public bool ChangePassword(string username, string newPassword) { bool flag = false; SystemUserWrapper user = SystemUserWrapper.GetUserByLoginID(username); if (user == null) { return(flag); } try { user.UserPassword = EncodePassword(newPassword, user.PasswordSalt); user.LastPasswordChangeDate = DateTime.Now; user.LastActivityDate = DateTime.Now; SystemUserWrapper.Update(user); flag = true; } catch { throw new MembershipPasswordException( NhibernateMembershipProviderExceptionUtil.FormatExceptionMessage(this, NHibernateProviderSR. Pwd_OpCancelledDueToAccountLocked)); } return(flag); }
public override bool UnlockUser(string userName) { bool flag = false; try { SystemUserWrapper user = SystemUserWrapper.GetUserByLoginID(userName); if (user != null) { user.IsLockedOut = false; user.LastLockedOutDate = DateTime.Now; user.LastActivityDate = DateTime.Now; SystemUserWrapper.SaveOrUpdate(user); flag = true; } } catch (Exception exception) { throw NhibernateMembershipProviderExceptionUtil.NewProviderException(this, NHibernateProviderSR. User_UnableToUnlock, exception); } return(flag); }
public override string GetPassword(string username, string answer) { string password = null; if (!EnablePasswordRetrieval) { throw NhibernateMembershipProviderExceptionUtil.NewProviderException(this, NHibernateProviderSR. Pwd_RetrievalNotEnabled); } if (MembershipPasswordFormat.Hashed == PasswordFormat) { throw NhibernateMembershipProviderExceptionUtil.NewProviderException(this, NHibernateProviderSR. Pwd_CannotRetrieveHashed); } SystemUserWrapper user = SystemUserWrapper.GetUserByLoginID(username); if (user != null) { if (RequiresQuestionAndAnswer && !CheckPassword(answer, user.PasswordAnswer, user.PasswordSalt)) { UpdateFailureCount(username, FailureType.PasswordAnswer); throw new MembershipPasswordException( NhibernateMembershipProviderExceptionUtil.FormatExceptionMessage(this, NHibernateProviderSR. Pwd_IncorrectAnswer)); } if (MembershipPasswordFormat.Encrypted == PasswordFormat) { password = UnencodePassword(password); } } return(password); }
public string EncodePassword(string password, string validationKey) { string str = password; switch (PasswordFormat) { case MembershipPasswordFormat.Clear: return(str); case MembershipPasswordFormat.Hashed: { if (string.IsNullOrEmpty(validationKey)) { validationKey = machineKey.ValidationKey; } var hmacsha = new HMACSHA1 { Key = HexToByte(validationKey) }; return(Convert.ToBase64String(hmacsha.ComputeHash(Encoding.Unicode.GetBytes(password)))); } case MembershipPasswordFormat.Encrypted: return(Convert.ToBase64String(EncryptPassword(Encoding.Unicode.GetBytes(password)))); } throw NhibernateMembershipProviderExceptionUtil.NewProviderException(this, NHibernateProviderSR. Pwd_UnsupportedFormat); }
public override bool ChangePasswordQuestionAndAnswer(string username, string password, string newPasswordQuestion, string newPasswordAnswer) { bool flag = false; if (ValidateUser(username, password)) { SystemUserWrapper user = SystemUserWrapper.GetUserByLoginID(username); if (user == null) { return(flag); } try { user.PasswordQuestion = newPasswordQuestion; user.PasswordAnswer = EncodePassword(newPasswordAnswer, user.PasswordSalt); user.LastActivityDate = DateTime.Now; SystemUserWrapper.Update(user); flag = true; } catch { throw new MembershipPasswordException( NhibernateMembershipProviderExceptionUtil.FormatExceptionMessage(this, NHibernateProviderSR. Pwd_UnableToChangeQandA)); } } return(flag); }
