/// <summary>
/// Update password and answer failure information.
/// </summary>
/// <param name="username">User name.</param>
/// <param name="failureType">Type of failure</param>
/// <remarks></remarks>
private void UpdateFailureCount(IObjectScope objScope, Employee e, FailureType failureType)
{
int failureCount = 0;
objScope.Transaction.Begin();
if (failureType == FailureType.Password)
{
failureCount = e.FailedPasswordAttemptCount;
if (failureCount == 0
|| DateTime.Now > e.FailedPasswordAttemptWindowStart.AddMinutes(passwordAttemptWindow))
{
e.FailedPasswordAttemptCount = 1;
e.FailedPasswordAttemptWindowStart = DateTime.Now;
}
}
else if(failureType == FailureType.PasswordAnswer)
{
failureCount = e.FailedPasswordAnswerAttemptCount;
if (failureCount == 0
|| DateTime.Now > e.FailedPasswordAnswerAttemptWindowStart.AddMinutes(passwordAttemptWindow))
{
e.FailedPasswordAnswerAttemptCount = 1;
e.FailedPasswordAnswerAttemptWindowStart = DateTime.Now;
}
}
failureCount++;
if (failureCount >= maxInvalidPasswordAttempts)
{
e.IsLockedOut = true;
e.LastLockedOutDate = DateTime.Now;
}
else
{
if (failureType == FailureType.Password)
e.FailedPasswordAttemptCount = failureCount;
else if (failureType == FailureType.PasswordAnswer)
e.FailedPasswordAnswerAttemptCount = failureCount;
}
objScope.Transaction.Commit();
}
private MembershipUser GetMembershipUser(IObjectScope objScope, bool userIsOnline, Employee e)
{
MembershipUser membershipUser = GetUserFromEmployee(e);
if (userIsOnline)
{
objScope.Transaction.Begin();
e.LastActivityDate = DateTime.Now;
objScope.Transaction.Commit();
}
return membershipUser;
}
/// <summary>
/// Create a MembershipUser object from an employee
/// </summary>
/// <param name="emp">Employee.</param>
/// <returns>MembershipUser object.</returns>
private MembershipUser GetUserFromEmployee(Employee emp)
{
MembershipUser membershipUser = new MembershipUser(
this.Name,
emp.Name,
emp.Employee_ID,
emp.Email,
emp.PasswordQuestion,
emp.Description,
emp.IsApproved,
emp.IsLockedOut,
emp.CreationDate,
emp.LastLoginDate,
emp.LastActivityDate,
emp.LastPasswordChangedDate,
emp.LastLockedOutDate);
return membershipUser;
}
/// <summary>
/// Create a new user.
/// </summary>
/// <param name="username">User name.</param>
/// <param name="password">Password.</param>
/// <param name="email">Email address.</param>
/// <param name="passwordQuestion">Security quesiton for password.</param>
/// <param name="passwordAnswer">Security quesiton answer for password.</param>
/// <param name="isApproved"></param>
/// <param name="userID">User ID</param>
/// <param name="status"></param>
/// <returns>MembershipUser</returns>
public override MembershipUser CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status)
{
ValidatePasswordEventArgs args = new ValidatePasswordEventArgs(username, password, true);
OnValidatingPassword(args);
if (args.Cancel)
{
status = MembershipCreateStatus.InvalidPassword;
return null;
}
if ((RequiresUniqueEmail && (GetUserNameByEmail(email) != String.Empty)))
{
status = MembershipCreateStatus.DuplicateEmail;
return null;
}
MembershipUser membershipUser = GetUser(username, false);
if (membershipUser == null)
{
IObjectScope objScope = ORM.GetNewObjectScope();
System.DateTime createDate = DateTime.Now;
objScope.Transaction.Begin();
Employee e = new Employee();
e.Name = username;
e.Password = EncodePassword(password);
e.Email = email;
e.PasswordQuestion = passwordQuestion;
e.PasswordAnswer = EncodePassword(passwordAnswer);
e.IsApproved = isApproved;
objScope.Add(e);
objScope.Transaction.Commit();
status = MembershipCreateStatus.Success;
return GetUser(username, false);
}
else
{
status = MembershipCreateStatus.DuplicateUserName;
}
return null;
}
