private bool ValidateUser(string password, Data.IRepository<User> q, User usr) { if (CheckPassword(password, usr.Password)) { if (usr.IsApproved) { q.Update(new { LastLoginDate = DateTime.Now }, p => p.Id == usr.Id); return true; } return false; } UpdatePasswordFailureCount(usr); return false; }
private User NewUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved) { var createDate = DateTime.Now; var user = new User(); user.UserName = username; user.Password = EncodePassword(password); user.Email = email; user.Question = passwordQuestion; user.Answer = EncodePassword(passwordAnswer); user.IsApproved = isApproved; user.Comment = ""; user.CreationDate = createDate; user.LastPasswordChangedDate = createDate; user.LastActivityDate = createDate; user.ApplicationName = ApplicationName; user.IsLockedOut = false; user.LastLockedOutDate = createDate; user.FailedPasswordAttemptCount = 0; user.FailedPasswordAttemptWindowStart = createDate; user.FailedAnswerAttemptCount = 0; user.FailedAnswerAttemptWindowStart = createDate; return user; }
private void UpdatePasswordFailureCount(User usr) { var failureCount = usr.FailedPasswordAttemptCount; var windowStart = usr.FailedPasswordAttemptWindowStart; DateTime windowEnd = windowStart.AddMinutes(PasswordAttemptWindow); var q = UnitOfWork.Current.CreateRepository<User>(); if (failureCount == 0 || DateTime.Now > windowEnd) { q.Update(new { FailedPasswordAttemptCount = 1, FailedPasswordAttemptWindowStart = DateTime.Now }, p => p.Id == usr.Id); return; } if (failureCount++ >= MaxInvalidPasswordAttempts) q.Update(new { IsLockedOut = true, LastLockedOutDate = DateTime.Now }, p => p.Id == usr.Id); else q.Update(new { FailedPasswordAttemptCount = failureCount }, p => p.Id == usr.Id); }
private MembershipUser MapMembershipUser(User usr) { var u = new MembershipUser(this.Name, usr.UserName, usr.Id, usr.Email, usr.Question, usr.Comment, usr.IsApproved, usr.IsLockedOut, usr.CreationDate, usr.LastLoginDate, usr.LastActivityDate, usr.LastPasswordChangedDate, usr.LastLockedOutDate); return u; }