public override MembershipUser CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status) { var e = new ValidatePasswordEventArgs(username, password, true); OnValidatingPassword(e); if (e.Cancel) { status = MembershipCreateStatus.InvalidPassword; return(null); } if (RequiresUniqueEmail && !string.IsNullOrEmpty(GetUserNameByEmail(email))) { status = MembershipCreateStatus.DuplicateEmail; return(null); } if (SystemUserWrapper.GetUserByLoginID(username) != null) { status = MembershipCreateStatus.DuplicateUserName; return(null); } var user = new SystemUserWrapper { UserName = username, UserLoginID = username, UserPassword = EncodePassword(password, machineKey.ValidationKey), PasswordFormat = ((int)PasswordFormat), PasswordSalt = machineKey.ValidationKey, UserEmail = email, PasswordQuestion = passwordQuestion, PasswordAnswer = passwordAnswer, IsApproved = isApproved }; user.UserCreateDate = DateTime.Now; user.FailedPwdAnsAttemptWndStart = DateTime.Parse("1753-1-1"); user.LastPasswordChangeDate = DateTime.Parse("1753-1-1"); user.LastLoginDate = DateTime.Parse("1753-1-1"); user.FailedPwdAttemptWndStart = DateTime.Parse("1753-1-1"); user.LastActivityDate = DateTime.Parse("1753-1-1"); user.LastLockedOutDate = DateTime.Parse("1753-1-1"); user.Applications.Add(application); try { SystemUserWrapper.Save(user); status = MembershipCreateStatus.Success; } catch (Exception exception) { throw NhibernateMembershipProviderExceptionUtil.NewProviderException(this, NHibernateProviderSR. User_UnableToCreate, exception); } return(GetUser(username, false)); }
public override bool RoleExists(string roleName) { try { return(SystemRoleWrapper.RoleExists(roleName)); } catch (Exception exception) { throw NhibernateMembershipProviderExceptionUtil.NewProviderException(this, NHibernateProviderSR.Role_UnableToCheckIfExists, exception); } }
public override string[] GetRolesForUser(string username) { try { return(SystemUserWrapper.GetRolesForUser(username)); } catch (Exception exception) { throw NhibernateMembershipProviderExceptionUtil.NewProviderException(this, NHibernateProviderSR.Role_UnableToGetRolesForUser, exception); } }
public override string[] FindUsersInRole(string roleName, string usernameToMatch) { try { return(SystemRoleWrapper.FindUsersInRole(roleName, usernameToMatch)); } catch (Exception exception) { throw NhibernateMembershipProviderExceptionUtil.NewProviderException(this, NHibernateProviderSR.Role_UnableToFindUsersInRole, exception); } }
public override string[] GetAllRoles() { try { return(SystemRoleWrapper.GetAllRoles()); } catch (Exception exception) { throw NhibernateMembershipProviderExceptionUtil.NewProviderException(this, NHibernateProviderSR.Role_UnableToGetAllRoles, exception); } }
public override bool IsUserInRole(string username, string roleName) { try { return(SystemUserWrapper.IsUserInRole(username, roleName)); } catch (Exception exception) { throw NhibernateMembershipProviderExceptionUtil.NewProviderException(this, NHibernateProviderSR.Role_UnableToFindUserInRole, exception); } }
public override bool UnlockUser(string userName) { try { return(SystemUserWrapper.UnlockUser(userName)); } catch (Exception exception) { throw NhibernateMembershipProviderExceptionUtil.NewProviderException(this, NHibernateProviderSR. User_UnableToUnlock, exception); } }
public override void UpdateUser(MembershipUser user) { try { SystemUserWrapper.SaveOrUpdate(SystemUserWrapper.GetUserByLoginID(user.UserName).FromMembershipUser(user)); } catch (Exception exception) { throw NhibernateMembershipProviderExceptionUtil.NewProviderException(this, NHibernateProviderSR. User_UnableToUpdate, exception); } }
public override void CreateRole(string roleName) { if (this.RoleExists(roleName)) { throw NhibernateMembershipProviderExceptionUtil.NewProviderException(this, NHibernateProviderSR.Role_AlreadyExists); } try { SystemRoleWrapper.CreateRole(roleName); } catch (Exception exception) { throw NhibernateMembershipProviderExceptionUtil.NewProviderException(this, NHibernateProviderSR.Role_UnableToCreate, exception); } }
