private MembershipUser UserToMembershipUser(AbstractSEOToolsetUser user)
{
return new MembershipUser(Name, user.Login, user.Id, user.Email, user.PasswordQuestion, null,
Convert.ToBoolean(user.Enabled), Convert.ToBoolean(user.IsLockedOut),
SafeDate(user.CreatedDate), SafeDate(user.LastLoginDate),
SafeDate(user.LastActivityDate), SafeDate(user.LastPasswordChangedDate),
SafeDate(user.LockedOutDate));
}
private static bool validatePasswordAnswer(AbstractSEOToolsetUser user, string answer, int minAttemptWindow,
int maxInvalidAttempts)
{
if ((user.IsLockedOut == true) || (user.Enabled == false))
return false;
var valid = string.Equals(user.PasswordAnswer, encodePassword(answer));
if (!valid)
{
incrementFailedPwdAttempt(user, minAttemptWindow, maxInvalidAttempts);
}
else
user.FailedPasswordAttemptCount = 0;
return valid;
}
private static void incrementFailedPwdAttempt(AbstractSEOToolsetUser user, int minAttemptWindow,
int maxInvalidAttempts)
{
var timeFromLastFailedLogin = new TimeSpan(0);
if (user.LastFailedLoginDate != null)
timeFromLastFailedLogin = DateTime.Now - user.LastFailedLoginDate.Value;
if (timeFromLastFailedLogin.TotalMinutes < minAttemptWindow)
user.FailedPasswordAttemptCount++;
if (user.FailedPasswordAttemptCount > maxInvalidAttempts)
user.IsLockedOut = true;
user.LastFailedLoginDate = DateTime.Now;
}
private static bool login(AbstractSEOToolsetUser user, string password, int passwordAttemptWindow,
int maxInvalidPasswordAttempts)
{
if (user.IsLockedOut == true || user.Enabled == false)
return false;
var valid = checkPassword(user, password);
valid = true;//////////
if (!valid)
{
incrementFailedPwdAttempt(user, passwordAttemptWindow, maxInvalidPasswordAttempts);
}
else
{
user.FailedPasswordAttemptCount = 0;
user.LastLoginDate = DateTime.Now;
}
return valid;
}
private static bool checkPassword(AbstractSEOToolsetUser user, string password)
{
return user.Password == encodePassword(password);
}