protected void Page_Init(object sender, EventArgs e)
        {
            _UserId = AlwaysConvert.ToInt(Request.QueryString["Key"]);
            _User   = UserDataSource.Load(_UserId);
            if ((_User == null) || (!_User.IsApproved))
            {
                Response.Redirect(AbleCommerce.Code.NavigationHelper.GetHomeUrl());
            }
            string tempPassword = AlwaysConvert.ToString(Request.QueryString["Check"]);

            if (string.IsNullOrEmpty(tempPassword) || (_User.Comment != tempPassword))
            {
                Response.Redirect(AbleCommerce.Code.NavigationHelper.GetHomeUrl());
            }
            if (!Page.IsPostBack)
            {
                UserName.Text = _User.UserName;
                // PASSWORD POLICY
                PasswordPolicy policy;
                if (_User.IsAdmin)
                {
                    policy = new MerchantPasswordPolicy();
                }
                else
                {
                    policy = new CustomerPasswordPolicy();
                }
                PasswordPolicyLength.Text          = string.Format(PasswordPolicyLength.Text, policy.MinLength);
                PasswordPolicyHistoryCount.Visible = (policy.HistoryCount > 0);
                if (PasswordPolicyHistoryCount.Visible)
                {
                    PasswordPolicyHistoryCount.Text = string.Format(PasswordPolicyHistoryCount.Text, policy.HistoryCount);
                }
                PasswordPolicyHistoryDays.Visible = (policy.HistoryDays > 0);
                if (PasswordPolicyHistoryDays.Visible)
                {
                    PasswordPolicyHistoryDays.Text = string.Format(PasswordPolicyHistoryDays.Text, policy.HistoryDays);
                }
                List <string> requirements = new List <string>();
                if (policy.RequireUpper)
                {
                    requirements.Add("uppercase letter");
                }
                if (policy.RequireLower)
                {
                    requirements.Add("lowercase letter");
                }
                if (policy.RequireNumber)
                {
                    requirements.Add("number");
                }
                if (policy.RequireSymbol)
                {
                    requirements.Add("symbol");
                }
                if (!policy.RequireNumber && !policy.RequireSymbol && policy.RequireNonAlpha)
                {
                    requirements.Add("non-letter");
                }
                PasswordPolicyRequired.Visible = (requirements.Count > 0);
                if (PasswordPolicyRequired.Visible)
                {
                    if (requirements.Count > 1)
                    {
                        requirements[requirements.Count - 1] = "and " + requirements[requirements.Count - 1];
                    }
                    PasswordPolicyRequired.Text = string.Format(PasswordPolicyRequired.Text, string.Join(", ", requirements.ToArray()));
                }
            }
        }
Exemple #2
0
        protected void LoginButton_Click(object sender, EventArgs e)
        {
            _LastPasswordValue = Password.Text;
            User loginUser = UserDataSource.LoadForUserName(UserName.Text);

