/// <summary>
/// Validate the user
/// </summary>
/// <param name="loginUserName">The login username</param>
/// <param name="loginPassword">The login password</param>
/// <returns>The validated user; else null</returns>
public virtual Data.User Validate(string loginUserName, string loginPassword)
{
Data.User user = null;
try
{
// Find the user.
user = Select.SelectDataEntity(u => (u.LoginUserName == loginUserName));
// If user exists.
if (user != null)
{
// Encode password.
Nequeo.Cryptography.IPasswordEncryption encoder = PasswordAuthorisationCode.GetEncoder();
string password = encoder.Decode(user.LoginPassword, encoder.PasswordFormat, loginPassword);
// If not equal then reject.
if (password != loginPassword)
{
user = null;
}
}
}
catch { user = null; }
// Return the user.
return(user);
}
/// <summary>
/// Encode the password.
/// </summary>
/// <param name="user">The user data.</param>
/// <param name="encode">Encode the user.</param>
private void EncodePassword(Data.User user, bool encode = true)
{
Nequeo.Cryptography.IPasswordEncryption encoder = PasswordAuthorisationCode.GetEncoder();
// Get the current user.
Data.User current = new Data.DataContext().Users.First(u => u.UserID == user.UserID);
string currentPasswordEncoded = current.Password;
string passwordEncoded = encoder.Encode(user.Password, encoder.PasswordFormat);
string currentPasswordAnswerEncoded = current.PasswordAnswer;
string passwordAnswerEncoded = encoder.Encode(user.PasswordAnswer, encoder.PasswordFormat);
// If password is different.
if (user.Password != currentPasswordEncoded)
{
// If the passwords do not match.
if (currentPasswordEncoded != passwordEncoded)
{
// Encode password.
user.Password = passwordEncoded;
}
}
// If password is different.
if (user.PasswordAnswer != currentPasswordAnswerEncoded)
{
// If the passwords do not match.
if (currentPasswordAnswerEncoded != passwordAnswerEncoded)
{
// Encode password.
user.PasswordAnswer = passwordAnswerEncoded;
}
}
}
/// <summary>
/// Validates the current user credentials.
/// </summary>
/// <param name="username">The login username.</param>
/// <param name="password">The login password.</param>
/// <param name="applicationName">The application name.</param>
/// <returns>The current user else null.</returns>
public virtual Data.User ValidateUser(string username, string password, string applicationName = null)
{
Data.User user = null;
try
{
if (String.IsNullOrEmpty(applicationName))
{
user = Select.SelectDataEntity(u => (u.Username == username));
}
else
{
user = Select.SelectDataEntity(
u => (u.Username == username) &&
(u.ApplicationName == applicationName));
}
// If user exists.
if (user != null)
{
// Encode password.
Nequeo.Cryptography.IPasswordEncryption encoder = PasswordAuthorisationCode.GetEncoder();
string pass = encoder.Decode(user.Password, encoder.PasswordFormat, password);
// If not equal then reject.
if (pass != password)
{
user = null;
}
}
}
catch { user = null; }
return(user);
}
/// <summary>
/// Unencode the password.
/// </summary>
/// <param name="password">The password.</param>
/// <param name="encodedPassword">The encoded password.</param>
/// <returns>The un-encoded password.</returns>
private string UnEncodePassword(string password, string encodedPassword)
{
string pass = encodedPassword;
// Select the apprepriate password format.
switch (PasswordFormat)
{
case System.Web.Security.MembershipPasswordFormat.Clear:
break;
case System.Web.Security.MembershipPasswordFormat.Encrypted:
// Decrypt the encrypted password.
Nequeo.Cryptography.IPasswordEncryption encoder = PasswordAuthorisationCode.GetEncoder();
pass = encoder.Decode(encodedPassword, Cryptography.PasswordFormat.Encrypted);
break;
case System.Web.Security.MembershipPasswordFormat.Hashed:
// Validate with hash
Nequeo.Cryptography.IPasswordEncryption encoderHash = PasswordAuthorisationCode.GetEncoder();
pass = encoderHash.Decode(encodedPassword, Cryptography.PasswordFormat.Hashed, password);
break;
default:
throw new Exception("Unsupported password format.");
}
// Return the un-encoded password.
return(pass);
}
/// <summary>
/// Get encoder.
