public bool CheckSecretQuestionAnswer(ILoginProcess process, ISecretQuestion question, string userAnswer)
{
var session = EntityHelper.GetSession(process);
var qa = process.Login.SecretQuestionAnswers.FirstOrDefault(a => a.Question == question);
session.Context.ThrowIfNull(qa, ClientFaultCodes.InvalidValue, "question",
"The question is not registered as user question. Question: {0}", question.Question);
var match = CheckUserAnswer(qa, userAnswer);
if (!match)
{
process.FailCount++;
session.SaveChanges();
OnLoginEvent(session.Context, LoginEventType.QuestionAnswersFailed, process.Login, "Secret questions check failed.");
return(false);
}
// Add question number to list of answered questions in process record.
// If all questions are answered, clear Pending step CheckQuestionAnswers
var strAllAnswered = process.AnsweredQuestions ?? string.Empty;
var answeredNumbers = strAllAnswered.Split(',').Select(sn => sn.Trim()).ToList();
var newAnsNum = qa.Number.ToString();
if (!answeredNumbers.Contains(newAnsNum))
{
answeredNumbers.Add(newAnsNum);
process.AnsweredQuestions = string.Join(",", answeredNumbers);
if (answeredNumbers.Count == process.Login.SecretQuestionAnswers.Count)
{
//Set questions as answers
process.PendingFactors &= ~ExtraFactorTypes.SecretQuestions;
}
session.SaveChanges();
}
return(true);
}
public static SecretQuestion ToModel(this ISecretQuestion question)
{
return(new SecretQuestion()
{
Id = question.Id, Question = question.Question
});
}
public static ISecretQuestionAnswer AddSecretQuestionAnswer(this ILogin login, int number, ISecretQuestion question, int answerHash)
{
Util.Check(login != null, "Login may not be null");
Util.Check(question != null, "SecretQuestion may not be null");
var session = EntityHelper.GetSession(login);
var qa = session.NewEntity<ISecretQuestionAnswer>();
qa.Login = login;
qa.Number = number;
qa.Question = question;
qa.AnswerHash = answerHash;
return qa;
}
public ISecretQuestionAnswer AddSecretQuestionAnswer(ILogin login, int number, ISecretQuestion question, string answer)
{
var hash = GetWeakSecretAnswerHash(answer, login.Id);
return login.AddSecretQuestionAnswer(number, question, hash);
}
public bool CheckSecretQuestionAnswer(ILoginProcess process, ISecretQuestion question, string userAnswer)
{
var session = EntityHelper.GetSession(process);
var qa = process.Login.SecretQuestionAnswers.FirstOrDefault(a => a.Question == question);
session.Context.ThrowIfNull(qa, ClientFaultCodes.InvalidValue, "question",
"The question is not registered as user question. Question: {0}", question.Question);
var match = CheckUserAnswer(qa, userAnswer);
if(!match) {
process.FailCount++;
session.SaveChanges();
OnLoginEvent(session.Context, LoginEventType.QuestionAnswersFailed, process.Login, "Secret questions check failed.");
var msg = StringHelper.SafeFormat("Invalid answer to secret question '{0}'; user {1}.", question.Question, process.Login.UserName);
LogIncident(session.Context, LoginIncidentType, "InvalidQuestionAnswer", msg, process.Login, process.Login.UserName);
return false;
}
// Add question number to list of answered questions in process record.
// If all questions are answered, clear Pending step CheckQuestionAnswers
var strAllAnswered = process.AnsweredQuestions ?? string.Empty;
var answeredNumbers = strAllAnswered.Split(',').Select(sn => sn.Trim()).ToList();
var newAnsNum = qa.Number.ToString();
if(!answeredNumbers.Contains(newAnsNum)) {
answeredNumbers.Add(newAnsNum);
process.AnsweredQuestions = string.Join(",", answeredNumbers);
if(answeredNumbers.Count == process.Login.SecretQuestionAnswers.Count) {
//Set questions as answers
process.PendingFactors &= ~ExtraFactorTypes.SecretQuestions;
}
session.SaveChanges();
}
return true;
}
public static ISecretQuestionAnswer AddSecretQuestionAnswer(this ILogin login, int number, ISecretQuestion question, int answerHash)
{
Util.Check(login != null, "Login may not be null");
Util.Check(question != null, "SecretQuestion may not be null");
var session = EntityHelper.GetSession(login);
var qa = session.NewEntity <ISecretQuestionAnswer>();
qa.Login = login;
qa.Number = number;
qa.Question = question;
qa.AnswerHash = answerHash;
return(qa);
}
public ISecretQuestionAnswer AddSecretQuestionAnswer(ILogin login, int number, ISecretQuestion question, string answer)
{
var hash = GetWeakSecretAnswerHash(answer, login.Id);
return(login.AddSecretQuestionAnswer(number, question, hash));
}
