/// <summary> /// Resets a user's password to a new, automatically generated password. /// </summary> /// <returns> /// The new password for the specified user. /// </returns> /// <param name="username">The user to reset the password for. </param><param name="answer">The password answer for the specified user. </param> public override string ResetPassword(string username, string answer) { if (!PasswordPolicy.IsPasswordResetEnabled) { throw new NotSupportedException("Password reset is not supported."); } var user = AccountRepository.Get(username); if (PasswordPolicy.IsPasswordQuestionRequired && answer == null) { throw new MembershipPasswordException("Password answer is empty and question/answer is required."); } if (PasswordPolicy.IsPasswordQuestionRequired && !user.PasswordAnswer.Equals(answer, StringComparison.OrdinalIgnoreCase)) { return(null); } var newPassword = PasswordStrategy.GeneratePassword(PasswordPolicy); ValidatePassword(username, newPassword); var info = new AccountPasswordInfo(username, newPassword); user.Password = PasswordStrategy.Encrypt(info); user.PasswordSalt = info.PasswordSalt; AccountRepository.Update(user); return(newPassword); }
/// <summary> /// Processes a request to update the password question and answer for a membership user. /// </summary> /// <returns> /// true if the password question and answer are updated successfully; otherwise, false. /// </returns> /// <param name="username">The user to change the password question and answer for. </param><param name="password">The password for the specified user. </param><param name="newPasswordQuestion">The new password question for the specified user. </param><param name="newPasswordAnswer">The new password answer for the specified user. </param> public override bool ChangePasswordQuestionAndAnswer(string username, string password, string newPasswordQuestion, string newPasswordAnswer) { var account = AccountRepository.Get(username); if (account == null) { return(false); } var info = new AccountPasswordInfo(username, account.Password) { PasswordSalt = account.PasswordSalt }; if (PasswordStrategy.Compare(info, password)) { return(false); } account.PasswordQuestion = newPasswordAnswer; account.PasswordAnswer = newPasswordAnswer; AccountRepository.Update(account); return(true); }
//Demander un unique email... e préremplir du provider si Oauth et disponible... (exemple Facebook).. comme il semble faire pour le username (a voir) public IUser CreateOrUpdateUser(IUser user) { if (String.IsNullOrEmpty(user.Name)) { throw new MembershipCreateUserException(MembershipCreateStatus.InvalidUserName); } //if (String.IsNullOrEmpty(user.Password)) throw new MembershipCreateUserException(MembershipCreateStatus.InvalidPassword); if (String.IsNullOrEmpty(user.Email)) { throw new MembershipCreateUserException(MembershipCreateStatus.InvalidEmail); } if (user.Id.IsNullOrEmpty()) // New user... { if (UserQueries.GetUserNameByEmail(user.Email) != null) { throw new MembershipCreateUserException(MembershipCreateStatus.DuplicateEmail); } if (UserQueries.Get(user.Name) != null) { throw new MembershipCreateUserException(MembershipCreateStatus.DuplicateUserName); } user.CreatedAt = _dateTimeManager.Now(); } if (!user.ThirdPartyAuthenticationUserAccounts.Any() || !user.Password.IsNullOrEmpty()) { try { ValidatePassword(user.Name, user.Password); } catch { // not the smoothest approach, but the best // considering the inconsistent password failure handling. throw new MembershipCreateUserException(MembershipCreateStatus.InvalidPassword); } } var passwordInfo = new AccountPasswordInfo(user.Name, user.Password); user.Password = PasswordStrategy.Encrypt(passwordInfo); user.PasswordSalt = passwordInfo.PasswordSalt; var status = UserCommands.Register(user); if (status != MembershipCreateStatus.Success) { throw new MembershipCreateUserException(status); } return(user); }
public string CreatePassword(string password, PasswordStrategy strategy) { if (CheckValidation(password, strategy.GenerateRegex())) { _password = password; return(password); } else { return("Password isn't strong enough"); } }
public int SumValidPasswords(PasswordStrategy passwordStrategy) { var amount = 0; foreach (var passwordAndPolicyString in _passwordsAndPolicy) { if (PasswordValid(passwordStrategy, passwordAndPolicyString)) { amount++; } } return(amount); }