public override bool DeleteRole(string roleName, bool throwOnPopulatedRole) { if (throwOnPopulatedRole && (0 < this.GetUsersInRole(roleName).Length)) { throw NhibernateMembershipProviderExceptionUtil.NewProviderException(this, "role is not empty."); } try { return(SystemRoleWrapper.DeleteRole(roleName, throwOnPopulatedRole)); } catch (Exception exception) { throw NhibernateMembershipProviderExceptionUtil.NewProviderException(this, NHibernateProviderSR.Role_UnableToDelete, exception); } }
public override void AddUsersToRoles(string[] usernames, string[] roleNames) { int length = usernames.Length; if (length != roleNames.Length) { throw new ArgumentOutOfRangeException(NhibernateMembershipProviderExceptionUtil.FormatExceptionMessage(this, NHibernateProviderSR.Role_UserRoleParamsNotSameLength)); } try { SystemRoleWrapper.AddUsersToRoles(usernames, roleNames); } catch (Exception exception) { throw NhibernateMembershipProviderExceptionUtil.NewProviderException(this, NHibernateProviderSR.Role_UnableToAddUsersToRoles, exception); } }
public override bool DeleteUser(string username, bool deleteAllRelatedData) { bool flag = false; try { SystemUserWrapper.DeleteUser(username, deleteAllRelatedData); flag = true; } catch (Exception exception) { throw NhibernateMembershipProviderExceptionUtil.NewProviderException(this, NHibernateProviderSR. User_UnableToDelete, exception); } return(flag); }
public override int GetNumberOfUsersOnline() { int num; try { var span = new TimeSpan(0, Membership.UserIsOnlineTimeWindow, 0); DateTime time = DateTime.Now.Subtract(span); num = SystemUserWrapper.FindOnlineUsersCount(time); } catch (Exception exception) { throw NhibernateMembershipProviderExceptionUtil.NewProviderException(this, NHibernateProviderSR. User_UnableToGetOnlineNumber, exception); } return(num); }
private void UpdateLastLoginDate(string username) { SystemUserWrapper user = SystemUserWrapper.GetUserByLoginID(username); if (user != null) { try { user.LastLoginDate = DateTime.Now; SystemUserWrapper.SaveOrUpdate(user); } catch (Exception exception) { throw NhibernateMembershipProviderExceptionUtil.NewProviderException(this, NHibernateProviderSR. User_UnableToUpdateLastLoginDate, exception); } } }
public override bool ChangePassword(string username, string oldPassword, string newPassword) { bool flag = false; if (ValidateUser(username, oldPassword)) { var e = new ValidatePasswordEventArgs(username, newPassword, true); OnValidatingPassword(e); if (e.Cancel) { if (e.FailureInformation != null) { throw e.FailureInformation; } throw NhibernateMembershipProviderExceptionUtil.NewProviderException(this, NHibernateProviderSR. Pwd_ChangeCancelledDueToNewPassword); } SystemUserWrapper user = SystemUserWrapper.GetUserByLoginID(username); if (user == null) { return(flag); } try { user.UserPassword = EncodePassword(newPassword, user.PasswordSalt); user.LastPasswordChangeDate = DateTime.Now; user.LastActivityDate = DateTime.Now; SystemUserWrapper.Update(user); flag = true; } catch { throw new MembershipPasswordException( NhibernateMembershipProviderExceptionUtil.FormatExceptionMessage(this, NHibernateProviderSR. Pwd_OpCancelledDueToAccountLocked)); } } return(flag); }
/// <summary> /// ½âÃÜÃÜÂë /// </summary> /// <param name="password">ÃÜÂë</param> /// <returns>½âÃܺó½á¹û</returns> private string UnencodePassword(string password) { string s = password; switch (PasswordFormat) { case MembershipPasswordFormat.Clear: return(s); case MembershipPasswordFormat.Hashed: throw NhibernateMembershipProviderExceptionUtil.NewProviderException(this, NHibernateProviderSR. Pwd_CannotUnencodeHashed); case MembershipPasswordFormat.Encrypted: return(Encoding.Unicode.GetString(DecryptPassword(Convert.FromBase64String(s)))); } throw NhibernateMembershipProviderExceptionUtil.NewProviderException(this, NHibernateProviderSR. Pwd_UnsupportedFormat); }
