/// <summary>
/// Validate the user
/// </summary>
/// <param name="loginUserName">The login username</param>
/// <param name="loginPassword">The login password</param>
/// <returns>The validated user; else null</returns>
public virtual Data.User Validate(string loginUserName, string loginPassword)
{
Data.User user = null;
try
{
// Find the user.
user = Select.SelectDataEntity(u => (u.LoginUserName == loginUserName));
// If user exists.
if (user != null)
{
// Encode password.
Nequeo.Cryptography.IPasswordEncryption encoder = PasswordAuthorisationCode.GetEncoder();
string password = encoder.Decode(user.LoginPassword, encoder.PasswordFormat, loginPassword);
// If not equal then reject.
if (password != loginPassword)
{
user = null;
}
}
}
catch { user = null; }
// Return the user.
return(user);
}
/// <summary>
/// Encode the password.
/// </summary>
/// <param name="user">The user data.</param>
/// <param name="encode">Encode the user.</param>
private void EncodePassword(Data.User user, bool encode = true)
{
Nequeo.Cryptography.IPasswordEncryption encoder = PasswordAuthorisationCode.GetEncoder();
// Get the current user.
Data.User current = new Data.DataContext().Users.First(u => u.UserID == user.UserID);
string currentPasswordEncoded = current.Password;
string passwordEncoded = encoder.Encode(user.Password, encoder.PasswordFormat);
string currentPasswordAnswerEncoded = current.PasswordAnswer;
string passwordAnswerEncoded = encoder.Encode(user.PasswordAnswer, encoder.PasswordFormat);
// If password is different.
if (user.Password != currentPasswordEncoded)
{
// If the passwords do not match.
if (currentPasswordEncoded != passwordEncoded)
{
// Encode password.
user.Password = passwordEncoded;
}
}
// If password is different.
if (user.PasswordAnswer != currentPasswordAnswerEncoded)
{
// If the passwords do not match.
if (currentPasswordAnswerEncoded != passwordAnswerEncoded)
{
// Encode password.
user.PasswordAnswer = passwordAnswerEncoded;
}
}
}
/// <summary>
/// Validates the current user credentials.
/// </summary>
/// <param name="username">The login username.</param>
/// <param name="password">The login password.</param>
/// <param name="applicationName">The application name.</param>
/// <returns>The current user else null.</returns>
public virtual Data.User ValidateUser(string username, string password, string applicationName = null)
{
Data.User user = null;
try
{
if (String.IsNullOrEmpty(applicationName))
{
user = Select.SelectDataEntity(u => (u.Username == username));
}
else
{
user = Select.SelectDataEntity(
u => (u.Username == username) &&
(u.ApplicationName == applicationName));
}
// If user exists.
if (user != null)
{
// Encode password.
Nequeo.Cryptography.IPasswordEncryption encoder = PasswordAuthorisationCode.GetEncoder();
string pass = encoder.Decode(user.Password, encoder.PasswordFormat, password);
// If not equal then reject.
if (pass != password)
{
user = null;
}
}
}
catch { user = null; }
return(user);
}
/// <summary>
/// Encode the password.
/// </summary>
/// <param name="user">The user data.</param>
/// <param name="encode">Encode the user.</param>
private void EncodePassword(Data.User user, bool encode = true)
{
Nequeo.Cryptography.IPasswordEncryption encoder = PasswordAuthorisationCode.GetEncoder();
if (encode)
{
// Encode password.
user.LoginPassword = encoder.Encode(user.LoginPassword, encoder.PasswordFormat);
}
else
{
// Decode password.
user.LoginPassword = encoder.Decode(user.LoginPassword, encoder.PasswordFormat);
}
}