private bool CheckPassword(NotificatorEntities db, string username, string password, bool updateLastLoginActivityDate, bool failIfNotApproved, out string salt, out int passwordFormat, out User usr) { var user = GetDBUser(db, username); usr = user; if (user == null) { salt = null; passwordFormat = -1; return(false); } var enc = EncodePassword(password, user.PasswordFormat, user.PasswordSalt); passwordFormat = user.PasswordFormat; salt = user.PasswordSalt; if (enc == user.Password) { if (updateLastLoginActivityDate) { user.LastActivityDate = DateTime.Now; user.LastLoginDate = DateTime.Now; db.SaveChanges(); } return(true); } else { return(false); } }
private bool CheckPassword(NotificatorEntities db, string username, string password, bool updateLastLoginActivityDate, bool failIfNotApproved, out User usr) { string salt; int passwordFormat; return(CheckPassword(db, username, password, updateLastLoginActivityDate, failIfNotApproved, out salt, out passwordFormat, out usr)); }
public override string GetUserNameByEmail(string email) { using (var db = new NotificatorEntities()) { var usr = (from u in db.Users where u.Email == email && u.Application.Id == applicationId select u.Username).FirstOrDefault(); return(usr); } }
public override void UpdateUser(System.Web.Security.MembershipUser user) { if (user == null) { throw new ArgumentNullException("user"); } string temp = user.UserName; SecurityUtils.CheckParameter(ref temp, true, true, true, 256, "UserName"); temp = user.Email; SecurityUtils.CheckParameter(ref temp, RequiresUniqueEmail, RequiresUniqueEmail, false, 256, "Email"); user.Email = temp; using (var db = new NotificatorEntities()) { var query = from u in db.Users where u.Id == (int)user.ProviderUserKey && u.Application.Id == applicationId select u; var usr = query.FirstOrDefault(); if (usr == null) { throw new ProviderException(GetExceptionText(1)); } if (RequiresUniqueEmail) { var q = from u in db.Users where u.Id != (int)user.ProviderUserKey && u.Email == user.Email && u.Application.Id == applicationId select u; if (q.Any()) { throw new ProviderException(GetExceptionText(7)); } } usr.Email = user.Email; usr.Comment = user.Comment; usr.IsApproved = user.IsApproved; usr.LastLoginDate = user.LastLoginDate; db.SaveChanges(); } }
public override System.Web.Security.MembershipUserCollection GetAllUsers(int pageIndex, int pageSize, out int totalRecords) { using (var db = new NotificatorEntities()) { totalRecords = db.Users.Count(); var col = new MembershipUserCollection(); foreach (var item in db.Users.Where(u => u.Application.Id == applicationId).OrderBy(o => o.Id).Skip(pageSize * pageIndex).Take(pageSize)) { col.Add(UserMapper.Map(this.Name, item)); } return(col); } }
internal static int GetApplicationId(this NotificatorEntities data, string applicationName) { var application = data.GetApplicationByName(applicationName).FirstOrDefault(); if (application == null) { application = new Application { Name = applicationName }; data.Applications.AddObject(application); data.SaveChanges(); } return(application.Id); }
public override bool DeleteUser(string username, bool deleteAllRelatedData) { using (var db = new NotificatorEntities()) { var user = db.Users.FirstOrDefault(u => u.Username == username && u.Application.Id == applicationId); if (user == null) { return(false); } db.DeleteObject(user); db.SaveChanges(); return(true); } }
public override System.Web.Security.MembershipUser GetUser(string username, bool userIsOnline) { using (var db = new NotificatorEntities()) { var usr = GetDBUser(db, username); if (usr == null) { return(null); } if (userIsOnline) { usr.LastActivityDate = DateTime.UtcNow; db.SaveChanges(); } return(UserMapper.Map(this.Name, usr)); } }
public override string GetPassword(string username, string answer) { using (var db = new NotificatorEntities()) { var usr = GetDBUser(db, username); if (usr == null) { return(null); } if (usr.PasswordAnswer == answer) { return(UnEncodePassword(usr.Password, usr.PasswordFormat)); } } return(null); }
public override bool ValidateUser(string username, string password) { using (var db = new NotificatorEntities()) { var usr = default(User); if (ValidateParameter(ref username, true, true, true, 256) && ValidateParameter(ref password, true, true, false, 128) && CheckPassword(db, username, password, true, true, out usr)) { return(true); } else { return(false); } } }
