned
            var settings = new MembershipPasswordSettings(User.PortalID);

            if (settings.EnableBannedList)
            {
                var m = new MembershipPasswordController();
                if (m.FoundBannedPassword(txtPassword.Text) || txtUsername.Text == txtPassword.Text)
                {
                    resetMessages.Visible = true;
                    var failed = Localization.GetString("PasswordResetFailed");
                    LogFailure(failed);
                    lblHelp.Text = failed;
                    return;  
                }

            }

            string username = txtUsername.Text;
            if (PortalController.GetPortalSettingAsBoolean("Registration_UseEmailAsUserName", PortalId, false))
            {
                var testUser = UserController.GetUserByEmail(PortalId, username); // one additonal call to db to see if an account with that email actually exists
                if (testUser != null)
                {
                    username = testUser.Username; //we need the username of the account in order to change the password in the next step
                }
            }

            if (UserController.ChangePasswordByToken(PortalSettings.PortalId, username, txtPassword.Text, ResetToken) == false)
            {
                resetMessages.Visible = true;
                var failed = Localization.GetString("PasswordResetFailed", LocalResourceFile);
                LogFailure(failed);
                lblHelp.Text = failed;
            }
            else
            {
                //Log user in to site
                LogSuccess();
                var loginStatus = UserLoginStatus.LOGIN_FAILURE;
                UserController.UserLogin(PortalSettings.PortalId, username, txtPassword.Text, "", "", "", ref loginStatus, false);
                RedirectAfterLogin();
            }           
        }

Example #7

File: PasswordReset.ascx.cs Project: hungnt-me/Dnn.Platform

        private void cmdChangePassword_Click(object sender, EventArgs e)
        {
            //1. Check New Password and Confirm are the same
            if (txtPassword.Text != txtConfirmPassword.Text)
            {
                resetMessages.Visible = true;
                var failed = Localization.GetString("PasswordMismatch");
                LogFailure(failed);
                lblHelp.Text = failed;
                return;
            }

            if (UserController.ValidatePassword(txtPassword.Text)==false)
            {
                resetMessages.Visible = true;
                var failed = Localization.GetString("PasswordResetFailed");
                LogFailure(failed);
                lblHelp.Text = failed;
                return;    
            }

            //Check New Password is not same as username or banned
            var settings = new MembershipPasswordSettings(User.PortalID);

            if (settings.EnableBannedList)
            {
                var m = new MembershipPasswordController();
                if (m.FoundBannedPassword(txtPassword.Text) || txtUsername.Text == txtPassword.Text)
                {
                    resetMessages.Visible = true;
                    var failed = Localization.GetString("PasswordResetFailed");
                    LogFailure(failed);
                    lblHelp.Text = failed;
                    return;  
                }

            }

            if (UserController.ChangePasswordByToken(PortalSettings.PortalId, txtUsername.Text, txtPassword.Text, ResetToken) == false)
            {
                resetMessages.Visible = true;
                var failed = Localization.GetString("PasswordResetFailed", LocalResourceFile);
                LogFailure(failed);
                lblHelp.Text = failed;
            }
            else
            {
                //Log user in to site
                LogSuccess();
                var loginStatus = UserLoginStatus.LOGIN_FAILURE;
                UserController.UserLogin(PortalSettings.PortalId, txtUsername.Text, txtPassword.Text, "", "", "", ref loginStatus, false);
                RedirectAfterLogin();
            }           
        }

Example #8

File: UserController.cs Project: uXchange/Dnn.Platform

        public static bool ResetPasswordToken(UserInfo user,bool sendEmail)
        {
            var settings = new MembershipPasswordSettings(user.PortalID);

            user.PasswordResetExpiration = DateTime.Now.AddMinutes(settings.ResetLinkValidity);
            user.PasswordResetToken = Guid.NewGuid();
            UpdateUser(user.PortalID, user);
            if (sendEmail)
            {
                var portalSettings = PortalController.GetCurrentPortalSettings();
                return  Mail.SendMail(user, MessageType.PasswordReminder, portalSettings) == string.Empty;
            }
            return true;
        }

Example #9

File: PasswordReset.ascx.cs Project: is9875/ISS-DNN

        private void cmdChangePassword_Click(object sender, EventArgs e)
        {
            string username = txtUsername.Text;

            if (MembershipProviderConfig.RequiresQuestionAndAnswer && String.IsNullOrEmpty(txtAnswer.Text))
            {
                var user = UserController.GetUserByName(username);
                if (user != null)
                {
                    lblQuestion.Text = user.Membership.PasswordQuestion;
                }
                divQA.Visible = true;
                return;
            }

            //1. Check New Password and Confirm are the same
            if (txtPassword.Text != txtConfirmPassword.Text)
            {
                resetMessages.Visible = true;
                var failed = Localization.GetString("PasswordMismatch");
                LogFailure(failed);
                lblHelp.Text = failed;
                return;
            }

            if (UserController.ValidatePassword(txtPassword.Text)==false)
            {
                resetMessages.Visible = true;
                var failed = Localization.GetString("PasswordResetFailed");
                LogFailure(failed);
                lblHelp.Text = failed;
                return;
            }

