コード例 #1
0
        /// <summary>
        /// Processes a request to update the password question and answer for a membership user.
        /// </summary>
        /// <returns>
        /// true if the password question and answer are updated successfully; otherwise, false.
        /// </returns>
        /// <param name="username">The user to change the password question and answer for. </param><param name="password">The password for the specified user. </param><param name="newPasswordQuestion">The new password question for the specified user. </param><param name="newPasswordAnswer">The new password answer for the specified user. </param>
        public override bool ChangePasswordQuestionAndAnswer(string username, string password,
                                                             string newPasswordQuestion, string newPasswordAnswer)
        {
            var account = AccountRepository.Get(username);

            if (account == null)
            {
                return(false);
            }

            var info = new AccountPasswordInfo(username, account.Password)
            {
                PasswordSalt = account.PasswordSalt
            };

            if (PasswordStrategy.Compare(info, password))
            {
                return(false);
            }

            account.PasswordQuestion = newPasswordAnswer;
            account.PasswordAnswer   = newPasswordAnswer;
            AccountRepository.Update(account);
            return(true);
        }
コード例 #2
0
        ///// <summary>
        ///// Updates information about a user in the data source.
        ///// </summary>
        ///// <param name="user">A <see cref="T:System.Web.Security.IUser"/> object that represents the user to update and the updated information for the user. </param>
        //public  void UpdateUser(IUser user)
        //{
        //    var account = UserQueries.Get(user.UserName);
        //    Merge(user, account);
        //    AccountRepository.Update(account);
        //}

        //private void Merge(IUser user, IUser account)
        //{
        //    account.Comment = user.Comment;
        //    account.IsApproved = user.IsApproved;
        //    account.Email = user.Email;
        //    account.PasswordQuestion = user.PasswordQuestion;
        //    account.IsLockedOut = user.IsLockedOut;
        //    //account.IsOnline = user.IsOnline;
        //    account.LastActivityAt = user.LastActivityDate;
        //    account.LastLockedOutAt = user.LastLockoutDate;
        //    account.LastPasswordChangeAt = user.LastPasswordChangedDate;
        //    account.ProviderUserKey = user.ProviderUserKey;
        //    account.Name = user.UserName;
        //}

        /// <summary>
        /// Verifies that the specified user name and password exist in the data source.
        /// </summary>
        /// <returns>
        /// true if the specified username and password are valid; otherwise, false.
        /// </returns>
        /// <param name="username">The name of the user to validate. </param><param name="password">The password for the specified user. </param>
        public bool ValidateUser(string username, string password)
        {
            if (String.IsNullOrEmpty(username))
            {
                throw new ArgumentException("Value cannot be null or empty.", "username");
            }
            if (String.IsNullOrEmpty(password))
            {
                throw new ArgumentException("Value cannot be null or empty.", "password");
            }

            var user = UserQueries.Get(username);

            if (user == null || user.IsLockedOut)
            {
                return(false);
            }

            var passwordInfo = user.CreatePasswordInfo();
            var validated    = PasswordStrategy.Compare(passwordInfo, password);
            var now          = _dateTimeManager.Now();


            if (validated)
            {
                user.LastLoginAt = now;
                user.FailedPasswordWindowStartedAt    = null;
                user.FailedPasswordWindowAttemptCount = 0;
                UserCommands.Update(user);
                return(true);
            }

            user.FailedPasswordWindowAttemptCount += 1;

            if (!user.FailedPasswordWindowStartedAt.HasValue)
            {
                user.FailedPasswordAnswerWindowStartedAt = now;
            }
            else if (now.Subtract(user.FailedPasswordAnswerWindowStartedAt.Value).TotalMinutes >
                     PasswordPolicy.PasswordAttemptWindow)
            {
                user.IsLockedOut     = true;
                user.LastLockedOutAt = now;
                UserCommands.Update(user);
            }

            return(false);
        }
コード例 #3
0
        /// <summary>
        /// Processes a request to update the password for a membership user.
        /// </summary>
        /// <returns>
        /// true if the password was updated successfully; otherwise, false.
        /// </returns>
        /// <param name="username">The user to update the password for. </param><param name="oldPassword">The current password for the specified user. </param><param name="newPassword">The new password for the specified user. </param>
        public override bool ChangePassword(string username, string oldPassword, string newPassword)
        {
            var account = AccountRepository.Get(username);
            var pwInfo  = account.CreatePasswordInfo();

            if (!PasswordStrategy.Compare(pwInfo, oldPassword))
            {
                return(false);
            }

            ValidatePassword(username, newPassword);

            account.Password = newPassword;
            pwInfo           = account.CreatePasswordInfo();
            account.Password = PasswordStrategy.Encrypt(pwInfo);
            AccountRepository.Update(account);
            return(true);
        }
コード例 #4
0
        public bool ChangePassword(string username, string oldPassword, string newPassword)
        {
            if (String.IsNullOrEmpty(username))
            {
                throw new ArgumentException("Value cannot be null or empty.", "username");
            }
            if (String.IsNullOrEmpty(oldPassword))
            {
                throw new ArgumentException("Value cannot be null or empty.", "oldPassword");
            }
            if (String.IsNullOrEmpty(newPassword))
            {
                throw new ArgumentException("Value cannot be null or empty.", "newPassword");
            }

            // The underlying ChangePassword() will throw an exception rather
            // than return false in certain failure scenarios.
            try
            {
                var account = UserQueries.Get(username);
                var pwInfo  = account.CreatePasswordInfo();
                if (!PasswordStrategy.Compare(pwInfo, oldPassword))
                {
                    return(false);
                }

                ValidatePassword(username, newPassword);

                account.Password = newPassword;
                pwInfo           = account.CreatePasswordInfo();
                account.Password = PasswordStrategy.Encrypt(pwInfo);
                UserCommands.Update(account);

                return(true);
            }
            catch (ArgumentException)
            {
                return(false);
            }
            catch (MembershipPasswordException)
            {
                return(false);
            }
        }
コード例 #5
0
        /// <summary>
        /// Verifies that the specified user name and password exist in the data source.
        /// </summary>
        /// <returns>
        /// true if the specified username and password are valid; otherwise, false.
        /// </returns>
        /// <param name="username">The name of the user to validate. </param><param name="password">The password for the specified user. </param>
        public override bool ValidateUser(string username, string password)
        {
            var user = AccountRepository.Get(username);

            if (user == null || user.IsLockedOut)
            {
                return(false);
            }

            var passwordInfo = user.CreatePasswordInfo();
            var validated    = PasswordStrategy.Compare(passwordInfo, password);

            if (validated)
            {
                user.LastLoginAt = DateTime.Now;
                user.FailedPasswordWindowStartedAt    = DateTime.MinValue;
                user.FailedPasswordWindowAttemptCount = 0;
                AccountRepository.Update(user);
                return(true);
            }

            user.FailedPasswordWindowAttemptCount += 1;
            if (user.FailedPasswordWindowStartedAt == DateTime.MinValue)
            {
                user.FailedPasswordAnswerWindowStartedAt = DateTime.Now;
            }
            else if (DateTime.Now.Subtract(user.FailedPasswordAnswerWindowStartedAt).TotalMinutes >
                     PasswordPolicy.PasswordAttemptWindow)
            {
                user.IsLockedOut     = true;
                user.LastLockedOutAt = DateTime.Now;
                AccountRepository.Update(user);
            }

            return(false);
        }