            if (loginUser != null)
            {
                bool stillNeedsCaptcha = false;
                if ((loginUser.IsAdmin) && (!trCaptchaField.Visible))
                {
                    stillNeedsCaptcha = (new MerchantPasswordPolicy()).ImageCaptcha;
                }
                if (!stillNeedsCaptcha)
                {
                    //EITHER THIS IS NOT AN ADMIN USER, OR THE CAPTCHA IS ALREADY VISIBLE
                    if ((!trCaptchaField.Visible) || (CaptchaImage.Authenticate(CaptchaInput.Text)))
                    {
                        //CAPTCHA IS HIDDEN OR VALIDATED, PROCEED WITH LOGIN ATTEMPT
                        if (Membership.ValidateUser(UserName.Text, Password.Text))
                        {
                            //LOGIN SUCCEEDED, MIGRATE USER IF NEEDED
                            int newUserId = loginUser.Id;
                            int oldUserId = AbleContext.Current.UserId;
                            if ((oldUserId != newUserId) && (newUserId != 0))
                            {
                                User.Migrate(AbleContext.Current.User, UserDataSource.Load(newUserId));
                                AbleContext.Current.UserId = newUserId;
                            }
                            //HANDLE LOGIN PROCESSING
                            if (trRememberMe.Visible && RememberUserName.Checked)
                            {
                                HttpCookie cookie = new HttpCookie("UserName", UserName.Text);
                                cookie.Expires = DateTime.MaxValue;
                                Response.Cookies.Add(cookie);
                            }
                            else
                            {
                                Response.Cookies.Add(new HttpCookie("UserName", ""));
                            }
                            //CHECK FOR EXPIRED PASSWORDS
                            PasswordPolicy policy;
                            if (loginUser.IsAdmin)
                            {
                                policy = new MerchantPasswordPolicy();
                            }
                            else
                            {
                                policy = new CustomerPasswordPolicy();
                            }
                            if (policy.IsPasswordExpired(loginUser))
                            {
                                ShowPasswordExpired(policy, loginUser);
                            }
                            else
                            {
                                switch (AbleContext.Current.Store.Settings.RestrictStoreAccess)
                                {
                                case AccessRestrictionType.AuthorizedGroupsOnly:
                                    if (!loginUser.IsAdmin && !loginUser.IsAuthorizedUser)
                                    {
                                        // STORE ACCESS IS RESTRICTED TO AUTHORIZED USERS ONLY
                                        LoginPanel.Visible                  = false;
                                        PasswordExpiredPanel.Visible        = false;
                                        StoreFrontAccessDeniedPanel.Visible = true;
                                    }
                                    else
                                    {
                                        FormsAuthentication.RedirectFromLoginPage(UserName.Text, false);
                                    }
                                    break;

                                case AccessRestrictionType.RegisteredUsersOnly:
                                case AccessRestrictionType.None:
                                    //REDIRECT TO THE STANDARD PAGE
                                    FormsAuthentication.RedirectFromLoginPage(UserName.Text, false);
                                    break;
                                }
                            }
                        }
                        else
                        {
                            if (loginUser != null)
                            {
                                if (!loginUser.IsApproved)
                                {
                                    AccountDisabled.IsValid = false;
                                }
                                else
                                {
                                    PasswordPolicy policy;
                                    if (loginUser.IsAdmin)
                                    {
                                        policy = new MerchantPasswordPolicy();
                                    }
                                    else
                                    {
                                        policy = new CustomerPasswordPolicy();
                                    }
                                    int remainingTries = policy.MaxAttempts - loginUser.FailedPasswordAttemptCount;
                                    if (!loginUser.IsLockedOut && remainingTries > 0)
                                    {
                                        InvalidLogin.ErrorMessage += " You have {0} tries remaining.";
                                        InvalidLogin.ErrorMessage  = String.Format(InvalidLogin.ErrorMessage, remainingTries);
                                        InvalidLogin.IsValid       = false;
                                    }
                                    else
                                    {
                                        AccountLocked.ErrorMessage = String.Format(AccountLocked.ErrorMessage, policy.LockoutPeriod);
                                        AccountLocked.IsValid      = false;
                                    }
                                }
                            }
                            else
                            {
                                InvalidLogin.IsValid = false;
                            }
                        }
                    }
                    else
                    {
                        //CAPTCHA IS VISIBLE AND DID NOT AUTHENTICATE
                        CustomValidator invalidInput = new CustomValidator();
                        invalidInput.ValidationGroup = "Login";
                        invalidInput.Text            = "*";
                        invalidInput.ErrorMessage    = "You did not input the verification number correctly.";
                        invalidInput.IsValid         = false;
                        phCaptchaValidators.Controls.Add(invalidInput);
                        CaptchaInput.Text = "";
                        Password.Attributes.Add("value", string.Empty);
                        RefreshCaptcha();
                    }
                }
                else
                {
                    //THIS IS AN ADMIN USER AND CAPTCHA IS NOT DISPLAYED YET
                    trCaptchaField.Visible     = true;
                    trCaptchaImage.Visible     = true;
                    trRememberMe.Visible       = _EnableAdminRememberMe;
                    CaptchaImage.ChallengeText = StringHelper.RandomNumber(6);
                    CustomValidator needsCaptcha = new CustomValidator();
                    needsCaptcha.ValidationGroup = "Login";
                    needsCaptcha.Text            = "*";
                    needsCaptcha.ErrorMessage    = "Please type the verification number to log in.";
                    needsCaptcha.IsValid         = false;
                    phCaptchaValidators.Controls.Add(needsCaptcha);
                    Password.Attributes.Add("value", Password.Text);
                }
            }
            else
            {
                //THIS IS AN INVALID USER NAME
                InvalidLogin.IsValid = false;
            }
        }
Exemple #3
0
        /// <summary>
        /// Removes inactive users that have passed their lifespan for the current store
        /// </summary>
        private static void MaintainUsers()
        {
            Store    store = Token.Instance.Store;
            DateTime expireDate;
            StoreSettingCollection settings = store.Settings;
            Database   database             = Token.Instance.Database;
            string     sql;
            List <int> idList;

