/// <summary> /// 验证提供的用户名和密码是否匹配 /// </summary> /// <param name="username">用户名</param> /// <param name="password">密码</param> /// <returns>返回<see cref="UserLoginStatus"/></returns> public UserLoginStatus ValidateUser(string username, string password) { long userId = UserIdToUserNameDictionary.GetUserId(username); User user = userRepository.Get(userId); if (user == null) { return(UserLoginStatus.InvalidCredentials); } if (!UserPasswordHelper.CheckPassword(password, user.Password, (UserPasswordFormat)user.PasswordFormat)) { return(UserLoginStatus.InvalidCredentials); } if (!user.IsActivated) { return(UserLoginStatus.NotActivated); } if (user.IsBanned) { if (user.BanDeadline >= DateTime.UtcNow) { return(UserLoginStatus.Banned); } else { user.IsBanned = false; user.BanDeadline = DateTime.UtcNow; userRepository.Update(user); } } return(UserLoginStatus.Success); }
/// <summary> /// 重设密码(无需验证当前密码,供管理员或忘记密码时使用) /// </summary> /// <param name="username">用户名</param> /// <param name="newPassword">新密码</param> /// <remarks>成功时,会自动发送密码已修改邮件</remarks> /// <returns>更新成功返回true,否则返回false</returns> public bool ResetPassword(string username, string newPassword) { long userId = userRepository.GetUserIdByUserName(username); User user = userRepository.Get(userId); if (user == null) { return(false); } string storedPassword = UserPasswordHelper.EncodePassword(newPassword, (UserPasswordFormat)user.PasswordFormat); EventBus <User> .Instance().OnBefore(user, new CommonEventArgs(EventOperationType.Instance().ResetPassword())); bool result = userRepository.ResetPassword(user, storedPassword); if (result) { EventBus <User> .Instance().OnAfter(user, new CommonEventArgs(EventOperationType.Instance().ResetPassword())); } return(result); }
/// <summary> /// 创建用户 /// </summary> /// <param name="user">待创建的用户</param> /// <param name="password">密码</param> /// <param name="passwordQuestion">密码问题</param> /// <param name="passwordAnswer">密码答案</param> /// <param name="ignoreDisallowedUsername">是否忽略禁用的用户名称</param> /// <param name="userCreateStatus">用户帐号创建状态</param> /// <returns>创建成功返回IUser,创建失败返回null</returns> public IUser CreateUser(IUser user, string password, string passwordQuestion, string passwordAnswer, bool ignoreDisallowedUsername, out UserCreateStatus userCreateStatus) { User user_object = user as User; if (user_object == null) { userCreateStatus = UserCreateStatus.UnknownFailure; return(null); } //密码不合法 string errorMessage = string.Empty; if (!Utility.ValidatePassword(password, out errorMessage)) { userCreateStatus = UserCreateStatus.InvalidPassword; return(null); } ISettingsManager <UserSettings> userSettingsManager = DIContainer.Resolve <ISettingsManager <UserSettings> >(); UserSettings userSettings = userSettingsManager.Get(); user_object.PasswordFormat = (int)userSettings.UserPasswordFormat; user_object.Password = UserPasswordHelper.EncodePassword(password, userSettings.UserPasswordFormat); user_object.PasswordQuestion = passwordQuestion; user_object.PasswordAnswer = passwordAnswer; user_object.IsModerated = userSettings.AutomaticModerated; EventBus <User, CreateUserEventArgs> .Instance().OnBefore(user_object, new CreateUserEventArgs(password)); user = userRepository.CreateUser(user_object, ignoreDisallowedUsername, out userCreateStatus); if (userCreateStatus == UserCreateStatus.Created) { EventBus <User, CreateUserEventArgs> .Instance().OnAfter(user_object, new CreateUserEventArgs(password)); } return(user); }