public static void ValidateEmailVerificationTicket(Person pers, string token)
{
if (token.Length != EmailVerificationTicketLength)
{
throw new VerificationTicketLengthException("Wrong length of code, should be " +
EmailVerificationTicketLength + " characters.");
}
string storedTicket = pers.ResetPasswordTicket;
string[] storedParts = storedTicket.Split(new[] { ';' });
if (storedParts.Length < 2)
{
throw new VerificationTicketWrongException("No such code exists.");
}
DateTime createdTime = DateTime.MinValue;
DateTime.TryParseExact(storedParts[1].Trim(), "yyyy-MM-dd HH:mm:ss", CultureInfo.InvariantCulture,
DateTimeStyles.None, out createdTime);
if (DateTime.Now.Subtract(createdTime).TotalHours > 10)
{
throw new VerificationTicketTooOldException(
"Verification code too old, it must be used within 10 hours.");
}
if (SHA1.Hash(token) == storedParts[0])
{
// Yes, proceed to next step
}
else
{
throw new VerificationTicketWrongException("Wrong verification code.");
}
}
public static void ValidateRequestActivistSignoffProcess(Person p, string code)
{
string encodedPasswordTicket =
SHA1.Hash(p.Identity.ToString(CultureInfo.InvariantCulture)).Replace(" ", "").Substring(0, 4) + p.Identity.ToString();
if (code != encodedPasswordTicket)
{
throw new VerificationTicketWrongException("No such code exists.");
}
}
/// <summary>
/// Generates password hashes for legacy passwords in system (that are no longer generated).
/// </summary>
/// <param name="person">The person to generate a hash for.</param>
/// <param name="password">The password to hash.</param>
/// <returns>A list of previously valid password hashes.</returns>
private static string[] GenerateLegacyPasswordHashes(Person person, string password)
{
if (person.PersonalNumber.Length > 0)
{
return(new[]
{
SHA1.Hash(password + person.Identity + "Pirate"),
MD5.Hash(password + person.PersonalNumber + "Pirate")
});
}
else
{
return new[]
{
SHA1.Hash(password + person.Identity + "Pirate")
}
};
}
/// <summary>
/// Generates password hashes for legacy passwords in system (that are no longer generated).
/// </summary>
/// <param name="person">The person to generate a hash for.</param>
/// <param name="password">The password to hash.</param>
/// <returns>A list of previously valid password hashes.</returns>
private static string[] GenerateLegacyPasswordHashes(Person person, string password)
{
// Calling Obsolete Property is valid here since we are generationg legacy hashes.
#pragma warning disable 618
if (person.PersonalNumber.Length > 0)
{
return(new[]
{
SHA1.Hash(password + person.Identity + "Pirate"),
MD5.Hash(password + person.PersonalNumber + "Pirate")
});
}
return(new[]
{
SHA1.Hash(password + person.Identity + "Pirate")
});
#pragma warning restore 618
}
public static void RequestMembershipConfirmation(Person p, string URL)
{
string passwordTicket = CreateRandomPassword(EmailVerificationTicketLength);
string encodedPasswordTicket = SHA1.Hash(passwordTicket);
p.ResetPasswordTicket = encodedPasswordTicket + ";" + DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss");
string mailbody = "";
App_LocalResources.Authentication.Culture =
CultureInfo.GetCultureInfo(p.PreferredCulture);
mailbody = App_LocalResources.Authentication.MembershipConf_Mail_Preamble;
mailbody += "\r\n" + String.Format(URL, p.PersonId, passwordTicket);
mailbody += App_LocalResources.Authentication.MembershipConf_Mail_Ending;
p.SendNotice(App_LocalResources.Authentication.MembershipConf_Mail_Subject, mailbody, 1);
}
public static Person RequestActivistSignoffProcess(string eMail, string URL)
{
int personID = 0;
int.TryParse(eMail, out personID);
Person authenticatedUser = null;
People candidatePeople = null;
bool personIsActivist = false;
if (personID == 0)
{
BasicPerson[] people =
SwarmDb.GetDatabaseForReading().GetPeopleFromEmailPattern(eMail.ToLower().Replace("%", "").Trim());
candidatePeople = People.FromArray(people);
// if multiple people share same e-mail, suppose the last one registered is the one to change.
foreach (Person p in candidatePeople)
{
if (authenticatedUser == null || authenticatedUser.PersonId < p.PersonId && p.IsActivist)
{
authenticatedUser = p;
}
}
}
else
{
candidatePeople = People.FromIdentities(new[] { personID });
if (candidatePeople.Count > 0)
{
authenticatedUser = candidatePeople[0];
}
}
if (authenticatedUser == null)
{
return(null);
}
//TODO: Localize
string mailbody = "";
App_LocalResources.Authentication.Culture = CultureInfo.InvariantCulture;
if (candidatePeople.Count == 1 && candidatePeople[0].IsActivist)
{
personIsActivist = true;
Person p = candidatePeople[0];
if (App_LocalResources.Authentication.Culture == CultureInfo.InvariantCulture)
{
App_LocalResources.Authentication.Culture = CultureInfo.GetCultureInfo(p.PreferredCulture);
}
string encodedPasswordTicket =
SHA1.Hash(p.Identity.ToString(CultureInfo.InvariantCulture)).Replace(" ", "").Substring(0, 4) +
p.Identity;
mailbody = App_LocalResources.Authentication.RequestActivistSignoff_Mail_Preamble;
mailbody += App_LocalResources.Authentication.RequestActivistSignoff_Mail_ClickOneLink;
mailbody += "\r\n" + String.Format(URL, encodedPasswordTicket);
}
else
{
string links = "";
foreach (Person p in candidatePeople)
{
Memberships msList = p.GetMemberships();
if (msList.Count == 0 && p.IsActivist)
{
personIsActivist = true;
if (App_LocalResources.Authentication.Culture == CultureInfo.InvariantCulture)
{
App_LocalResources.Authentication.Culture = CultureInfo.GetCultureInfo(p.PreferredCulture);
}
string encodedPasswordTicket =
GenerateNewPasswordHash(p, p.Identity.ToString()).Replace(" ", "").Substring(0, 4) +
p.Identity;
links += "\r\n\r\n";
links += "#" + p.PersonId;
links += "\r\n" + String.Format(URL, encodedPasswordTicket);
}
}
mailbody = App_LocalResources.Authentication.RequestActivistSignoff_Mail_Preamble;
mailbody += App_LocalResources.Authentication.RequestActivistSignoff_Mail_ClickOneOfLinks;
mailbody += links;
}
mailbody += App_LocalResources.Authentication.RequestActivistSignoff_Mail_Ending;
if (personIsActivist)
{
authenticatedUser.SendNotice(App_LocalResources.Authentication.RequestActivistSignoff_Mail_Subject,
mailbody, 1);
}
return(authenticatedUser);
}