            if (settings.AnonymousUserLifespan > 0)
            {
                expireDate = DateTime.UtcNow.AddDays(-1 * settings.AnonymousUserLifespan);

                //GET USER IDS FOR ANONYMOUS USERS WITHOUT AFFILIATE ASSOCIATION
                sql = "SELECT UserId FROM ac_Users WHERE StoreId = @storeId AND IsAnonymous = 1 AND AffiliateId IS NULL AND (LastActivityDate IS NULL OR LastActivityDate < @expireDate)";
                DbCommand dbCommand = database.GetSqlStringCommand(sql);
                database.AddInParameter(dbCommand, "@storeId", System.Data.DbType.Int32, store.StoreId);
                database.AddInParameter(dbCommand, "@expireDate", System.Data.DbType.DateTime, expireDate);
                idList = GetIdList(dbCommand);

                //DELETE THE USERS FOUND
                DeleteUsers(idList);

                int expiredCount = idList.Count;

                //LOG RESULTS
                if (expiredCount > 0)
                {
                    Logger.Info("User maintenance cleared " + expiredCount.ToString() + " expired anonymous users, last active before " + expireDate.ToString());
                }
            }

            if (settings.AnonymousAffiliateUserLifespan > 0)
            {
                expireDate = DateTime.UtcNow.AddDays(-1 * settings.AnonymousAffiliateUserLifespan);

                //GET USER IDS FOR ANONYMOUS USERS WITH AFFILIATE ASSOCIATION
                sql = "SELECT UserId FROM ac_Users WHERE StoreId = @storeId AND IsAnonymous = 1 AND AffiliateId IS NOT NULL AND (LastActivityDate IS NULL OR LastActivityDate < @expireDate)";
                DbCommand dbCommand = database.GetSqlStringCommand(sql);
                database.AddInParameter(dbCommand, "@storeId", System.Data.DbType.Int32, store.StoreId);
                database.AddInParameter(dbCommand, "@expireDate", System.Data.DbType.DateTime, expireDate);
                idList = GetIdList(dbCommand);

                //DELETE THE USERS FOUND
                DeleteUsers(idList);

                int expiredCount = idList.Count;

                //LOG RESULTS
                if (expiredCount > 0)
                {
                    Logger.Info("User maintenance cleared " + expiredCount.ToString() + " expired affiliate anonymous users, last active before " + expireDate.ToString());
                }
            }

