public static void ValidateEmailVerificationTicket(Person pers, string token) { if (token.Length != EmailVerificationTicketLength) { throw new VerificationTicketLengthException("Wrong length of code, should be " + EmailVerificationTicketLength + " characters."); } string storedTicket = pers.ResetPasswordTicket; string[] storedParts = storedTicket.Split(new[] { ';' }); if (storedParts.Length < 2) { throw new VerificationTicketWrongException("No such code exists."); } DateTime createdTime = DateTime.MinValue; DateTime.TryParseExact(storedParts[1].Trim(), "yyyy-MM-dd HH:mm:ss", CultureInfo.InvariantCulture, DateTimeStyles.None, out createdTime); if (DateTime.Now.Subtract(createdTime).TotalHours > 10) { throw new VerificationTicketTooOldException( "Verification code too old, it must be used within 10 hours."); } if (SHA1.Hash(token) == storedParts[0]) { // Yes, proceed to next step } else { throw new VerificationTicketWrongException("Wrong verification code."); } }
public static void ValidateRequestActivistSignoffProcess(Person p, string code) { string encodedPasswordTicket = SHA1.Hash(p.Identity.ToString(CultureInfo.InvariantCulture)).Replace(" ", "").Substring(0, 4) + p.Identity.ToString(); if (code != encodedPasswordTicket) { throw new VerificationTicketWrongException("No such code exists."); } }
/// <summary> /// Generates password hashes for legacy passwords in system (that are no longer generated). /// </summary> /// <param name="person">The person to generate a hash for.</param> /// <param name="password">The password to hash.</param> /// <returns>A list of previously valid password hashes.</returns> private static string[] GenerateLegacyPasswordHashes(Person person, string password) { if (person.PersonalNumber.Length > 0) { return(new[] { SHA1.Hash(password + person.Identity + "Pirate"), MD5.Hash(password + person.PersonalNumber + "Pirate") }); } else { return new[] { SHA1.Hash(password + person.Identity + "Pirate") } }; }
/// <summary> /// Generates password hashes for legacy passwords in system (that are no longer generated). /// </summary> /// <param name="person">The person to generate a hash for.</param> /// <param name="password">The password to hash.</param> /// <returns>A list of previously valid password hashes.</returns> private static string[] GenerateLegacyPasswordHashes(Person person, string password) { // Calling Obsolete Property is valid here since we are generationg legacy hashes. #pragma warning disable 618 if (person.PersonalNumber.Length > 0) { return(new[] { SHA1.Hash(password + person.Identity + "Pirate"), MD5.Hash(password + person.PersonalNumber + "Pirate") }); } return(new[] { SHA1.Hash(password + person.Identity + "Pirate") }); #pragma warning restore 618 }
public static void RequestMembershipConfirmation(Person p, string URL) { string passwordTicket = CreateRandomPassword(EmailVerificationTicketLength); string encodedPasswordTicket = SHA1.Hash(passwordTicket); p.ResetPasswordTicket = encodedPasswordTicket + ";" + DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"); string mailbody = ""; App_LocalResources.Authentication.Culture = CultureInfo.GetCultureInfo(p.PreferredCulture); mailbody = App_LocalResources.Authentication.MembershipConf_Mail_Preamble; mailbody += "\r\n" + String.Format(URL, p.PersonId, passwordTicket); mailbody += App_LocalResources.Authentication.MembershipConf_Mail_Ending; p.SendNotice(App_LocalResources.Authentication.MembershipConf_Mail_Subject, mailbody, 1); }
public static Person RequestActivistSignoffProcess(string eMail, string URL) { int personID = 0; int.TryParse(eMail, out personID); Person authenticatedUser = null; People candidatePeople = null; bool personIsActivist = false; if (personID == 0) { BasicPerson[] people = SwarmDb.GetDatabaseForReading().GetPeopleFromEmailPattern(eMail.ToLower().Replace("%", "").Trim()); candidatePeople = People.FromArray(people); // if multiple people share same e-mail, suppose the last one registered is the one to change. foreach (Person p in candidatePeople) { if (authenticatedUser == null || authenticatedUser.PersonId < p.PersonId && p.IsActivist) { authenticatedUser = p; } } } else { candidatePeople = People.FromIdentities(new[] { personID }); if (candidatePeople.Count > 0) { authenticatedUser = candidatePeople[0]; } } if (authenticatedUser == null) { return(null); } //TODO: Localize string mailbody = ""; App_LocalResources.Authentication.Culture = CultureInfo.InvariantCulture; if (candidatePeople.Count == 1 && candidatePeople[0].IsActivist) { personIsActivist = true; Person p = candidatePeople[0]; if (App_LocalResources.Authentication.Culture == CultureInfo.InvariantCulture) { App_LocalResources.Authentication.Culture = CultureInfo.GetCultureInfo(p.PreferredCulture); } string encodedPasswordTicket = SHA1.Hash(p.Identity.ToString(CultureInfo.InvariantCulture)).Replace(" ", "").Substring(0, 4) + p.Identity; mailbody = App_LocalResources.Authentication.RequestActivistSignoff_Mail_Preamble; mailbody += App_LocalResources.Authentication.RequestActivistSignoff_Mail_ClickOneLink; mailbody += "\r\n" + String.Format(URL, encodedPasswordTicket); } else { string links = ""; foreach (Person p in candidatePeople) { Memberships msList = p.GetMemberships(); if (msList.Count == 0 && p.IsActivist) { personIsActivist = true; if (App_LocalResources.Authentication.Culture == CultureInfo.InvariantCulture) { App_LocalResources.Authentication.Culture = CultureInfo.GetCultureInfo(p.PreferredCulture); } string encodedPasswordTicket = GenerateNewPasswordHash(p, p.Identity.ToString()).Replace(" ", "").Substring(0, 4) + p.Identity; links += "\r\n\r\n"; links += "#" + p.PersonId; links += "\r\n" + String.Format(URL, encodedPasswordTicket); } } mailbody = App_LocalResources.Authentication.RequestActivistSignoff_Mail_Preamble; mailbody += App_LocalResources.Authentication.RequestActivistSignoff_Mail_ClickOneOfLinks; mailbody += links; } mailbody += App_LocalResources.Authentication.RequestActivistSignoff_Mail_Ending; if (personIsActivist) { authenticatedUser.SendNotice(App_LocalResources.Authentication.RequestActivistSignoff_Mail_Subject, mailbody, 1); } return(authenticatedUser); }