            //Check New Password is not same as username or banned
            var settings = new MembershipPasswordSettings(User.PortalID);

            if (settings.EnableBannedList)
            {
                var m = new MembershipPasswordController();
                if (m.FoundBannedPassword(txtPassword.Text) || txtUsername.Text == txtPassword.Text)
                {
                    resetMessages.Visible = true;
                    var failed = Localization.GetString("PasswordResetFailed");
                    LogFailure(failed);
                    lblHelp.Text = failed;
                    return;
                }
            }

            if (PortalController.GetPortalSettingAsBoolean("Registration_UseEmailAsUserName", PortalId, false))
            {
                var testUser = UserController.GetUserByEmail(PortalId, username); // one additonal call to db to see if an account with that email actually exists
                if (testUser != null)
                {
                    username = testUser.Username; //we need the username of the account in order to change the password in the next step
                }
            }
            string errorMessage;

            string answer = String.Empty;
            if (MembershipProviderConfig.RequiresQuestionAndAnswer)
            {
                answer = txtAnswer.Text;
            }

            if (UserController.ChangePasswordByToken(PortalSettings.PortalId, username, txtPassword.Text, answer, ResetToken, out errorMessage) == false)
            {
                resetMessages.Visible = true;
                var failed = errorMessage;
                LogFailure(failed);
                lblHelp.Text = failed;
            }
            else
            {
                //check user has a valid profile
                var user = UserController.GetUserByName(PortalSettings.PortalId, username);
                var validStatus = UserController.ValidateUser(user, PortalSettings.PortalId, false);
                if (validStatus == UserValidStatus.UPDATEPROFILE)
                {
                    LogSuccess();
                    ViewState.Add("PageNo", 3);
                    Response.Redirect(Globals.NavigateURL(PortalSettings.ActiveTab.TabID, "Login"));
                }
                else
                {
                    //Log user in to site
                    LogSuccess();
                    var loginStatus = UserLoginStatus.LOGIN_FAILURE;
                    UserController.UserLogin(PortalSettings.PortalId, username, txtPassword.Text, "", "", "", ref loginStatus, false);
                    RedirectAfterLogin();
                }
            }
        }

Example #10

File: AspNetMembershipProvider.cs Project: ryanmalone/BGDNNWEB

        /// -----------------------------------------------------------------------------
        /// <summary>
        /// ChangePassword attempts to change the users password
        /// </summary>
        /// <remarks>
        /// </remarks>
        /// <param name="user">The user to update.</param>
        /// <param name="oldPassword">The old password.</param>
        /// <param name="newPassword">The new password.</param>
        /// <returns>A Boolean indicating success or failure.</returns>
        /// -----------------------------------------------------------------------------
        public override bool ChangePassword(UserInfo user, string oldPassword, string newPassword)
        {
            MembershipUser aspnetUser = GetMembershipUser(user);
            var settings = new MembershipPasswordSettings(user.PortalID);

            if (settings.EnablePasswordHistory)
            {
                if (GetPasswordHistory(newPassword) == false)
                {
                    AddPasswordHistory(newPassword,settings.NumberOfPasswordsStored);
                }
                else
                {
                    throw new SecurityException("Cannot use that password");
                }
    
            }
            
            if (string.IsNullOrEmpty(oldPassword))
            {
                aspnetUser.UnlockUser();
                oldPassword = aspnetUser.GetPassword();
            }
            bool retValue = aspnetUser.ChangePassword(oldPassword, newPassword);
            if (retValue && PasswordRetrievalEnabled && !RequiresQuestionAndAnswer)
            {
                string confirmPassword = aspnetUser.GetPassword();
                if (confirmPassword == newPassword)
                {
                    user.Membership.Password = confirmPassword;
                }
                else
                {
                    retValue = false;
                }
            }
            return retValue;
        }

Example #11

File: DnnPaswordStrengthOptions.cs Project: hungnt-me/Dnn.Platform

        public void OnSerializing(StreamingContext context)
        {
            var settings = new MembershipPasswordSettings(PortalController.GetCurrentPortalSettings().PortalId);
            MinLength = settings.MinPasswordLength;
            CriteriaAtLeastNCharsText = string.Format(CriteriaAtLeastNCharsText, MinLength);

            MinNumberOfSpecialChars = settings.MinNonAlphanumericCharacters;
            CriteriaSpecialCharText = MinNumberOfSpecialChars > 0 ?
                string.Format(Utilities.GetLocalizedString("CriteriaAtLeastNSpecialChars"), MinNumberOfSpecialChars) :
                Utilities.GetLocalizedString("CriteriaSpecialChar");
        }

Example #12

File: Register.ascx.cs Project: davidsports/Dnn.Platform

        private bool Validate()
        {
            CreateStatus = UserCreateStatus.AddUser;
            var portalSecurity = new PortalSecurity();