            MerchantPasswordPolicy policy = new MerchantPasswordPolicy();

            if (policy.InactivePeriod > 0)
            {
                //LOOK FOR INACTIVE USERS IN NON-CONSUMER GROUPS (I.E. HAVE ROLES ASSIGNED)
                sql = "SELECT UserId FROM ac_Users WHERE LastActivityDate < @expireDate AND IsApproved = 1 AND UserId IN (SELECT DISTINCT U.UserId FROM (ac_Users U INNER JOIN ac_UserGroups UG ON U.UserId = UG.UserId) INNER JOIN ac_GroupRoles GR ON UG.GroupId = GR.GroupId WHERE U.StoreId = @storeId)";
                DbCommand selCommand = database.GetSqlStringCommand(sql);
                database.AddInParameter(selCommand, "@storeId", System.Data.DbType.Int32, store.StoreId);
                database.AddInParameter(selCommand, "@expireDate", System.Data.DbType.DateTime, DateTime.UtcNow.AddMonths(-1 * policy.InactivePeriod));
                idList = GetIdList(selCommand);

                int       expiredCount = 0;
                DbCommand updCommand;
                foreach (int id in idList)
                {
                    sql        = "UPDATE ac_Users SET IsApproved = 0 WHERE UserId = @userId";
                    updCommand = database.GetSqlStringCommand(sql);
                    database.AddInParameter(updCommand, "@userId", System.Data.DbType.Int32, id);
                    expiredCount += database.ExecuteNonQuery(updCommand);
                }

                if (expiredCount > 0)
                {
                    Logger.Info("User maintenance disabled " + expiredCount.ToString() + " expired merchant accounts.");
                }
            }
        }
Exemple #4
0
        protected void ChangePasswordButton_Click(object sender, EventArgs e)
        {
            if (Page.IsValid)
            {
                //VERIFY THE GIVEN USERNAME IS VALID
                User user = UserDataSource.LoadForUserName(UserName.Text);
                if ((user != null) && !string.IsNullOrEmpty(UserName.Text) && !string.IsNullOrEmpty(_LastPasswordValue))
                {
                    //VERIFY CURRENT PASSWORD IS CORRECT
                    if (Membership.ValidateUser(UserName.Text, _LastPasswordValue))
                    {
                        //VERIFY THE NEW PASSWORD MEETS POLICY
                        PasswordPolicy policy;
                        if (user.IsAdmin)
                        {
                            policy = new MerchantPasswordPolicy();
                        }
                        else
                        {
                            policy = new CustomerPasswordPolicy();
                        }
                        PasswordTestResult result = policy.TestPasswordWithFeedback(user, NewPassword.Text);
                        if ((result & PasswordTestResult.Success) == PasswordTestResult.Success && !NewPassword.Text.Equals(_LastPasswordValue))
                        {
                            user.SetPassword(NewPassword.Text);
                            //LOGIN SUCCEEDED, REDIRECT
                            FormsAuthentication.RedirectFromLoginPage(UserName.Text, false);
                        }
                        else
                        {
                            //REDISPLAY THE PASSWORD REQUIREMENST
                            ShowPasswordExpired(policy, user);

                            //"Your new password did not meet the following minimum requirements:<br/>";
                            if ((result & PasswordTestResult.PasswordTooShort) == PasswordTestResult.PasswordTooShort)
                            {
                                AddPasswordExpiredValidator(string.Format(PasswordPolicyLength.Text, policy.MinLength));
                            }
                            if ((result & PasswordTestResult.RequireLower) == PasswordTestResult.RequireLower)
                            {
                                AddPasswordExpiredValidator("New password must contain at least one lowercase letter.<br/>");
                            }
                            if ((result & PasswordTestResult.RequireUpper) == PasswordTestResult.RequireUpper)
                            {
                                AddPasswordExpiredValidator("New password must contain at least one uppercase letter.<br/> ");
                            }
                            if ((result & PasswordTestResult.RequireNonAlpha) == PasswordTestResult.RequireNonAlpha)
                            {
                                AddPasswordExpiredValidator("New password must contain at least one non-letter.<br/> ");
                            }
                            if ((result & PasswordTestResult.RequireNumber) == PasswordTestResult.RequireNumber)
                            {
                                AddPasswordExpiredValidator("New password must contain at least one number.<br/> ");
                            }
                            if ((result & PasswordTestResult.RequireSymbol) == PasswordTestResult.RequireSymbol)
                            {
                                AddPasswordExpiredValidator("New password must contain at least one symbol.<br/> ");
                            }