public override System.Web.Security.MembershipUser GetUser(object providerUserKey, bool userIsOnline) { using (var db = new NotificatorEntities()) { var uid = (int)providerUserKey; var usr = db.GetUserById(uid, applicationId).FirstOrDefault(); if (usr == null) { return(null); } if (userIsOnline) { usr.LastActivityDate = DateTime.UtcNow; db.SaveChanges(); } return(UserMapper.Map(this.Name, usr)); } }
public override bool ChangePasswordQuestionAndAnswer(string username, string password, string newPasswordQuestion, string newPasswordAnswer) { using (var db = new NotificatorEntities()) { var user = default(User); string salt; int passwordFormat; if (!CheckPassword(db, username, password, false, false, out salt, out passwordFormat, out user)) { return(false); } user.PasswordQuestion = newPasswordQuestion; user.PasswordAnswer = newPasswordAnswer; db.SaveChanges(); return(true); } }
public override System.Web.Security.MembershipUserCollection FindUsersByName(string usernameToMatch, int pageIndex, int pageSize, out int totalRecords) { using (var db = new NotificatorEntities()) { var query = from user in db.Users where user.Username.Contains(usernameToMatch) && user.Application.Id == applicationId orderby user.Id select user; totalRecords = query.Count(); var col = new MembershipUserCollection(); foreach (var item in query.Skip(pageSize * pageIndex).Take(pageSize)) { col.Add(UserMapper.Map(this.Name, item)); } return(col); } }
public override bool UnlockUser(string userName) { SecurityUtils.CheckParameter(ref userName, true, true, true, 256, "username"); try { using (var db = new NotificatorEntities()) { var user = GetDBUser(db, userName); if (user == null) { return(false); } user.Status = (byte)UserStatus.Approved; user.LastLockoutDate = DateTime.UtcNow; db.SaveChanges(); return(true); } } catch { return(false); } }
public override bool ChangePassword(string username, string oldPassword, string newPassword) { var salt = string.Empty; var passwordFormat = 1; using (var db = new NotificatorEntities()) { var user = default(User); if (!CheckPassword(db, username, oldPassword, false, false, out salt, out passwordFormat, out user)) { return(false); } user.Password = EncodePassword(newPassword, passwordFormat, salt); user.LastPasswordChangedDate = DateTime.Now; user.FailedPasswordAnswerAttemptCount = 0; user.FailedPasswordAttemptCount = 0; db.SaveChanges(); } return(true); }
public override string ResetPassword(string username, string answer) { if (!EnablePasswordReset) { throw new NotSupportedException("Not_configured_to_support_password_resets"); } SecurityUtils.CheckParameter(ref username, true, true, true, 256, "username"); using (var db = new NotificatorEntities()) { var user = GetDBUser(db, username); var passwordAnswer = user.PasswordAnswer; string encodedPasswordAnswer; if (passwordAnswer != null) { passwordAnswer = passwordAnswer.Trim(); } if (!string.IsNullOrEmpty(passwordAnswer)) { encodedPasswordAnswer = EncodePassword(passwordAnswer.ToLower(CultureInfo.InvariantCulture), user.PasswordFormat, user.PasswordSalt); } else { encodedPasswordAnswer = passwordAnswer; } SecurityUtils.CheckParameter(ref encodedPasswordAnswer, RequiresQuestionAndAnswer, RequiresQuestionAndAnswer, false, 128, "passwordAnswer"); string newPassword = GeneratePassword(); ValidatePasswordEventArgs e = new ValidatePasswordEventArgs(username, newPassword, false); OnValidatingPassword(e); if (e.Cancel) { if (e.FailureInformation != null) { throw e.FailureInformation; } else { throw new ProviderException("Membership_Custom_Password_Validation_Failure"); } } var utc = DateTime.UtcNow; if (encodedPasswordAnswer != user.PasswordAnswer) { if (utc > user.FailedPasswordAnswerAttemptWindowStart.AddMinutes(PasswordAttemptWindow)) { user.FailedPasswordAnswerAttemptCount = 1; } else { user.FailedPasswordAnswerAttemptCount++; } user.FailedPasswordAnswerAttemptWindowStart = utc; if (user.FailedPasswordAnswerAttemptCount > MaxInvalidPasswordAttempts) { user.LastLockoutDate = DateTime.UtcNow; user.Status = (byte)UserStatus.Locked; } db.SaveChanges(); return(null); } else { user.FailedPasswordAnswerAttemptCount = 0; user.FailedPasswordAnswerAttemptWindowStart = new DateTime(1754, 01, 01); user.FailedPasswordAttemptCount = 0; user.FailedPasswordAttemptWindowStart = user.FailedPasswordAnswerAttemptWindowStart; } user.Password = EncodePassword(newPassword, user.PasswordFormat, user.PasswordSalt); db.SaveChanges(); return(newPassword); //user.FailedPasswordAnswerAttemptCount = 0; } }
