public ActionResult Create(User user)
{
if (ModelState.IsValid) {
userRepository.Insert(user);
userRepository.Save();
return RedirectToAction("Index");
} else {
return View();
}
}
public void Register(string username, string password, string email)
{
/*
registration means:
1) check for existing username/emails in repository
2) create entry in repository in disabled state
3) send message to new user's email with registration code
*/
// 1) check for existing user
var existingUsers =
from x in _userRepository.All
where x.ID == username || x.Email == email
select x;
if (existingUsers.Count() > 0)
{
throw new ValidationException("Username and/or Email already registered");
}
// 2) create new user
var pwd = Hash(password);
User user = new User()
{
ID = username,
PasswordHash = pwd.HashedPassword,
PasswordSalt = pwd.Salt,
Password = pwd.Password,
Email = email,
CreateDate = DateTime.Now,
CanLogin = true,
FailedPasswordCount = 0,
LastFailedLogin = null,
IsRoleRegisteredUser = true
};
if (user.ID == "admin") user.IsRoleAdmin = true;
// persist it all
_userRepository.Insert(user);
_userRepository.Save();
}
bool Authenticate(User user, string password)
{
if (user == null) return false;
// user flagged as not allowed in
if (user.CanLogin == false) return false;
// user surpassed the failed number of guesses
// and their lockout period hasn't expired
if (user.FailedPasswordCount >= MaxFailedPasswordAttempts)
{
DateTime lastFailedLogin = user.LastFailedLogin.Value;
if (!(user.LastFailedLogin.Value.AddMinutes(FailedPasswordLockoutPeriod) < DateTime.UtcNow))
{
return false;
}
}
// does password line up with data from DB
var correctPassword = IsPasswordCorrect(password, user.PasswordSalt, user.PasswordHash);
if (correctPassword)
{
// reset their failed password count
if (user.FailedPasswordCount > 0)
{
user.FailedPasswordCount = 0;
}
user.LastSuccessfulLogin = DateTime.UtcNow;
}
else
{
// bump the fail count
user.FailedPasswordCount++;
user.LastFailedLogin = DateTime.UtcNow;
}
_userRepository.Save();
return correctPassword;
}