                            if ((result & PasswordTestResult.PasswordHistoryLimitation) == PasswordTestResult.PasswordHistoryLimitation)
                            {
                                AddPasswordExpiredValidator("You have recently used this password.<br/>");
                            }
                            if (NewPassword.Text.Equals(_LastPasswordValue))
                            {
                                AddPasswordExpiredValidator("You new password must be different from your current password.<br/>");
                            }
                        }
                    }
                }
            }
        }
        protected void LoginButton_Click(object sender, EventArgs e)
        {
            _LastPasswordValue = Password.Text;
            User loginUser = UserDataSource.LoadForUserName(UserName.Text);

            if (loginUser != null)
            {
                bool stillNeedsCaptcha = false;
                if ((loginUser.IsAdmin) && (!trCaptchaField.Visible))
                {
                    stillNeedsCaptcha = (new MerchantPasswordPolicy()).ImageCaptcha;
                }

                if (!stillNeedsCaptcha)
                {
                    // IF CAPTCHA IS REQUIRED CHECK IF THE ENTRY IS VALID
                    if ((!trCaptchaField.Visible) || (CaptchaImage.Authenticate(CaptchaInput.Text)))
                    {
                        // CAPTCHA IS HIDDEN OR VALIDATED, PROCEED WITH LOGIN ATTEMPT
                        if (Membership.ValidateUser(UserName.Text, Password.Text))
                        {
                            //LOGIN SUCCEEDED, MIGRATE USER IF NEEDED
                            int newUserId = loginUser.Id;
                            int oldUserId = AbleContext.Current.UserId;
                            if ((oldUserId != newUserId) && (newUserId != 0))
                            {
                                CommerceBuilder.Users.User.Migrate(AbleContext.Current.User, UserDataSource.Load(newUserId));
                                AbleContext.Current.UserId = newUserId;
                            }
                            //HANDLE LOGIN PROCESSING
                            if (RememberUserName.Checked)
                            {
                                HttpCookie cookie = new HttpCookie("UserName", UserName.Text);
                                cookie.Expires = DateTime.MaxValue;
                                Response.Cookies.Add(cookie);
                            }
                            else
                            {
                                Response.Cookies.Add(new HttpCookie("UserName", ""));
                            }
                            //CHECK FOR EXPIRED PASSWORDS
                            PasswordPolicy policy;
                            if (loginUser.IsAdmin)
                            {
                                policy = new MerchantPasswordPolicy();
                            }
                            else
                            {
                                policy = new CustomerPasswordPolicy();
                            }
                            if (policy.IsPasswordExpired(loginUser))
                            {
                                ShowPasswordExpired(policy, loginUser);
                            }
                            else
                            {
                                //REDIRECT TO THE STANDARD PAGE
                                FormsAuthentication.SetAuthCookie(UserName.Text, false);
                                Response.Redirect("EditBillAddress.aspx");
                            }
                        }
                        else
                        {
                            if (loginUser != null)
                            {
                                if (!loginUser.IsApproved)
                                {
                                    AccountDisabled.IsValid = false;
                                }
                                else
                                {
                                    PasswordPolicy policy;
                                    if (loginUser.IsAdmin)
                                    {
                                        policy = new MerchantPasswordPolicy();
                                    }
                                    else
                                    {
                                        policy = new CustomerPasswordPolicy();
                                    }
                                    int remainingTries = policy.MaxAttempts - loginUser.FailedPasswordAttemptCount;
                                    if (!loginUser.IsLockedOut && remainingTries > 0)
                                    {
                                        InvalidLogin.ErrorMessage += " You have {0} tries remaining.";
                                        InvalidLogin.ErrorMessage  = String.Format(InvalidLogin.ErrorMessage, remainingTries);
                                        InvalidLogin.IsValid       = false;
                                    }
                                    else
                                    {
                                        AccountLocked.ErrorMessage = String.Format(AccountLocked.ErrorMessage, policy.LockoutPeriod);
                                        AccountLocked.IsValid      = false;
                                    }
                                }
                            }
                            else
                            {
                                InvalidLogin.IsValid = false;
                            }
                        }
                    }
                    else
                    {
                        // CAPTCHA IS VISIBLE AND DID NOT AUTHENTICATE
                        trCaptchaImage.Visible = true;
                        trCaptchaField.Visible = true;
                        CustomValidator invalidInput = new CustomValidator();
                        invalidInput.ID = Guid.NewGuid().ToString();
                        invalidInput.ValidationGroup = "Login";
                        invalidInput.Text            = "*";
                        invalidInput.ErrorMessage    = "You did not input the verification number correctly.";
                        invalidInput.IsValid         = false;
                        phCaptchaValidators.Controls.Add(invalidInput);
                        CaptchaInput.Text = "";
                        Password.Attributes.Add("value", string.Empty);
                        RefreshCaptcha();
                    }
                }
                else
                {
                    // CAPTCHA IS REQUIRED BUT IT IS NOT DISPLAYED YET
                    trCaptchaField.Visible     = true;
                    trCaptchaImage.Visible     = true;
                    CaptchaImage.ChallengeText = StringHelper.RandomNumber(6);
                    CustomValidator needsCaptcha = new CustomValidator();
                    needsCaptcha.ID = "CaptchaRequiredValidator";
                    needsCaptcha.ValidationGroup = "Login";
                    needsCaptcha.Text            = "*";
                    needsCaptcha.ErrorMessage    = "Please type the verification number to log in.";
                    needsCaptcha.IsValid         = false;
                    phCaptchaValidators.Controls.Add(needsCaptcha);
                    Password.Attributes.Add("value", Password.Text);
                }
            }
            else
            {
                //THIS IS AN INVALID USER NAME
                InvalidLogin.IsValid = false;
            }
        }
        protected void Page_Load(object sender, EventArgs e)
        {
            _UserId = AlwaysConvert.ToInt(Request.QueryString["UserId"]);
            _User   = UserDataSource.Load(_UserId);

