public override bool ChangePassword(string username, string oldPassword, string newPassword)
{
// from the OneWeb membership provider oldPassword is now no longer supplied when user forgets password which calls changes password in the provider
if (String.IsNullOrEmpty(oldPassword))
{
SimpleAES aes = new SimpleAES();
string pw = aes.Encrypt(newPassword);
MembershipBs mr = new MembershipBs();
UserProfile up = mr.GetUserProfile(username);
up.password = pw;
mr.ProcessNurseProfile(up);
return(true);
}
else // we can validate the user
{
if (ValidateUser(username, oldPassword))
{
SimpleAES aes = new SimpleAES();
string pw = aes.Encrypt(newPassword);
MembershipBs mr = new MembershipBs();
UserProfile up = mr.GetUserProfile(username);
up.password = pw;
mr.ProcessNurseProfile(up);
return(true);
}
return(false);
}
}
public UserProfile GetUserProfile(string username, string password)
{
SimpleAES aes = new SimpleAES();
//var q = db.UserProfiles.Where(up => up.username == username && up.Nurse.employmentStatusId != (byte)EmploymentStatus.Inactive && up.Nurse.employmentStatusId != (byte)EmploymentStatus.Retired).ToList();
var q = db.UserProfiles.Where(up => up.username == username).ToList();
return(q.Where(up => aes.Decrypt(up.password) == password).SingleOrDefault());
}
public UserProfile CreateUserProfile(string username, string password, string email)
{
UserProfile up = new UserProfile();
SimpleAES aes = new SimpleAES();
up.username = username;
//up.password = password;
up.password = aes.Encrypt(password);
up.email = email;
up.creationDate = DateTime.Now;
db.UserProfiles.InsertOnSubmit(up);
db.SubmitChanges();
return(up);
}