private PasswordInfo GetPasswordInfo(string username)
{
using (DbConnection connection = CreateConnection()) {
DbDataReader reader = null;
DerbyMembershipHelper.Membership_GetPasswordWithFormat(connection, ApplicationName, username, false, DateTime.UtcNow, out reader);
PasswordInfo pi = null;
if (reader == null)
{
return(null);
}
using (reader) {
if (reader.Read())
{
int isLockedOut = reader.GetInt32(1);
if (isLockedOut > 0)
{
return(null);
}
pi = new PasswordInfo(
reader.GetString(3),
(MembershipPasswordFormat)reader.GetInt32(4),
reader.GetString(5),
reader.GetInt32(6),
reader.GetInt32(7),
reader.GetInt32(2) > 0,
reader.GetDateTime(8),
reader.GetDateTime(9));
}
}
return(pi);
}
}
public override MembershipUser GetUser(object providerUserKey, bool userIsOnline)
{
if (providerUserKey == null)
{
throw new ArgumentNullException("providerUserKey");
}
if (!(providerUserKey is Guid))
{
throw new ArgumentException("providerUserKey is not of type Guid", "providerUserKey");
}
using (DbConnection connection = CreateConnection()) {
DbDataReader reader = null;
int st = DerbyMembershipHelper.Membership_GetUserByUserId(connection, providerUserKey.ToString(), userIsOnline, DateTime.UtcNow, out reader);
using (reader) {
if (st == 0 && reader != null)
{
MembershipUser u = GetUserFromReader(reader);
return(u);
}
}
}
return(null);
}
public override MembershipUserCollection FindUsersByName(string nameToMatch, int pageIndex, int pageSize, out int totalRecords)
{
CheckParam("nameToMatch", nameToMatch, 256);
if (pageIndex < 0)
{
throw new ArgumentException("pageIndex must be >= 0");
}
if (pageSize < 0)
{
throw new ArgumentException("pageSize must be >= 0");
}
if (pageIndex * pageSize + pageSize - 1 > Int32.MaxValue)
{
throw new ArgumentException("pageIndex and pageSize are too large");
}
totalRecords = 0;
using (DbConnection connection = CreateConnection()) {
DbDataReader reader = null;
DerbyMembershipHelper.Membership_FindUsersByName(connection, ApplicationName, nameToMatch, pageSize, pageIndex, out reader);
if (reader == null)
{
return(null);
}
using (reader) {
return(BuildMembershipUserCollection(reader, pageIndex, pageSize, out totalRecords));
}
}
}
public override bool DeleteUser(string username, bool deleteAllRelatedData)
{
CheckParam("username", username, 256);
DeleteUserTableMask deleteBitmask = DeleteUserTableMask.MembershipUsers;
if (deleteAllRelatedData)
{
deleteBitmask |=
DeleteUserTableMask.Profiles |
DeleteUserTableMask.UsersInRoles |
DeleteUserTableMask.WebPartStateUser;
}
int num = 0;
using (DbConnection connection = CreateConnection()) {
int st = DerbyMembershipHelper.Users_DeleteUser(connection, ApplicationName, username, (int)deleteBitmask, ref num);
if (num == 0)
{
return(false);
}
if (st == 0)
{
return(true);
}
return(false);
}
}
public override string ResetPassword(string username, string answer)
{
if (!EnablePasswordReset)
{
throw new NotSupportedException("this provider has not been configured to allow the resetting of passwords");
}
CheckParam("username", username, 256);
if (RequiresQuestionAndAnswer)
{
CheckParam("answer", answer, 128);
}
using (DbConnection connection = CreateConnection()) {
PasswordInfo pi = GetPasswordInfo(username);
if (pi == null)
{
throw new ProviderException(username + "is not found in the membership database");
}
string newPassword = GeneratePassword();
EmitValidatingPassword(username, newPassword, false);
string db_password = EncodePassword(newPassword, pi.PasswordFormat, pi.PasswordSalt);
string db_answer = EncodePassword(answer, pi.PasswordFormat, pi.PasswordSalt);
int st = DerbyMembershipHelper.Membership_ResetPassword(connection, ApplicationName, username, db_password, db_answer, (int)pi.PasswordFormat, pi.PasswordSalt, MaxInvalidPasswordAttempts, PasswordAttemptWindow, DateTime.UtcNow);