            if (!Page.IsPostBack)
            {
                // INITIALIZE LEFT COLUMN WITH ADJUSTABLE ACCOUNT SETTINGS
                UserName.Text      = _User.UserName;
                Email.Text         = _User.Email;
                IsDisabled.Enabled = (_User.Id != AbleContext.Current.UserId);
                IsDisabled.Checked = !_User.IsApproved;
                ListItem selectedItem = TaxExemptionType.Items.FindByValue(((int)_User.TaxExemptionType).ToString());
                if (selectedItem != null)
                {
                    TaxExemptionType.SelectedIndex = TaxExemptionType.Items.IndexOf(selectedItem);
                }
                TaxExemptionReference.Text = _User.TaxExemptionReference;
            }

            InitializeChangeGroupsJS();

            // INITIALIZE RIGHT COLUMN OF PASSWORD DETAILS
            RegisteredSinceDate.Text = _User.CreateDate.ToString("g");
            if (_User.LastActivityDate.HasValue && _User.LastActivityDate > System.DateTime.MinValue)
            {
                LastActiveDate.Text = _User.LastActivityDate.Value.ToString("g");
            }
            FailedLoginCount.Text = _User.FailedPasswordAttemptCount.ToString();
            if (_User.LastLockoutDate.HasValue && _User.LastLockoutDate > System.DateTime.MinValue)
            {
                LastLockoutDate.Text = _User.LastLockoutDate.Value.ToString("g");
            }
            if (_User.Passwords.Count > 0)
            {
                TimeSpan ts = LocaleHelper.LocalNow - _User.Passwords[0].CreateDate;
                string   timeSpanPhrase;
                if (ts.Days > 0)
                {
                    timeSpanPhrase = ts.Days.ToString() + " days";
                }
                else if (ts.Hours > 0)
                {
                    timeSpanPhrase = ts.Hours.ToString() + " hours";
                }
                else
                {
                    timeSpanPhrase = ts.Minutes.ToString() + " minutes";
                }
                PasswordLastChangedText.Text = string.Format(PasswordLastChangedText.Text, timeSpanPhrase);
            }
            else
            {
                PasswordLastChangedText.Visible = false;
            }