///// <summary> ///// Processes a request to update the password question and answer for a membership user. ///// </summary> ///// <returns> ///// true if the password question and answer are updated successfully; otherwise, false. ///// </returns> ///// <param name="username">The user to change the password question and answer for. </param><param name="password">The password for the specified user. </param><param name="newPasswordQuestion">The new password question for the specified user. </param><param name="newPasswordAnswer">The new password answer for the specified user. </param> //public bool ChangePasswordQuestionAndAnswer(string username, string password, string newPasswordQuestion, string newPasswordAnswer) //{ // var account = UserQueries.Get(username); // if (account == null) // return false; // var info = new AccountPasswordInfo(username, account.Password) // { // PasswordSalt = account.PasswordSalt // }; // if (PasswordStrategy.Compare(info, password)) // return false; // account.PasswordQuestion = newPasswordAnswer; // account.PasswordAnswer = newPasswordAnswer; // AccountRepository.Update(account); // return true; //} ///// <summary> ///// Gets the password for the specified user name from the data source. ///// </summary> ///// <returns> ///// The password for the specified user name. ///// </returns> ///// <param name="username">The user to retrieve the password for. </param><param name="answer">The password answer for the user. </param> //public string GetPassword(string username, string answer) //{ // if (!PasswordPolicy.IsPasswordRetrievalEnabled || !PasswordStrategy.IsPasswordsDecryptable) // throw new ProviderException("Password retrieval is not supported"); // var account = UserQueries.Get(username); // if (!account.PasswordAnswer.Equals(answer, StringComparison.OrdinalIgnoreCase)) // throw new MembershipPasswordException("Answer to Password question was incorrect."); // return PasswordStrategy.Decrypt(account.Password); //} ///// <summary> ///// Resets a user's password to a new, automatically generated password. ///// </summary> ///// <returns> ///// The new password for the specified user. ///// </returns> ///// <param name="username">The user to reset the password for. </param><param name="answer">The password answer for the specified user. </param> //public string ResetPassword(string username, string answer) //{ // if (!PasswordPolicy.IsPasswordResetEnabled) // throw new NotSupportedException("Password reset is not supported."); // var user = UserQueries.Get(username); // if (PasswordPolicy.IsPasswordQuestionRequired && answer == null) // throw new MembershipPasswordException("Password answer is empty and question/answer is required."); // if (!user.PasswordAnswer.Equals(answer, StringComparison.OrdinalIgnoreCase)) // return null; // var newPassword = PasswordStrategy.GeneratePassword(PasswordPolicy); // ValidatePassword(username, newPassword); // var info = new AccountPasswordInfo(username, newPassword); // user.Password = PasswordStrategy.Encrypt(info); // user.PasswordSalt = info.PasswordSalt; // AccountRepository.Update(user); // return newPassword; //} private void ValidatePassword(string username, string clearTextPassword) { if (!PasswordStrategy.IsValid(clearTextPassword, PasswordPolicy)) { throw new MembershipPasswordException("Password failed validation"); } var args = new ValidatePasswordEventArgs(username, clearTextPassword, false); if (args.FailureInformation != null) { throw args.FailureInformation; } }
///// <summary> ///// Updates information about a user in the data source. ///// </summary> ///// <param name="user">A <see cref="T:System.Web.Security.IUser"/> object that represents the user to update and the updated information for the user. </param> //public void UpdateUser(IUser user) //{ // var account = UserQueries.Get(user.UserName); // Merge(user, account); // AccountRepository.Update(account); //} //private void Merge(IUser user, IUser account) //{ // account.Comment = user.Comment; // account.IsApproved = user.IsApproved; // account.Email = user.Email; // account.PasswordQuestion = user.PasswordQuestion; // account.IsLockedOut = user.IsLockedOut; // //account.IsOnline = user.IsOnline; // account.LastActivityAt = user.LastActivityDate; // account.LastLockedOutAt = user.LastLockoutDate; // account.LastPasswordChangeAt = user.LastPasswordChangedDate; // account.ProviderUserKey = user.ProviderUserKey; // account.Name = user.UserName; //} /// <summary> /// Verifies that the