public override string ExtendedValidateUser(string userNameOrEmail, string password) { if (string.IsNullOrEmpty(userNameOrEmail)) { throw CreateArgumentNullOrEmptyException("userNameOrEmail"); } if (string.IsNullOrEmpty(password)) { throw CreateArgumentNullOrEmptyException("password"); } using ($safeprojectname$Context context = new $safeprojectname$Context()) { User user = null; user = context.Users.FirstOrDefault(Usr => Usr.Username == userNameOrEmail); if (user == null) { user = context.Users.FirstOrDefault(Usr => Usr.Email == userNameOrEmail); } if (user == null) { return(string.Empty); } if (!user.IsConfirmed) { return(string.Empty); } dynamic hashedPassword = user.Password; bool verificationSucceeded = (hashedPassword != null && CodeFirstCrypto.VerifyHashedPassword(hashedPassword, password)); if (verificationSucceeded) { user.PasswordFailuresSinceLastSuccess = 0; } else { int failures = user.PasswordFailuresSinceLastSuccess; if (failures != -1) { user.PasswordFailuresSinceLastSuccess += 1; user.LastPasswordFailureDate = DateTime.UtcNow; } } context.SaveChanges(); if (verificationSucceeded) { return(user.Username); } else { return(string.Empty); } } }
public override bool ChangePassword(string userName, string oldPassword, string newPassword) { if (string.IsNullOrEmpty(userName)) { throw CreateArgumentNullOrEmptyException("userName"); } if (string.IsNullOrEmpty(oldPassword)) { throw CreateArgumentNullOrEmptyException("oldPassword"); } if (string.IsNullOrEmpty(newPassword)) { throw CreateArgumentNullOrEmptyException("newPassword"); } using ($safeprojectname$Context context = new $safeprojectname$Context()) { dynamic user = context.Users.FirstOrDefault(Usr => Usr.Username == userName); if (user == null) { return(false); } dynamic hashedPassword = user.Password; bool verificationSucceeded = (hashedPassword != null && CodeFirstCrypto.VerifyHashedPassword(hashedPassword, oldPassword)); if (verificationSucceeded) { user.PasswordFailuresSinceLastSuccess = 0; } else { int failures = user.PasswordFailuresSinceLastSuccess; if (failures != -1) { user.PasswordFailuresSinceLastSuccess += 1; user.LastPasswordFailureDate = DateTime.UtcNow; } context.SaveChanges(); return(false); } dynamic newhashedPassword = CodeFirstCrypto.HashPassword(newPassword); if (newhashedPassword.Length > 128) { throw new ArgumentException("Password too long"); } user.Password = newhashedPassword; user.PasswordChangedDate = DateTime.UtcNow; context.SaveChanges(); return(true); } }