            //Check User Editor
            bool _IsValid = userForm.IsValid;

            if (RegistrationFormType == 0)
            {
                //Update UserName
                if (UseEmailAsUserName)
                {
                    User.Username = User.Email;
                    if (String.IsNullOrEmpty(User.DisplayName))
                    {
                        User.DisplayName = User.Email.Substring(0, User.Email.IndexOf("@", StringComparison.Ordinal));
                    }
                }

                //Check Password is valid
                if (!RandomPassword)
                {
                    //Check Password is Valid
                    if (CreateStatus == UserCreateStatus.AddUser && !UserController.ValidatePassword(User.Membership.Password))
                    {
                        CreateStatus = UserCreateStatus.InvalidPassword;
                    }

                    if (RequirePasswordConfirm && String.IsNullOrEmpty(AuthenticationType))
                    {
                        if (User.Membership.Password != User.Membership.PasswordConfirm)
                        {
                            CreateStatus = UserCreateStatus.PasswordMismatch;
                        }
                    }
                }
                else
                {
                    //Generate a random password for the user
                    User.Membership.Password = UserController.GeneratePassword();
                    User.Membership.PasswordConfirm = User.Membership.Password;
                }

            }
            else
            {
                //Set Username to Email
                if (String.IsNullOrEmpty(User.Username))
                {
                    User.Username = User.Email;
                }

                //Set DisplayName
                if (String.IsNullOrEmpty(User.DisplayName))
                {
                    User.DisplayName = String.IsNullOrEmpty(User.FirstName + " " + User.LastName)
                                           ? User.Email.Substring(0, User.Email.IndexOf("@", StringComparison.Ordinal))
                                           : User.FirstName + " " + User.LastName;
                }
                
                //Random Password
                if (String.IsNullOrEmpty(User.Membership.Password))
                {
                    //Generate a random password for the user
                    User.Membership.Password = UserController.GeneratePassword();
                }

                //Password Confirm
                if (!String.IsNullOrEmpty(User.Membership.PasswordConfirm))
                {
                    if (User.Membership.Password != User.Membership.PasswordConfirm)
                    {
                        CreateStatus = UserCreateStatus.PasswordMismatch;
                    }
                }
            }

            //Validate banned password
            var settings = new MembershipPasswordSettings(User.PortalID);

            if (settings.EnableBannedList)
            {
                var m = new MembershipPasswordController();
                if (m.FoundBannedPassword(User.Membership.Password) || User.Username==User.Membership.Password)
                {
                    CreateStatus = UserCreateStatus.BannedPasswordUsed;
                }

            }
            //Validate Profanity
            if (UseProfanityFilter)
            {
                if (!portalSecurity.ValidateInput(User.Username, PortalSecurity.FilterFlag.NoProfanity))
                {
                    CreateStatus = UserCreateStatus.InvalidUserName;
                }
                if (!String.IsNullOrEmpty(User.DisplayName))
                {
                    if (!portalSecurity.ValidateInput(User.DisplayName, PortalSecurity.FilterFlag.NoProfanity))
                    {
                        CreateStatus = UserCreateStatus.InvalidDisplayName;
                    }
                }
            }

            //Validate Unique User Name
            UserInfo user = UserController.GetUserByName(PortalId, User.Username);
            if (user != null)
            {
                if(UseEmailAsUserName)
                {
                    CreateStatus = UserCreateStatus.DuplicateEmail;
                }
                else
                {
                CreateStatus = UserCreateStatus.DuplicateUserName;
                int i = 1;
                string userName = null;
                while (user != null)
                {
                    userName = User.Username + "0" + i.ToString(CultureInfo.InvariantCulture);
                    user = UserController.GetUserByName(PortalId, userName);
                    i++;
                }
                User.Username = userName;
                }
            }

            //Validate Unique Display Name
            if (CreateStatus == UserCreateStatus.AddUser && RequireUniqueDisplayName)
            {
                user = UserController.Instance.GetUserByDisplayname(PortalId, User.DisplayName);
                if (user != null)
                {
                    CreateStatus = UserCreateStatus.DuplicateDisplayName;
                    int i = 1;
                    string displayName = null;
                    while (user != null)
                    {
                        displayName = User.DisplayName + " 0" + i.ToString(CultureInfo.InvariantCulture);
                        user = UserController.Instance.GetUserByDisplayname(PortalId, displayName);
                        i++;
                    }
                    User.DisplayName = displayName;
                }
            }

            //Check Question/Answer
            if (CreateStatus == UserCreateStatus.AddUser && MembershipProviderConfig.RequiresQuestionAndAnswer)
            {
                if (string.IsNullOrEmpty(User.Membership.PasswordQuestion))
                {
                    //Invalid Question
                    CreateStatus = UserCreateStatus.InvalidQuestion;
                }
                if (CreateStatus == UserCreateStatus.AddUser)
                {
                    if (string.IsNullOrEmpty(User.Membership.PasswordAnswer))
                    {
                        //Invalid Question
                        CreateStatus = UserCreateStatus.InvalidAnswer;
                    }
                }
            }

            if (CreateStatus != UserCreateStatus.AddUser)
            {
                _IsValid = false;
            }
            return _IsValid;
        }