            // DISPLAY POLICY ON CHANGE PASSWORD FORM
            PasswordPolicy policy;

            if (_User.IsAdmin)
            {
                policy = new MerchantPasswordPolicy();
            }
            else
            {
                policy = new CustomerPasswordPolicy();
            }
            PasswordPolicyLength.Text = string.Format(PasswordPolicyLength.Text, policy.MinLength);
            List <string> requirements = new List <string>();

            if (policy.RequireUpper)
            {
                requirements.Add("uppercase letter");
            }
            if (policy.RequireLower)
            {
                requirements.Add("lowercase letter");
            }
            if (policy.RequireNumber)
            {
                requirements.Add("number");
            }
            if (policy.RequireSymbol)
            {
                requirements.Add("symbol");
            }
            if (!policy.RequireNumber && !policy.RequireSymbol && policy.RequireNonAlpha)
            {
                requirements.Add("non-letter");
            }
            PasswordPolicyRequired.Visible = (requirements.Count > 0);
            if (PasswordPolicyRequired.Visible)
            {
                if (requirements.Count > 1)
                {
                    requirements[requirements.Count - 1] = "and " + requirements[requirements.Count - 1];
                }
                PasswordPolicyRequired.Text = string.Format(PasswordPolicyRequired.Text, string.Join(", ", requirements.ToArray()));
            }

            bool showLoginAs = ((_User.Id != AbleContext.Current.UserId) && (!_User.IsAdmin));

            if (showLoginAs)
            {
                LoginUserButton.Visible       = true;
                LoginUserButton.OnClientClick = string.Format(LoginUserButton.OnClientClick, _User.UserName);
            }
            else
            {
                LoginUserButton.Visible = false;
            }
        }
Exemple #7
0
        protected void ChangePasswordButton_Click(object sender, EventArgs e)
        {
            if (Page.IsValid)
            {
                //VERIFY CURRENT PASSWORD IS CORRECT
                User u = AbleContext.Current.User;
                if (u.CheckPassword(CurrentPassword.Text))
                {
                    //VERIFY THE NEW PASSWORD MEETS POLICY
                    PasswordPolicy     policy = new MerchantPasswordPolicy();
                    PasswordTestResult result = policy.TestPasswordWithFeedback(u, NewPassword.Text);
                    if ((result & PasswordTestResult.Success) == PasswordTestResult.Success)
                    {
                        u.SetPassword(NewPassword.Text);
                        ShowChangePassword.Visible     = false;
                        ChangePasswordPanel.Visible    = false;
                        PasswordChangedMessage.Visible = true;
                    }
                    else
                    {
                        if (CurrentPassword.Text.Equals(NewPassword.Text))
                        {
                            AddPasswordValidator("Your new password is the same as your current password.");
                        }
                        else
                        {
                            //"Your new password did not meet the following minimum requirements:<br/>";
                            if ((result & PasswordTestResult.PasswordTooShort) == PasswordTestResult.PasswordTooShort)
                            {
                                AddPasswordValidator(string.Format(PasswordPolicyLength.Text, policy.MinLength));
                            }
                            if ((result & PasswordTestResult.RequireLower) == PasswordTestResult.RequireLower)
                            {
                                AddPasswordValidator("New password must contain at least one lowercase letter.<br/>");
                            }
                            if ((result & PasswordTestResult.RequireUpper) == PasswordTestResult.RequireUpper)
                            {
                                AddPasswordValidator("New password must contain at least one uppercase letter.<br/> ");
                            }
                            if ((result & PasswordTestResult.RequireNonAlpha) == PasswordTestResult.RequireNonAlpha)
                            {
                                AddPasswordValidator("New password must contain at least one non-letter.<br/> ");
                            }
                            if ((result & PasswordTestResult.RequireNumber) == PasswordTestResult.RequireNumber)
                            {
                                AddPasswordValidator("New password must contain at least one number.<br/> ");
                            }
                            if ((result & PasswordTestResult.RequireSymbol) == PasswordTestResult.RequireSymbol)
                            {
                                AddPasswordValidator("New password must contain at least one symbol.<br/> ");
                            }

