public bool ChangePassword(string email, string currentPassword, string newPassword)
{
if (string.IsNullOrEmpty(email))
{
return(false);
}
if (string.IsNullOrEmpty(currentPassword))
{
return(false);
}
if (string.IsNullOrEmpty(newPassword))
{
return(false);
}
var user = GetByUserEmail(email);
if (user == null)
{
return(false);
}
var hashedPassword = user.Password;
var verificationSucceeded = hashedPassword != null && PasswordAssertionConcern.VerifyHash(currentPassword, hashedPassword);
if (verificationSucceeded)
{
user.PasswordFailuresSinceLastSuccess = 0;
}
else
{
var failures = user.PasswordFailuresSinceLastSuccess;
if (failures < User.MaxInvalidPasswordAttempts)
{
user.PasswordFailuresSinceLastSuccess += 1;
user.LastPasswordFailureDate = DateTime.UtcNow;
}
else if (failures >= User.MaxInvalidPasswordAttempts)
{
user.LastPasswordFailureDate = DateTime.UtcNow;
user.LastLockoutDate = DateTime.UtcNow;
user.IsLockedOut = true;
}
BeginTransaction();
_userRepository.Update(user);
Commit();
return(false);
}
var newHashedPassword = PasswordAssertionConcern.ComputeHash(newPassword, "SHA512", null);
user.Password = newHashedPassword;
user.LastPasswordChangedDate = DateTime.UtcNow;
BeginTransaction();
_userRepository.Update(user);
Commit();
return(true);
}
public Task <bool> CheckPasswordAsync(User user, string password)
{
//message = string.Empty;
if (!user.IsApproved) /*message = "Usuário desativado.";*/ return {
(Task.FromResult(false));
}
if (user.LastLockoutDate.HasValue)
{
var timeout = user.LastLockoutDate.Value.AddMinutes(User.PasswordAnswerAttemptLockoutDuration);
if (user.IsLockedOut && timeout >= DateTime.UtcNow) /*message = "Usuário bloqueado.";*/ return {
(Task.FromResult(false));
}
if (user.IsLockedOut && timeout < DateTime.UtcNow)
{
UnlockUser(user);
}
}
var verificationSucceeded = user.Password != null && PasswordAssertionConcern.VerifyHash(password, user.Password);
if (verificationSucceeded)
{
user.PasswordFailuresSinceLastSuccess = 0;
user.LastLoginDate = DateTime.UtcNow;
user.LastActivityDate = DateTime.UtcNow;
user.IsLockedOut = false;
}
else
{
var failures = user.PasswordFailuresSinceLastSuccess;
if (failures < User.MaxInvalidPasswordAttempts)
{
user.PasswordFailuresSinceLastSuccess += 1;
user.LastPasswordFailureDate = DateTime.UtcNow;
//message = "O email ou senha está incorreta.";
}
else if (failures >= User.MaxInvalidPasswordAttempts)
{
user.LastPasswordFailureDate = DateTime.UtcNow;
user.LastLockoutDate = DateTime.UtcNow;
user.IsLockedOut = true;
//message = "Usuário bloqueado.";
}
}
BeginTransaction();
_userRepository.Update(user);
Commit();
return(Task.FromResult(verificationSucceeded));
}
public static ClaimsIdentity ValidateLogin(User user, string password, string authenticationType)
{
if (user == null)
{
throw new Exception(Error.WrongUserNameOrPassword);
}
if (user.LockoutEnd.HasValue && DateTime.Now < user.LockoutEnd)
{
throw new Exception("Sua conta foi temporariamente bloqueada por exceder o número de tentativas inválidas, tente novamente mais tarde.");
}
if (!user.IsActive)
{
throw new Exception("O seu usuário foi desativado");
}
if (PasswordAssertionConcern.VerifyHash(password, user.Password))
{
user.AccessFailed = 0;
user.LastLogin = DateTime.Now;
user.LockoutEnd = null;
return(user.GetClaims(authenticationType));
}
if (user.AccessFailed == 5)
{
if (!user.LockoutEnd.HasValue)
{
user.LockoutEnd = DateTime.Now.AddMinutes(2);
}
}
else
{
user.AccessFailed = user.AccessFailed + 1;
}
if (user.AccessFailed > 0)
{
throw new Exception(Error.WrongUserNameOrPassword);
}
throw new Exception(Error.WrongUserNameOrPassword);
}