specified user name and password exist in the data source. /// </summary> /// <returns> /// true if the specified username and password are valid; otherwise, false. /// </returns> /// <param name="username">The name of the user to validate. </param><param name="password">The password for the specified user. </param> public bool ValidateUser(string username, string password) { if (String.IsNullOrEmpty(username)) { throw new ArgumentException("Value cannot be null or empty.", "username"); } if (String.IsNullOrEmpty(password)) { throw new ArgumentException("Value cannot be null or empty.", "password"); } var user = UserQueries.Get(username); if (user == null || user.IsLockedOut) { return(false); } var passwordInfo = user.CreatePasswordInfo(); var validated = PasswordStrategy.Compare(passwordInfo, password); var now = _dateTimeManager.Now(); if (validated) { user.LastLoginAt = now; user.FailedPasswordWindowStartedAt = null; user.FailedPasswordWindowAttemptCount = 0; UserCommands.Update(user); return(true); } user.FailedPasswordWindowAttemptCount += 1; if (!user.FailedPasswordWindowStartedAt.HasValue) { user.FailedPasswordAnswerWindowStartedAt = now; } else if (now.Subtract(user.FailedPasswordAnswerWindowStartedAt.Value).TotalMinutes > PasswordPolicy.PasswordAttemptWindow) { user.IsLockedOut = true; user.LastLockedOutAt = now; UserCommands.Update(user); } return(false); }
/// <summary> /// Gets the password for the specified user name from the data source. /// </summary> /// <returns> /// The password for the specified user name. /// </returns> /// <param name="username">The user to retrieve the password for. </param><param name="answer">The password answer for the user. </param> public override string GetPassword(string username, string answer) { if (!PasswordPolicy.IsPasswordRetrievalEnabled || !PasswordStrategy.IsPasswordsDecryptable) { throw new ProviderException("Password retrieval is not supported"); } var account = AccountRepository.Get(username); if (!account.PasswordAnswer.Equals(answer, StringComparison.OrdinalIgnoreCase)) { throw new MembershipPasswordException("Answer to Password question was incorrect."); } return(PasswordStrategy.Decrypt(account.Password)); }
public Sysuser(string loginName, string password) { if (string.IsNullOrEmpty(loginName)) { throw new BaseException("登录名不能为空"); } if (string.IsNullOrEmpty(password) || password.Length < 6) { throw new BaseException("登录名密码不能少于6位"); } Salt = Guid.NewGuid().ToString(); LoginName = loginName; PasswordHash = PasswordStrategy.CreateWithMD5(password + Salt + _passwordStr); IsEnabled = true; }
/// <summary> /// Adds a new membership user to the data source. /// </summary> /// <returns> /// A <see cref="T:System.Web.Security.MembershipUser"/> object populated with the information for the newly created user. /// </returns> /// <param name="username">The user name for the new user. </param><param name="password">The password for the new user. </param><param name="email">The e-mail address for the new user.</param><param name="passwordQuestion">The password question for the new user.</param><param name="passwordAnswer">The password answer for the new user</param><param name="isApproved">Whether or not the new user is approved to be validated.</param><param name="providerUserKey">The unique identifier from the membership data source for the user.</param><param name="status">A <see cref="T:System.Web.Security.MembershipCreateStatus"/> enumeration value indicating whether the user was created successfully.</param> public override MembershipUser CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status) { if (AccountRepository.IsUniqueEmailRequired && AccountRepository.GetUserNameByEmail(email) != null) { status = MembershipCreateStatus.DuplicateEmail; return(null); } if (AccountRepository.Get(username) != null) { status = MembershipCreateStatus.DuplicateUserName; return(null); } try { ValidatePassword(username, password); } catch { // not the smoothest approach, but the best // considering the inconsistent password failure handling. status = MembershipCreateStatus.InvalidPassword; return(null); } var account = AccountRepository.Create(providerUserKey, ApplicationName, username, email); var passwordInfo = new AccountPasswordInfo(username, password); account.Password = PasswordStrategy.Encrypt(passwordInfo); account.PasswordSalt = passwordInfo.PasswordSalt; account.PasswordAnswer = passwordAnswer; account.PasswordQuestion = passwordQuestion; status = AccountRepository.Register(account); if (status == MembershipCreateStatus.Success) { return(CloneUser(account)); } return(null); }