public override MembershipUser GetUser(object providerUserKey, bool userIsOnline) { if (providerUserKey == null) { throw new ArgumentNullException("providerUserKey"); } SystemUserWrapper user = SystemUserWrapper.FindById(providerUserKey); if (user == null) { throw NhibernateMembershipProviderExceptionUtil.NewProviderException(this, NHibernateProviderSR. User_UnableToGet); } if (userIsOnline) { UpdateLastActivityDate(user.UserName); } return(user.ToMembershipUser(Name)); }
public override MembershipUser GetUser(string username, bool userIsOnline) { if (username == null) { throw new ArgumentNullException("username"); } SystemUserWrapper user = SystemUserWrapper.GetUserByLoginID(username); if (user == null) { throw NhibernateMembershipProviderExceptionUtil.NewProviderException(this, NHibernateProviderSR. User_UnableToGet); } if (userIsOnline) { UpdateLastActivityDate(user.UserName); } return(user.ToMembershipUser(Name)); }
private void UpdateFailureCount(string username, FailureType failureType) { SystemUserWrapper user = SystemUserWrapper.GetUserByLoginID(username); if (user != null) { DateTime now = DateTime.Now; int failedPasswordAttemptCount = 0; try { switch (failureType) { case FailureType.Password: now = user.FailedPwdAttemptWndStart; failedPasswordAttemptCount = user.FailedPwdAttemptCnt; break; case FailureType.PasswordAnswer: now = user.FailedPwdAnsAttemptWndStart; failedPasswordAttemptCount = user.FailedPwdAnsAttemptCnt; break; } DateTime time2 = now.AddMinutes(PasswordAttemptWindow); if ((failedPasswordAttemptCount == 0) || (DateTime.Now > time2)) { switch (failureType) { case FailureType.Password: user.FailedPwdAttemptWndStart = DateTime.Now; user.FailedPwdAttemptCnt = 1; goto Label_00E7; case FailureType.PasswordAnswer: user.FailedPwdAnsAttemptWndStart = DateTime.Now; user.FailedPwdAnsAttemptCnt = 1; goto Label_00E7; } } else { failedPasswordAttemptCount++; if (failedPasswordAttemptCount >= MaxInvalidPasswordAttempts) { user.IsLockedOut = true; user.LastLockedOutDate = DateTime.Now; } else { switch (failureType) { case FailureType.Password: user.FailedPwdAttemptCnt = failedPasswordAttemptCount; goto Label_00E7; case FailureType.PasswordAnswer: user.FailedPwdAnsAttemptCnt = failedPasswordAttemptCount; goto Label_00E7; } } } Label_00E7: SystemUserWrapper.SaveOrUpdate(user); } catch (Exception exception) { throw NhibernateMembershipProviderExceptionUtil.NewProviderException(this, NHibernateProviderSR. User_UnableToUpdateFailureCount, exception); } } }
public override string ResetPassword(string username, string answer) { if (!EnablePasswordReset) { throw new MembershipPasswordException( NhibernateMembershipProviderExceptionUtil.FormatExceptionMessage(this, NHibernateProviderSR. Pwd_ResetNotEnabled)); } if ((answer == null) && RequiresQuestionAndAnswer) { UpdateFailureCount(username, FailureType.PasswordAnswer); throw new MembershipPasswordException( NhibernateMembershipProviderExceptionUtil.FormatExceptionMessage(this, NHibernateProviderSR. Pwd_AnswerRequiredForReset)); } string password = Membership.GeneratePassword(minRequiredPasswordLength, MinRequiredNonAlphanumericCharacters); var e = new ValidatePasswordEventArgs(username, password, true); OnValidatingPassword(e); if (e.Cancel) { if (e.FailureInformation != null) { throw e.FailureInformation; } throw new