public EventRepository(NotificatorEntities context) : base(context) { }
public override void Initialize(string name, NameValueCollection config) { if (config == null) { throw new ArgumentNullException("config"); } if (String.IsNullOrEmpty(name)) { name = "SqlMembershipProvider"; } if (string.IsNullOrEmpty(config["description"])) { config.Remove("description"); config.Add("description", "MembershipSqlProvider_description"); } base.Initialize(name, config); schemaVersionCheck = 0; enablePasswordRetrieval = SecurityUtils.GetBooleanValue(config, "enablePasswordRetrieval", false); enablePasswordReset = SecurityUtils.GetBooleanValue(config, "enablePasswordReset", true); requiresQuestionAndAnswer = SecurityUtils.GetBooleanValue(config, "requiresQuestionAndAnswer", true); requiresUniqueEmail = SecurityUtils.GetBooleanValue(config, "requiresUniqueEmail", true); maxInvalidPasswordAttempts = SecurityUtils.GetIntValue(config, "maxInvalidPasswordAttempts", 5, false, 0); passwordAttemptWindow = SecurityUtils.GetIntValue(config, "passwordAttemptWindow", 10, false, 0); minRequiredPasswordLength = SecurityUtils.GetIntValue(config, "minRequiredPasswordLength", 7, false, 128); minRequiredNonalphanumericCharacters = SecurityUtils.GetIntValue(config, "minRequiredNonalphanumericCharacters", 1, true, 128); passwordStrengthRegularExpression = config["passwordStrengthRegularExpression"]; if (passwordStrengthRegularExpression != null) { passwordStrengthRegularExpression = passwordStrengthRegularExpression.Trim(); if (passwordStrengthRegularExpression.Length != 0) { try { Regex regex = new Regex(passwordStrengthRegularExpression); } catch (ArgumentException e) { throw new ProviderException(e.Message, e); } } } else { passwordStrengthRegularExpression = string.Empty; } if (minRequiredNonalphanumericCharacters > minRequiredPasswordLength) { throw new HttpException("MinRequiredNonalphanumericCharacters_can_not_be_more_than_MinRequiredPasswordLength"); } string temp = config["connectionStringName"]; if (temp == null || temp.Length < 1) { throw new ProviderException("Connection_name_not_specified"); } sqlConnectionString = temp; if (sqlConnectionString == null || sqlConnectionString.Length < 1) { throw new ProviderException("Connection_string_not_found"); } commandTimeout = SecurityUtils.GetIntValue(config, "commandTimeout", 30, true, 0); appName = config["applicationName"]; if (string.IsNullOrEmpty(appName)) { appName = "/"; } if (appName.Length > 256) { throw new ProviderException("Provider_application_name_too_long"); } using (var db = new NotificatorEntities()) { applicationId = db.GetApplicationId(appName); } string strTemp = config["passwordFormat"]; if (strTemp == null) { strTemp = "Hashed"; } switch (strTemp) { case "Clear": passwordFormat = MembershipPasswordFormat.Clear; break; case "Encrypted": passwordFormat = MembershipPasswordFormat.Encrypted; break; case "Hashed": passwordFormat = MembershipPasswordFormat.Hashed; break; default: throw new ProviderException("Provider_bad_password_format"); } if (PasswordFormat == MembershipPasswordFormat.Hashed && EnablePasswordRetrieval) { throw new ProviderException("Provider_can_not_retrieve_hashed_password"); } //if (_PasswordFormat == MembershipPasswordFormat.Encrypted && MachineKeySection.IsDecryptionKeyAutogenerated) // throw new ProviderException(SR.GetString(SR.Can_not_use_encrypted_passwords_with_autogen_keys)); config.Remove("connectionStringName"); config.Remove("enablePasswordRetrieval"); config.Remove("enablePasswordReset"); config.Remove("requiresQuestionAndAnswer"); config.Remove("applicationName"); config.Remove("requiresUniqueEmail"); config.Remove("maxInvalidPasswordAttempts"); config.Remove("passwordAttemptWindow"); config.Remove("commandTimeout"); config.Remove("passwordFormat"); config.Remove("name"); config.Remove("minRequiredPasswordLength"); config.Remove("minRequiredNonalphanumericCharacters"); config.Remove("passwordStrengthRegularExpression"); if (config.Count > 0) { string attribUnrecognized = config.GetKey(0); if (!String.IsNullOrEmpty(attribUnrecognized)) { throw new ProviderException("Provider_unrecognized_attribute, attribUnrecognized"); } } }