                            if ((result & PasswordTestResult.PasswordHistoryLimitation) == PasswordTestResult.PasswordHistoryLimitation)
                            {
                                AddPasswordValidator("You have recently used this password.<br/>");
                            }
                        }
                        ChangePasswordPanel.Visible = true;
                        ShowChangePassword.Visible  = false;
                    }
                }
                else
                {
                    CustomValidator validator = new CustomValidator();
                    validator.ErrorMessage    = "You did not type your current password correctly.";
                    validator.Text            = "*";
                    validator.IsValid         = false;
                    validator.ValidationGroup = "UserStatus";
                    phCustomValidator.Controls.Add(validator);

                    ChangePasswordPanel.Visible = true;
                    ShowChangePassword.Visible  = false;
                }
            }
        }
Exemple #8
0
        protected void Page_PreRender(object sender, EventArgs e)
        {
            User u = AbleContext.Current.User;

            UserName.Text  = u.UserName;
            LastLogin.Text = string.Format("{0:f}", u.LastLoginDate);
            if (u.LastPasswordChangedDate == null || u.LastPasswordChangedDate.Equals(DateTime.MinValue))
            {
                LastPassword.Text = "You did not change your password yet.";
            }
            else
            {
                LastPassword.Text = string.Format(LastPassword.Text, LocaleHelper.LocalNow.Subtract(u.LastPasswordChangedDate.Value).Days.ToString());
            }

            // UPDATE THE INSTRUCTIONS
            if (ChangePasswordPanel.Visible)
            {
                PasswordPolicy policy = new MerchantPasswordPolicy();
                PasswordPolicyLength.Text          = string.Format(PasswordPolicyLength.Text, policy.MinLength);
                PasswordPolicyHistoryCount.Visible = (policy.HistoryCount > 0);
                if (PasswordPolicyHistoryCount.Visible)
                {
                    PasswordPolicyHistoryCount.Text = string.Format(PasswordPolicyHistoryCount.Text, policy.HistoryCount);
                }
                PasswordPolicyHistoryDays.Visible = (policy.HistoryDays > 0);
                if (PasswordPolicyHistoryDays.Visible)
                {
                    PasswordPolicyHistoryDays.Text = string.Format(PasswordPolicyHistoryDays.Text, policy.HistoryDays);
                }
                List <string> requirements = new List <string>();
                if (policy.RequireUpper)
                {
                    requirements.Add("uppercase letter");
                }
                if (policy.RequireLower)
                {
                    requirements.Add("lowercase letter");
                }
                if (policy.RequireNumber)
                {
                    requirements.Add("number");
                }
                if (policy.RequireSymbol)
                {
                    requirements.Add("symbol");
                }
                if (!policy.RequireNumber && !policy.RequireSymbol && policy.RequireNonAlpha)
                {
                    requirements.Add("non-letter");
                }
                PasswordPolicyRequired.Visible = (requirements.Count > 0);
                if (PasswordPolicyRequired.Visible)
                {
                    if (requirements.Count > 1)
                    {
                        requirements[requirements.Count - 1] = "and " + requirements[requirements.Count - 1];
                    }
                    PasswordPolicyRequired.Text = string.Format(PasswordPolicyRequired.Text, string.Join(", ", requirements.ToArray()));
                }
            }
        }