/// <summary>
/// Gets the password of a user given the provided password answer
/// </summary>
public override string GetPassword(string username, string answer)
{
if (!this.EnablePasswordRetrieval)
{
throw new NotSupportedException("Membership provider is configured to reject password retrieval.");
}
SecUtility.CheckParameter(ref username, true, true, true, Constants.MaxTableUsernameLength, "username");
try
{
if (answer != null)
{
answer = answer.Trim();
}
string encodedPasswordAnswer;
DataServiceContext svc = this.CreateDataServiceContext();
MembershipRow member = this.GetUserFromTable(svc, username);
if (member == null)
{
throw new ProviderException("Couldn't find a unique user with that name.");
}
if (member.IsLockedOut)
{
throw new MembershipPasswordException("User is locked out.");
}
if (string.IsNullOrEmpty(answer))
{
encodedPasswordAnswer = answer;
}
else
{
encodedPasswordAnswer = this.EncodePassword(answer.ToLowerInvariant(), member.PasswordFormat, member.PasswordSalt);
}
SecUtility.CheckParameter(ref encodedPasswordAnswer, this.RequiresQuestionAndAnswer, this.RequiresQuestionAndAnswer, false, MaxTablePasswordAnswerLength, "passwordAnswer");
Exception ex = null;
if (this.RequiresQuestionAndAnswer)
{
DateTime now = DateTime.UtcNow;
if (string.IsNullOrEmpty(member.PasswordAnswer) || encodedPasswordAnswer != member.PasswordAnswer)
{
ex = new MembershipPasswordException("Password answer is invalid.");
if (now > member.FailedPasswordAnswerAttemptWindowStartUtc.Add(TimeSpan.FromMinutes(this.PasswordAttemptWindow)))
{
member.FailedPasswordAnswerAttemptWindowStartUtc = now;
member.FailedPasswordAnswerAttemptCount = 1;
}
else
{
member.FailedPasswordAnswerAttemptWindowStartUtc = now;
member.FailedPasswordAnswerAttemptCount++;
}
if (member.FailedPasswordAnswerAttemptCount >= this.MaxInvalidPasswordAttempts)
{
member.IsLockedOut = true;
member.LastLockoutDateUtc = now;
}
}
else
{
if (member.FailedPasswordAnswerAttemptCount > 0)
{
member.FailedPasswordAnswerAttemptCount = 0;
member.FailedPasswordAnswerAttemptWindowStartUtc = ProvidersConfiguration.MinSupportedDateTime;
}
}
}
svc.UpdateObject(member);
svc.SaveChanges();
if (ex != null)
{
throw ex;
}
return this.UnEncodePassword(member.Password, member.PasswordFormat);
}
catch (Exception e)
{
if (e.InnerException is DataServiceClientException)
{
throw new ProviderException("Error accessing the data source.", e);
}
else
{
throw;
}
}
}
/// <summary>
/// Processes a request to update the password for a membership user.
/// </summary>
/// <param name="username">The user to update the password for.</param>
/// <param name="oldPassword">The current password for the specified user.</param>
/// <param name="newPassword">The new password for the specified user.</param>
/// <returns>
/// true if the password was updated successfully; otherwise, false.
/// </returns>
public override bool ChangePassword(string username, string oldPassword, string newPassword)
{
// Validate new password
if (IsPasswordValid(newPassword) == false)
{
var e = new MembershipPasswordException("Change password canceled due to new password validation failure.");
LogHelper.WarnWithException<MembersMembershipProvider>(e.Message, e);
throw e;
}
var member = MemberService.GetByUsername(username);
if (member == null) return false;
var encodedPassword = EncryptOrHashPassword(oldPassword);
if (member.Password == encodedPassword)
{
member.Password = EncryptOrHashPassword(newPassword);
MemberService.Save(member);
return true;
}
LogHelper.Warn<MembersMembershipProvider>("Can't change password as old password was incorrect");
return false;
}
/// <summary>
/// Reset the password of a user. No retry policies are used in this function.
/// </summary>
public override string ResetPassword(string username, string answer)
{
if (!this.EnablePasswordReset)
{
throw new NotSupportedException("Membership provider is configured to not allow password resets!");
}
SecUtility.CheckParameter(ref username, true, true, true, Constants.MaxTableUsernameLength, "username");
try
{
TableServiceContext svc = this.CreateDataServiceContext();
MembershipRow member = this.GetUserFromTable(svc, username);
if (member == null)
{
throw new ProviderException(string.Format(CultureInfo.InstalledUICulture, "Couldn't find a unique user with the name {0}.", username));
}
if (member.IsLockedOut)
{
throw new MembershipPasswordException(string.Format(CultureInfo.InstalledUICulture, "The user {0} is currently locked out!", username));
}
int format = member.PasswordFormat;
string salt = member.PasswordSalt;
string encodedPasswordAnswer;
if (answer != null)
{
answer = answer.Trim();
}
if (!string.IsNullOrEmpty(answer))
{
encodedPasswordAnswer = this.EncodePassword(answer.ToLowerInvariant(), format, salt);
}
else
{
encodedPasswordAnswer = answer;
}
SecUtility.CheckParameter(ref encodedPasswordAnswer, this.RequiresQuestionAndAnswer, this.RequiresQuestionAndAnswer, false, MaxTablePasswordSize, "passwordAnswer");
string newPassword = this.GeneratePassword();
var e = new ValidatePasswordEventArgs(username, newPassword, false);
OnValidatingPassword(e);
if (e.Cancel)
{
if (e.FailureInformation != null)
{
throw e.FailureInformation;
}
else
{
throw new ProviderException("Password validation failed.");
}
}
DateTime now = DateTime.UtcNow;
Exception ex = null;
if (encodedPasswordAnswer == null || encodedPasswordAnswer == member.PasswordAnswer)
{
member.Password = this.EncodePassword(newPassword, (int)format, salt);
member.LastPasswordChangedDateUtc = now;
if (member.FailedPasswordAnswerAttemptCount > 0 && encodedPasswordAnswer != null)
{
member.FailedPasswordAnswerAttemptCount = 0;
member.FailedPasswordAnswerAttemptWindowStartUtc = ProvidersConfiguration.MinSupportedDateTime;
}
}
else
{
if (now > member.FailedPasswordAnswerAttemptWindowStartUtc.Add(TimeSpan.FromMinutes(this.PasswordAttemptWindow)))
{
member.FailedPasswordAnswerAttemptWindowStartUtc = now;
member.FailedPasswordAnswerAttemptCount = 1;
}
else
{
member.FailedPasswordAnswerAttemptWindowStartUtc = now;
member.FailedPasswordAnswerAttemptCount++;
}
if (member.FailedPasswordAnswerAttemptCount >= this.MaxInvalidPasswordAttempts)
{
member.IsLockedOut = true;
member.LastLockoutDateUtc = now;
}
ex = new MembershipPasswordException("Wrong password answer.");
}
svc.UpdateObject(member);
svc.SaveChanges();
if (ex != null)
{
throw ex;
}
return newPassword;
}
catch (Exception e)
{
if (e.InnerException is DataServiceClientException)
{
throw new ProviderException("Error accessing the data source.", e);
}
else
{
throw;
}
}
}
