/// <summary> /// Raises the ValidatingPassword event if an event handler has been defined. /// </summary> /// <param name='args'> /// The ValidatePasswordEventArgs to pass to the ValidatingPassword event handler. /// </param> protected virtual void OnValidatingPassword(ValidatePasswordEventArgs args) { if (ValidatingPassword != null) { ValidatingPassword(this, args); } }
/// <summary> /// Processes a request to update the password for a membership user. /// </summary> /// <param name="username">The user to update the password for.</param> /// <param name="oldPassword">The current password for the specified user.</param> /// <param name="newPassword">The new password for the specified user.</param> /// <returns> /// true if the password was updated successfully; otherwise, false. /// </returns> public override bool ChangePassword(string username, string oldPassword, string newPassword) { using (var session = DocumentStore.OpenSession()) { var secInfo = session.Query<UserSecurityInfo> ().Where (x => x.UserName == username).FirstOrDefault (); if (secInfo == null) throw new MembershipException ("User does not exist."); if (ValidateUserInternal (secInfo, oldPassword)) { var args = new ValidatePasswordEventArgs (username, newPassword, false); OnValidatingPassword (args); if (args.Cancel) { if (args.FailureInformation != null) throw args.FailureInformation; else throw new MembershipException ("Change password canceled due to new password validation failure."); } if (!ValidatePassword (newPassword)) throw new ArgumentException ("Password does not meet password strength requirements."); /// string salt = ""; secInfo.Password = TransformPassword (newPassword, ref salt); secInfo.PasswordSalt = salt; var user = session.Query<MembershipUser> ().Where (x => x.UserName == username).FirstOrDefault (); var md = new MembershipUser (user.UserName, user.ProviderUserKey, user.Email, user.PasswordQuestion, user.Comment, user.IsApproved, user.IsLockedOut, user.CreationDate, user.LastLoginDate, user.LastActivityDate, DateTime.Now, user.LastLockoutDate); session.Store (md, md.UserName); session.SaveChanges (); return true; } return false; } }