if (st == 0)
{
return(newPassword);
}
else if (st == 1)
{
throw new ProviderException(username + " is not found in the membership database");
}
else if (st == 2)
{
throw new MembershipPasswordException("The user account is currently locked out");
}
else if (st == 3)
{
throw new MembershipPasswordException("Password Answer is invalid");
}
else
{
throw new ProviderException("Failed to reset password");
}
}
}
public override bool ChangePassword(string username, string oldPwd, string newPwd)
{
if (username != null)
{
username = username.Trim();
}
if (oldPwd != null)
{
oldPwd = oldPwd.Trim();
}
if (newPwd != null)
{
newPwd = newPwd.Trim();
}
CheckParam("username", username, 256);
CheckParam("oldPwd", oldPwd, 128);
CheckParam("newPwd", newPwd, 128);
if (!CheckPassword(newPwd))
{
throw new ArgumentException(string.Format(
"New Password invalid. New Password length minimum: {0}. Non-alphanumeric characters required: {1}.",
MinRequiredPasswordLength,
MinRequiredNonAlphanumericCharacters));
}
using (DbConnection connection = CreateConnection()) {
PasswordInfo pi = ValidateUsingPassword(username, oldPwd);
if (pi != null)
{
EmitValidatingPassword(username, newPwd, false);
string db_password = EncodePassword(newPwd, pi.PasswordFormat, pi.PasswordSalt);
int st = DerbyMembershipHelper.Membership_SetPassword(connection, ApplicationName, username, db_password, (int)pi.PasswordFormat, pi.PasswordSalt, DateTime.UtcNow);
if (st == 0)
{
return(true);
}
}
return(false);
}
}
public override string GetPassword(string username, string answer)
{
if (!EnablePasswordRetrieval)
{
throw new NotSupportedException("this provider has not been configured to allow the retrieval of passwords");
}
CheckParam("username", username, 256);
if (RequiresQuestionAndAnswer)
{
CheckParam("answer", answer, 128);
}
PasswordInfo pi = GetPasswordInfo(username);
if (pi == null)
{
throw new ProviderException("An error occurred while retrieving the password from the database");
}
string user_answer = EncodePassword(answer, pi.PasswordFormat, pi.PasswordSalt);
string password = null;
using (DbConnection connection = CreateConnection()) {
int st = DerbyMembershipHelper.Membership_GetPassword(connection, ApplicationName, username, user_answer, MaxInvalidPasswordAttempts, PasswordAttemptWindow, DateTime.UtcNow, out password);
if (st == 1)
{
throw new ProviderException("User specified by username is not found in the membership database");
}
if (st == 2)
{
throw new MembershipPasswordException("The membership user identified by username is locked out");
}
if (st == 3)
{
throw new MembershipPasswordException("Password Answer is invalid");
}
return(DecodePassword(password, pi.PasswordFormat));
}
}
void UpdateUserInfo(string username, PasswordInfo pi, bool isPasswordCorrect, bool updateLoginActivity)
{
CheckParam("username", username, 256);
using (DbConnection connection = CreateConnection()) {
try {
int st = DerbyMembershipHelper.Membership_UpdateUserInfo(connection, ApplicationName, username, isPasswordCorrect, updateLoginActivity,
MaxInvalidPasswordAttempts, PasswordAttemptWindow, DateTime.UtcNow, pi.LastLoginDate, pi.LastActivityDate);
if (st == 0)
{
return;
}
}
catch (Exception e) {
throw new ProviderException("Failed to update Membership table", e);
}
}
}
public override bool UnlockUser(string username)
{
CheckParam("username", username, 256);
using (DbConnection connection = CreateConnection()) {
try {
int st = DerbyMembershipHelper.Membership_UnlockUser(connection, ApplicationName, username);
if (st == 0)
{
return(true);
}
}
catch (Exception e) {
throw new ProviderException("Failed to unlock user", e);