/// </summary>
/// <param name="useAuthorisationCode">Should the authorisation code be used.</param>
/// <returns>The password encoder.</returns>
public static Nequeo.Cryptography.IPasswordEncryption GetEncoder(bool useAuthorisationCode = true)
{
Nequeo.Security.Configuration.Reader reader = new Security.Configuration.Reader();
Nequeo.Cryptography.IPasswordEncryption encoder = reader.GetEncoder();
// Return the encoder.
return(encoder);
}
/// <summary>
/// Encode the password.
/// </summary>
/// <param name="user">The user data.</param>
/// <param name="encode">Encode the user.</param>
private void EncodePassword(Data.User user, bool encode = true)
{
Nequeo.Cryptography.IPasswordEncryption encoder = PasswordAuthorisationCode.GetEncoder();
if (encode)
{
// Encode password.
user.LoginPassword = encoder.Encode(user.LoginPassword, encoder.PasswordFormat);
}
else
{
// Decode password.
user.LoginPassword = encoder.Decode(user.LoginPassword, encoder.PasswordFormat);
}
}
/// <summary>
/// Get the password encoder.
/// </summary>
/// <param name="section">The config section group and section name.</param>
/// <returns>The password encryption encoder.</returns>
/// <exception cref="System.Exception">Configuration load exception is thrown.</exception>
public Nequeo.Cryptography.IPasswordEncryption GetEncoder(string section = "NequeoSecurityGroup/NequeoSecurityPassword")
{
Nequeo.Cryptography.IPasswordEncryption encoder = null;
try
{
// Refreshes the named section so the next time that it is retrieved it will be re-read from disk.
System.Configuration.ConfigurationManager.RefreshSection(section);
// Create a new default host type
// an load the values from the configuration
// file into the default host type.
SecurityPassword defaultEncoder =
(SecurityPassword)System.Configuration.ConfigurationManager.GetSection(section);
// Make sure the section is defined.
if (defaultEncoder == null)
{
throw new Exception("Configuration section has not been defined.");
}
// Get the encoder element.
EncoderElement encoderElement = defaultEncoder.EncoderSection;
if (encoderElement == null)
{
throw new Exception("Configuration element Encoder has not been defined.");
}
// Create an instance of the encoder type.
Type ecoderType = Nequeo.Reflection.TypeAccessor.GetType(encoderElement.TypeValue);
encoder = (Nequeo.Cryptography.IPasswordEncryption)Nequeo.Reflection.TypeAccessor.CreateInstance(ecoderType);
encoder.PasswordFormat = encoderElement.PasswordFormat;
encoder.AuthorisationCode = encoderElement.AuthorisationCode;
encoder.HashcodeType = encoderElement.HashcodeType;
}
catch (Exception)
{
throw;
}
// Return the encoder.
return(encoder);
}
/// <summary>
/// Validate the user
/// </summary>
/// <param name="loginUserName">The login username</param>
/// <param name="loginPassword">The login password</param>
/// <returns>The validated user; else null</returns>
public virtual Edm.User Validate(string loginUserName, string loginPassword)
{
Edm.User user = null;
try
{
// Encode password.
Nequeo.Security.Configuration.Reader reader = new Security.Configuration.Reader();
Nequeo.Cryptography.IPasswordEncryption encoder = reader.GetEncoder();
// Encode the password.
string encodedPassword = encoder.Encode(loginPassword, encoder.PasswordFormat);
// Get the user for the credentials.
user = Select.SelectIQueryableItems(
u =>
(u.LoginUserName == loginUserName) &&
(u.LoginPassword == encodedPassword)).First();
}
catch { user = null; }
// Return the user.
return(user);
}
/// <summary>
/// Loads from the configuration file the security password encoder.
/// </summary>
/// <param name="section">The config section group and section name.</param>
public void LoadSecurityPasswordEncoder(string section = "NequeoSecurityGroup/NequeoSecurityPassword")
{
_securityPassword = new Nequeo.Security.Configuration.Reader().GetEncoder(section);
}
/// <summary>
/// Password manager provider.
/// </summary>
/// <param name="securityPassword">A password security encryption implementation.</param>
public PasswordManager(Nequeo.Cryptography.IPasswordEncryption securityPassword)
{
_securityPassword = securityPassword;
}