/// <summary> /// Processes a request to update the password for a membership user. /// </summary> /// <returns> /// true if the password was updated successfully; otherwise, false. /// </returns> /// <param name="username">The user to update the password for. </param><param name="oldPassword">The current password for the specified user. </param><param name="newPassword">The new password for the specified user. </param> public override bool ChangePassword(string username, string oldPassword, string newPassword) { var account = AccountRepository.Get(username); var pwInfo = account.CreatePasswordInfo(); if (!PasswordStrategy.Compare(pwInfo, oldPassword)) { return(false); } ValidatePassword(username, newPassword); account.Password = newPassword; pwInfo = account.CreatePasswordInfo(); account.Password = PasswordStrategy.Encrypt(pwInfo); AccountRepository.Update(account); return(true); }
public bool ChangePassword(string username, string oldPassword, string newPassword) { if (String.IsNullOrEmpty(username)) { throw new ArgumentException("Value cannot be null or empty.", "username"); } if (String.IsNullOrEmpty(oldPassword)) { throw new ArgumentException("Value cannot be null or empty.", "oldPassword"); } if (String.IsNullOrEmpty(newPassword)) { throw new ArgumentException("Value cannot be null or empty.", "newPassword"); } // The underlying ChangePassword() will throw an exception rather // than return false in certain failure scenarios. try { var account = UserQueries.Get(username); var pwInfo = account.CreatePasswordInfo(); if (!PasswordStrategy.Compare(pwInfo, oldPassword)) { return(false); } ValidatePassword(username, newPassword); account.Password = newPassword; pwInfo = account.CreatePasswordInfo(); account.Password = PasswordStrategy.Encrypt(pwInfo); UserCommands.Update(account); return(true); } catch (ArgumentException) { return(false); } catch (MembershipPasswordException) { return(false); } }
private static bool PasswordValid(PasswordStrategy passwordStrategy, string passwordAndPolicyString) { var passwordAndPolicy = new PasswordAndPolicy(passwordAndPolicyString); var policyLeast = passwordAndPolicy.PolicyLeast; var policyMost = passwordAndPolicy.PolicyMost; var character = passwordAndPolicy.Character; var password = passwordAndPolicy.Password; switch (passwordStrategy) { case PasswordStrategy.CharacterPosition: return ((password[policyLeast - 1] == character && password[policyMost - 1] != character) || (password[policyLeast - 1] != character && password[policyMost - 1] == character)); case PasswordStrategy.MinMaxCharacters: var count = password.Count(s => s == character); return(count >= policyLeast && count <= policyMost); default: throw new ArgumentOutOfRangeException(nameof(passwordStrategy)); } }
/// <summary> /// Verifies that the specified user name and password exist in the data source. /// </summary> /// <returns> /// true if the specified username and password are valid; otherwise, false. /// </returns> /// <param name="username">The name of the user to validate. </param><param name="password">The password for the specified user. </param> public override bool ValidateUser(string username, string password) { var user = AccountRepository.Get(username); if (user == null || user.IsLockedOut) { return(false); } var passwordInfo = user.CreatePasswordInfo(); var validated = PasswordStrategy.Compare(passwordInfo, password); if (validated) { user.LastLoginAt = DateTime.Now; user.FailedPasswordWindowStartedAt = DateTime.MinValue; user.FailedPasswordWindowAttemptCount = 0; AccountRepository.Update(user); return(true); } user.FailedPasswordWindowAttemptCount += 1; if (user.FailedPasswordWindowStartedAt == DateTime.MinValue) { user.FailedPasswordAnswerWindowStartedAt = DateTime.Now; } else if (DateTime.Now.Subtract(user.FailedPasswordAnswerWindowStartedAt).TotalMinutes > PasswordPolicy.PasswordAttemptWindow) { user.IsLockedOut = true; user.LastLockedOutAt = DateTime.Now; AccountRepository.Update(user); } return(false); }
/// <summary> /// 检查密码是否正确 /// </summary> /// <param name="password">密码</param> /// <returns></returns> public bool CheckPassword(string password) { return(PasswordStrategy.CreateWithMD5(password + Salt + _passwordStr) == PasswordHash); }