}
}
return(false);
}
public override bool ChangePasswordQuestionAndAnswer(string username, string password, string newPwdQuestion, string newPwdAnswer)
{
if (username != null)
{
username = username.Trim();
}
if (newPwdQuestion != null)
{
newPwdQuestion = newPwdQuestion.Trim();
}
if (newPwdAnswer != null)
{
newPwdAnswer = newPwdAnswer.Trim();
}
CheckParam("username", username, 256);
if (RequiresQuestionAndAnswer)
{
CheckParam("newPwdQuestion", newPwdQuestion, 128);
}
if (RequiresQuestionAndAnswer)
{
CheckParam("newPwdAnswer", newPwdAnswer, 128);
}
using (DbConnection connection = CreateConnection()) {
PasswordInfo pi = ValidateUsingPassword(username, password);
if (pi != null)
{
string db_passwordAnswer = EncodePassword(newPwdAnswer, pi.PasswordFormat, pi.PasswordSalt);
int st = DerbyMembershipHelper.Membership_ChangePasswordQuestionAndAnswer(connection, ApplicationName, username, newPwdQuestion, db_passwordAnswer);
if (st == 0)
{
return(true);
}
}
return(false);
}
}
public override void UpdateUser(MembershipUser user)
{
if (user == null)
{
throw new ArgumentNullException("user");
}
if (user.UserName == null)
{
throw new ArgumentNullException("user.UserName");
}
if (RequiresUniqueEmail && user.Email == null)
{
throw new ArgumentNullException("user.Email");
}
CheckParam("user.UserName", user.UserName, 256);
if (user.Email.Length > 256 || (RequiresUniqueEmail && user.Email.Length == 0))
{
throw new ArgumentException("invalid format for user.Email");
}
using (DbConnection connection = CreateConnection()) {
int st = DerbyMembershipHelper.Membership_UpdateUser(connection, ApplicationName, user.UserName, user.Email, user.Comment, user.IsApproved, RequiresUniqueEmail, user.LastLoginDate, DateTime.UtcNow, DateTime.UtcNow);
if (st == 1)
{
throw new ProviderException("The UserName property of user was not found in the database.");
}
if (st == 2)
{
throw new ProviderException("The Email property of user was equal to an existing e-mail address in the database and RequiresUniqueEmail is set to true.");
}
if (st != 0)
{
throw new ProviderException("Failed to update user");
}
}
}
public override string GetUserNameByEmail(string email)
{
CheckParam("email", email, 256);
string username = null;
using (DbConnection connection = CreateConnection()) {
int st = DerbyMembershipHelper.Membership_GetUserByEmail(connection, ApplicationName, email, out username);
if (st == 1)
{
return(null);
}
if (st == 2 && RequiresUniqueEmail)
{
throw new ProviderException("More than one user with the same e-mail address exists in the database and RequiresUniqueEmail is true");
}
}
return(username);
}
public override MembershipUserCollection GetAllUsers(int pageIndex, int pageSize, out int totalRecords)
{
if (pageIndex < 0)
{
throw new ArgumentException("pageIndex must be >= 0");
}
if (pageSize < 0)
{
throw new ArgumentException("pageSize must be >= 0");
}
if (pageIndex * pageSize + pageSize - 1 > Int32.MaxValue)
{
throw new ArgumentException("pageIndex and pageSize are too large");
}
using (DbConnection connection = CreateConnection()) {
DbDataReader reader = null;
totalRecords = DerbyMembershipHelper.Membership_GetAllUsers(connection, ApplicationName, pageIndex, pageSize, out reader);
return(BuildMembershipUserCollection(reader, pageIndex, pageSize, out totalRecords));
}
}
public override MembershipUser GetUser(string username, bool userIsOnline)
{
if (username.Length == 0)
{
return(null);
}
CheckParam("username", username, 256);
using (DbConnection connection = CreateConnection()) {
DbDataReader reader = null;
int st = DerbyMembershipHelper.Membership_GetUserByName(connection, ApplicationName, username, userIsOnline, DateTime.UtcNow, out reader);
using (reader) {