MembershipPasswordException( NhibernateMembershipProviderExceptionUtil.FormatExceptionMessage(this, NHibernateProviderSR. Pwd_ResetCancelledDueToNewPassword)); } SystemUserWrapper user = SystemUserWrapper.GetUserByLoginID(username); if (user != null) { if (user.IsLockedOut) { throw new MembershipPasswordException( NhibernateMembershipProviderExceptionUtil.FormatExceptionMessage(this, NHibernateProviderSR. User_IsLockedOut)); } if (RequiresQuestionAndAnswer && !CheckPassword(answer, user.PasswordAnswer, user.PasswordSalt)) { UpdateFailureCount(username, FailureType.PasswordAnswer); throw new MembershipPasswordException( NhibernateMembershipProviderExceptionUtil.FormatExceptionMessage(this, NHibernateProviderSR. Pwd_IncorrectAnswer)); } try { user.UserPassword = EncodePassword(password, user.PasswordSalt); user.LastPasswordChangeDate = DateTime.Now; user.LastActivityDate = DateTime.Now; SystemUserWrapper.SaveOrUpdate(user); } catch { throw new MembershipPasswordException( NhibernateMembershipProviderExceptionUtil.FormatExceptionMessage(this, NHibernateProviderSR. Pwd_OpCancelledDueToAccountLocked)); } } return(password); }
public override void Initialize(string name, NameValueCollection config) { if (config == null) { throw new ArgumentNullException("config"); } if (string.IsNullOrEmpty(name)) { name = "NHibernateMembershipProvider"; } if (string.IsNullOrEmpty(config["description"])) { config.Remove("description"); config.Add("description", "NHibernate Membership Provider"); } base.Initialize(name, config); application = SystemApplicationWrapper.CreateOrLoadApplication( ConfigurationUtil.GetConfigValue(config["applicationName"], HostingEnvironment.ApplicationVirtualPath)); requiresQuestionAndAnswer = Convert.ToBoolean(ConfigurationUtil.GetConfigValue(config["requiresQuestionAndAnswer"], "False")); requiresUniqueEmail = Convert.ToBoolean(ConfigurationUtil.GetConfigValue(config["requiresUniqueEmail"], "True")); enablePasswordRetrieval = Convert.ToBoolean(ConfigurationUtil.GetConfigValue(config["enablePasswordRetrieval"], "True")); enablePasswordReset = Convert.ToBoolean(ConfigurationUtil.GetConfigValue(config["enablePasswordReset"], "True")); maxInvalidPasswordAttempts = Convert.ToInt32(ConfigurationUtil.GetConfigValue(config["maxInvalidPasswordAttempts"], "5")); passwordAttemptWindow = Convert.ToInt32(ConfigurationUtil.GetConfigValue(config["passwordAttemptWindow"], "10")); minRequiredPasswordLength = Convert.ToInt32(ConfigurationUtil.GetConfigValue(config["minRequiredPasswordLength"], "7")); minRequiredNonAlphanumericCharacters = Convert.ToInt32(ConfigurationUtil.GetConfigValue(config["minRequiredAlphaNumericCharacters"], "1")); passwordStrengthRegularExpression = Convert.ToString(ConfigurationUtil.GetConfigValue(config["passwordStrengthRegularExpression"], string.Empty)); string configValue = ConfigurationUtil.GetConfigValue(config["passwordFormat"], "Hashed"); if (configValue != null) { if (!(configValue == "Hashed")) { if (configValue == "Encrypted") { passwordFormat = MembershipPasswordFormat.Encrypted; goto Label_01FB; } if (configValue == "Clear") { passwordFormat = MembershipPasswordFormat.Clear; goto Label_01FB; } } else { passwordFormat = MembershipPasswordFormat.Hashed; goto Label_01FB; } } throw NhibernateMembershipProviderExceptionUtil.NewProviderException(this, "password format not supported"); Label_01FB: Configuration configuration = WebConfigurationManager.OpenWebConfiguration(HostingEnvironment.ApplicationVirtualPath); machineKey = (MachineKeySection)configuration.GetSection("system.web/machineKey"); if ("Auto".Equals(machineKey.Decryption)) { machineKey.DecryptionKey = CryptographyUtil.CreateKey(0x18); machineKey.ValidationKey = CryptographyUtil.CreateKey(0x40); } }