public override bool ChangePassword(string username, string oldPassword, string newPassword) { SecUtility.CheckParameter(ref username, true, true, true, 256, "username"); SecUtility.CheckParameter(ref oldPassword, true, true, false, 128, "oldPassword"); SecUtility.CheckParameter(ref newPassword, true, true, false, 128, "newPassword"); //if (!CheckPassword(username, oldPassword, false)) //{ // return false; //} if (newPassword.Length < MinRequiredPasswordLength) { throw new ArgumentException(SR.GetString( SR.Password_too_short, "newPassword", MinRequiredPasswordLength.ToString(CultureInfo.InvariantCulture))); } int count = 0; for (int i = 0; i < newPassword.Length; i++) { if (!char.IsLetterOrDigit(newPassword, i)) { count++; } } if (count < MinRequiredNonAlphanumericCharacters) { throw new ArgumentException(SR.GetString( SR.Password_need_more_non_alpha_numeric_chars, "newPassword", MinRequiredNonAlphanumericCharacters.ToString(CultureInfo.InvariantCulture))); } if (PasswordStrengthRegularExpression.Length > 0) { if (!Regex.IsMatch(newPassword, PasswordStrengthRegularExpression)) { throw new ArgumentException(SR.GetString(SR.Password_does_not_match_regular_expression, "newPassword")); } } string pass = EncodePassword(newPassword); if (pass.Length > 128) { throw new ArgumentException(SR.GetString(SR.Membership_password_too_long), "newPassword"); } return(SqlHelper.ExecuteNonQuery(CommandType.Text, "update tbOper set cnvcPwd = '" + pass + "' where cnvcOperName = '" + username + "'") > 0); }
public void min_required_password_length_succeeds_with_zero_min_password_length() { // Arrange string password = "******"; string username = "******"; int requiredPasswordLength = 0; // Act var rule = new MinRequiredPasswordLength(username, password.Length, requiredPasswordLength); bool actual = rule.Validate(); // Assert Assert.IsTrue(actual); }
public void min_required_password_length_message_succeeds() { // Arrange string password = "******"; string username = "******"; int requiredPasswordLength = 7; // Act var rule = new MinRequiredPasswordLength(username, password.Length, requiredPasswordLength); bool actual = rule.Validate(); // Assert Assert.AreEqual(string.Format("The password for 'joeuser' is less than the required 7 character length.", requiredPasswordLength), rule.ErrorMessage); }
public void min_required_password_length_should_return_true_for_valid_length() { // Arrange string password = "******"; string username = "******"; int requiredPasswordLength = 7; // Act var rule = new MinRequiredPasswordLength(username, password.Length, requiredPasswordLength); bool actual = rule.Validate(); // Assert Assert.AreEqual(true, actual); }
public void ValidateNewPassword(string username, string newPassword, bool isNewUser) { if (newPassword.Length < MinRequiredPasswordLength) { throw new ArgumentException(String.Format("The length of parameter 'newPassword' needs to be greater or equal to '{0}'.", MinRequiredPasswordLength.ToString(Invariants.NumberFormat))); } if (MinRequiredNonAlphanumericCharacters > 0) { int count = 0; for (int i = 0; i < newPassword.Length; i++) { if (!Char.IsLetterOrDigit(newPassword, i)) { count++; } } if (count < MinRequiredNonAlphanumericCharacters) { throw new ArgumentException(String.Format("Non alpha numeric characters in 'newPassword' needs to be greater than or equal to '{0}'.", MinRequiredNonAlphanumericCharacters.ToString(Invariants.NumberFormat))); } } if (!string.IsNullOrEmpty(PasswordStrengthRegularExpression) && !Regex.IsMatch(newPassword, PasswordStrengthRegularExpression)) { throw new ArgumentException("The parameter 'newPassword' does not match the regular expression specified in config file."); } ValidatePasswordEventArgs args = new ValidatePasswordEventArgs(username, newPassword, true); OnValidatingPassword(args); if (args.Cancel) { if (args.FailureInformation != null) { throw args.FailureInformation; } else { throw new MembershipPasswordException("Change password canceled due to new password validation failure."); } } }
public override bool ChangePassword(string username, string oldPassword, string newPassword) { if (!ValidateUser(username, oldPassword)) { return(false); } username = username.ToLower(); if (newPassword.Length < MinRequiredPasswordLength) { throw new ArgumentException(String.Format("The length of parameter 'newPassword' needs to be greater or equal to '{0}'.", MinRequiredPasswordLength.ToString(CultureInfo.InvariantCulture))); } int count = 0; for (int i = 0; i < newPassword.Length; i++) { if (!char.IsLetterOrDigit(newPassword, i)) { count++; } } if (count < MinRequiredNonAlphanumericCharacters) { throw new ArgumentException(String.Format("Non alpha numeric characters in 'newPassword' needs to be greater than or equal to '{0}'.", MinRequiredNonAlphanumericCharacters.ToString(CultureInfo.InvariantCulture))); } if (PasswordStrengthRegularExpression.Length > 0) { if (!Regex.IsMatch(newPassword, PasswordStrengthRegularExpression)) { throw new ArgumentException("The parameter 'newPassword' does not match the regular expression specified in config file."); } } ValidatePasswordEventArgs args = new ValidatePasswordEventArgs(username, newPassword, true); OnValidatingPassword(args); if (args.Cancel) { if (args.FailureInformation != null) { throw args.FailureInformation; } else { throw new MembershipPasswordException("Change password canceled due to new password validation failure."); } } return(this.SetPassword(username, newPassword)); }