if (st == 0 && reader != null)
{
MembershipUser u = GetUserFromReader(reader);
return(u);
}
}
}
return(null);
}
public override int GetNumberOfUsersOnline()
{
using (DbConnection connection = CreateConnection()) {
return(DerbyMembershipHelper.Membership_GetNumberOfUsersOnline(connection, ApplicationName, userIsOnlineTimeWindow.Minutes, DateTime.UtcNow));
}
}
public override MembershipUser CreateUser(string username,
string password,
string email,
string pwdQuestion,
string pwdAnswer,
bool isApproved,
object providerUserKey,
out MembershipCreateStatus status)
{
if (username != null)
{
username = username.Trim();
}
if (password != null)
{
password = password.Trim();
}
if (email != null)
{
email = email.Trim();
}
if (pwdQuestion != null)
{
pwdQuestion = pwdQuestion.Trim();
}
if (pwdAnswer != null)
{
pwdAnswer = pwdAnswer.Trim();
}
/* some initial validation */
if (username == null || username.Length == 0 || username.Length > 256 || username.IndexOf(",") != -1)
{
status = MembershipCreateStatus.InvalidUserName;
return(null);
}
if (password == null || password.Length == 0 || password.Length > 128)
{
status = MembershipCreateStatus.InvalidPassword;
return(null);
}
if (!CheckPassword(password))
{
status = MembershipCreateStatus.InvalidPassword;
return(null);
}
EmitValidatingPassword(username, password, true);
if (RequiresUniqueEmail && (email == null || email.Length == 0))
{
status = MembershipCreateStatus.InvalidEmail;
return(null);
}
if (RequiresQuestionAndAnswer &&
(pwdQuestion == null ||
pwdQuestion.Length == 0 || pwdQuestion.Length > 256))
{
status = MembershipCreateStatus.InvalidQuestion;
return(null);
}
if (RequiresQuestionAndAnswer &&
(pwdAnswer == null ||
pwdAnswer.Length == 0 || pwdAnswer.Length > 128))
{
status = MembershipCreateStatus.InvalidAnswer;
return(null);
}
if (providerUserKey != null && !(providerUserKey is Guid))
{
status = MembershipCreateStatus.InvalidProviderUserKey;
return(null);
}
/* encode our password/answer using the
* "passwordFormat" configuration option */
string passwordSalt = "";
RandomNumberGenerator rng = RandomNumberGenerator.Create();
byte [] salt = new byte [SALT_BYTES];
rng.GetBytes(salt);
passwordSalt = Convert.ToBase64String(salt);
password = EncodePassword(password, PasswordFormat, passwordSalt);
if (RequiresQuestionAndAnswer)
{
pwdAnswer = EncodePassword(pwdAnswer, PasswordFormat, passwordSalt);
}
/* make sure the hashed/encrypted password and
* answer are still under 128 characters. */
if (password.Length > 128)
{
status = MembershipCreateStatus.InvalidPassword;
return(null);
}
if (RequiresQuestionAndAnswer)
{
if (pwdAnswer.Length > 128)
{
status = MembershipCreateStatus.InvalidAnswer;
return(null);
}
}
status = MembershipCreateStatus.Success;
using (DbConnection connection = CreateConnection()) {
try {
object helperUserKey = providerUserKey != null?providerUserKey.ToString() : null;
DateTime Now = DateTime.UtcNow;
int st = DerbyMembershipHelper.Membership_CreateUser(connection, ApplicationName, username, password, passwordSalt, email,
pwdQuestion, pwdAnswer, isApproved, Now, Now, RequiresUniqueEmail, (int)PasswordFormat, ref helperUserKey);
providerUserKey = new Guid((string)helperUserKey);
if (st == 0)
{
return(GetUser(providerUserKey, false));
}
else if (st == 2)
{
status = MembershipCreateStatus.DuplicateUserName;
}
else if (st == 3)
{
status = MembershipCreateStatus.DuplicateEmail;
}
else if (st == 9)
{
status = MembershipCreateStatus.InvalidProviderUserKey;
}
else if (st == 10)
{
status = MembershipCreateStatus.DuplicateProviderUserKey;
}
else
{
status = MembershipCreateStatus.ProviderError;
}
return(null);
}
catch (Exception) {
status = MembershipCreateStatus.ProviderError;
return(null);
}
}
}