public User GetDBUser(NotificatorEntities db, string username) { return(db.GetUserByName(username, applicationId).FirstOrDefault()); }
public override System.Web.Security.MembershipUser CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out System.Web.Security.MembershipCreateStatus status) { if (!ValidateParameter(ref password, true, true, false, 128)) { status = MembershipCreateStatus.InvalidPassword; return(null); } var salt = GenerateSalt(); var pass = EncodePassword(password, (int)passwordFormat, salt); if (pass.Length > 128) { status = MembershipCreateStatus.InvalidPassword; return(null); } string encodedPasswordAnswer; if (passwordAnswer != null) { passwordAnswer = passwordAnswer.Trim(); } if (!string.IsNullOrEmpty(passwordAnswer)) { if (passwordAnswer.Length > 128) { status = MembershipCreateStatus.InvalidAnswer; return(null); } encodedPasswordAnswer = EncodePassword(passwordAnswer.ToLower(CultureInfo.InvariantCulture), (int)passwordFormat, salt); } else { encodedPasswordAnswer = passwordAnswer; } if (!ValidateParameter(ref encodedPasswordAnswer, RequiresQuestionAndAnswer, true, false, 128)) { status = MembershipCreateStatus.InvalidAnswer; return(null); } if (!ValidateParameter(ref username, true, true, true, 256)) { status = MembershipCreateStatus.InvalidUserName; return(null); } if (!ValidateParameter(ref email, RequiresUniqueEmail, RequiresUniqueEmail, false, 256)) { status = MembershipCreateStatus.InvalidEmail; return(null); } if (!ValidateParameter(ref passwordQuestion, RequiresQuestionAndAnswer, true, false, 256)) { status = MembershipCreateStatus.InvalidQuestion; return(null); } if (providerUserKey != null) { //if (!(providerUserKey is Guid)) { // status = MembershipCreateStatus.InvalidProviderUserKey; // return null; //} status = MembershipCreateStatus.InvalidProviderUserKey; return(null); } if (password.Length < MinRequiredPasswordLength) { status = MembershipCreateStatus.InvalidPassword; return(null); } int count = 0; for (int i = 0; i < password.Length; i++) { if (!char.IsLetterOrDigit(password, i)) { count++; } } if (count < MinRequiredNonAlphanumericCharacters) { status = MembershipCreateStatus.InvalidPassword; return(null); } if (PasswordStrengthRegularExpression.Length > 0) { if (!Regex.IsMatch(password, PasswordStrengthRegularExpression)) { status = MembershipCreateStatus.InvalidPassword; return(null); } } ValidatePasswordEventArgs e = new ValidatePasswordEventArgs(username, password, true); OnValidatingPassword(e); if (e.Cancel) { status = MembershipCreateStatus.InvalidPassword; return(null); } using (var db = new NotificatorEntities()) { if (RequiresUniqueEmail) { if (db.Users.Where(u => u.Email == email && u.Application.Id == applicationId).Any()) { status = MembershipCreateStatus.DuplicateEmail; return(null); } } if (db.Users.Where(u => u.Username == username && u.Application.Id == applicationId).Any()) { status = MembershipCreateStatus.DuplicateUserName; return(null); } var utc = DateTime.UtcNow; var user = new User() { Comment = "", CreateOn = utc, Email = email, FailedPasswordAnswerAttemptCount = 0, FailedPasswordAnswerAttemptWindowStart = utc, FailedPasswordAttemptCount = 0, FailedPasswordAttemptWindowStart = utc, IsAnonymous = false, IsApproved = isApproved, LastActivityDate = utc, LastLockoutDate = utc, LastLoginDate = utc, LastPasswordChangedDate = utc, Password = pass, PasswordAnswer = encodedPasswordAnswer, PasswordFormat = (int)PasswordFormat, PasswordQuestion = passwordQuestion, PasswordSalt = salt, TimeZone = 0, Username = username, Application = db.GetApplication(applicationId) }; db.Users.AddObject(user); try { db.SaveChanges(); } catch { status = MembershipCreateStatus.UserRejected; return(null); } status = MembershipCreateStatus.Success; return(UserMapper.Map(this.Name, user)); } }
public UserRepository(NotificatorEntities context) : base(context) { }
public override int GetNumberOfUsersOnline() { using (var db = new NotificatorEntities()) return(db.Users.Where(u => u.LastActivityDate > DateTime.Now.AddMinutes(Membership.UserIsOnlineTimeWindow) && u.Application.Id == applicationId).Count()); }
protected RepositoryBase(NotificatorEntities context) { this.context = context; }
internal static Application GetApplication(this NotificatorEntities data, int applicationId) { return(data.GetApplicationById(applicationId).FirstOrDefault()); }