public bool ChangePassword(string email, string currentPassword, string newPassword) { if (string.IsNullOrEmpty(email)) { return(false); } if (string.IsNullOrEmpty(currentPassword)) { return(false); } if (string.IsNullOrEmpty(newPassword)) { return(false); } var user = GetByUserEmail(email); if (user == null) { return(false); } var hashedPassword = user.Password; var verificationSucceeded = hashedPassword != null && PasswordAssertionConcern.VerifyHash(currentPassword, hashedPassword); if (verificationSucceeded) { user.PasswordFailuresSinceLastSuccess = 0; } else { var failures = user.PasswordFailuresSinceLastSuccess; if (failures < User.MaxInvalidPasswordAttempts) { user.PasswordFailuresSinceLastSuccess += 1; user.LastPasswordFailureDate = DateTime.UtcNow; } else if (failures >= User.MaxInvalidPasswordAttempts) { user.LastPasswordFailureDate = DateTime.UtcNow; user.LastLockoutDate = DateTime.UtcNow; user.IsLockedOut = true; } BeginTransaction(); _userRepository.Update(user); Commit(); return(false); } var newHashedPassword = PasswordAssertionConcern.ComputeHash(newPassword, "SHA512", null); user.Password = newHashedPassword; user.LastPasswordChangedDate = DateTime.UtcNow; BeginTransaction(); _userRepository.Update(user); Commit(); return(true); }
public Task <bool> CheckPasswordAsync(User user, string password) { //message = string.Empty; if (!user.IsApproved) /*message = "Usuário desativado.";*/ return { (Task.FromResult(false)); } if (user.LastLockoutDate.HasValue) { var timeout = user.LastLockoutDate.Value.AddMinutes(User.PasswordAnswerAttemptLockoutDuration); if (user.IsLockedOut && timeout >= DateTime.UtcNow) /*message = "Usuário bloqueado.";*/ return { (Task.FromResult(false)); } if (user.IsLockedOut && timeout < DateTime.UtcNow) { UnlockUser(user); } } var verificationSucceeded = user.Password != null && PasswordAssertionConcern.VerifyHash(password, user.Password); if (verificationSucceeded) { user.PasswordFailuresSinceLastSuccess = 0; user.LastLoginDate = DateTime.UtcNow; user.LastActivityDate = DateTime.UtcNow; user.IsLockedOut = false; } else { var failures = user.PasswordFailuresSinceLastSuccess; if (failures < User.MaxInvalidPasswordAttempts) { user.PasswordFailuresSinceLastSuccess += 1; user.LastPasswordFailureDate = DateTime.UtcNow; //message = "O email ou senha está incorreta."; } else if (failures >= User.MaxInvalidPasswordAttempts) { user.LastPasswordFailureDate = DateTime.UtcNow; user.LastLockoutDate = DateTime.UtcNow; user.IsLockedOut = true; //message = "Usuário bloqueado."; } } BeginTransaction(); _userRepository.Update(user); Commit(); return(Task.FromResult(verificationSucceeded)); }
public static ClaimsIdentity ValidateLogin(User user, string password, string authenticationType) { if (user == null) { throw new Exception(Error.WrongUserNameOrPassword); } if (user.LockoutEnd.HasValue && DateTime.Now < user.LockoutEnd) { throw new Exception("Sua conta foi temporariamente bloqueada por exceder o número de tentativas inválidas, tente novamente mais tarde."); } if (!user.IsActive) { throw new Exception("O seu usuário foi desativado"); } if (PasswordAssertionConcern.VerifyHash(password, user.Password)) { user.AccessFailed = 0; user.LastLogin = DateTime.Now; user.LockoutEnd = null; return(user.GetClaims(authenticationType)); } if (user.AccessFailed == 5) { if (!user.LockoutEnd.HasValue) { user.LockoutEnd = DateTime.Now.AddMinutes(2); } } else { user.AccessFailed = user.AccessFailed + 1; } if (user.AccessFailed > 0) { throw new Exception(Error.WrongUserNameOrPassword); } throw new Exception(Error.WrongUserNameOrPassword); }