/// <summary>
/// Compare if the specified password matches the encrypted password
/// </summary>
/// <param name="account">Stored acount informagtion.</param>
/// <param name="clearTextPassword">Password specified by user.</param>
/// <returns>
/// true if passwords match; otherwise null
/// </returns>
public bool Compare(AccountPasswordInfo account, string clearTextPassword)
{
var clearTextInfo = new AccountPasswordInfo(account.UserName, clearTextPassword)
{PasswordSalt = account.PasswordSalt};
var password = Encrypt(clearTextInfo);
return account.Password == password;
}
/// <summary>
/// Encrypt a password
/// </summary>
/// <param name="account">Account information used to encrypt password</param>
/// <returns>
/// encrypted password.
/// </returns>
public string Encrypt(AccountPasswordInfo account)
{
if (account.PasswordSalt == null)
account.PasswordSalt = CreateSalt(10);
var saltAndPwd = String.Concat(account.Password, account.PasswordSalt);
var bytes = Encoding.Default.GetBytes(saltAndPwd);
var sha1 = SHA1.Create();
var computedHash = sha1.ComputeHash(bytes);
return Convert.ToBase64String(computedHash);
}
/// <summary>
/// Compare if the specified password matches the encrypted password
/// </summary>
/// <param name="account">Stored acount informagtion.</param>
/// <param name="clearTextPassword">Password specified by user.</param>
/// <returns>
/// true if passwords match; otherwise null
/// </returns>
public bool Compare(AccountPasswordInfo account, string clearTextPassword)
{
var clearTextInfo = new AccountPasswordInfo(account.UserName, clearTextPassword)
{
PasswordSalt = account.PasswordSalt
};
var password = Encrypt(clearTextInfo);
return(account.Password == password);
}
//Demander un unique email... e préremplir du provider si Oauth et disponible... (exemple Facebook).. comme il semble faire pour le username (a voir)
public IUser CreateOrUpdateUser(IUser user)
{
if (String.IsNullOrEmpty(user.Name))
{
throw new MembershipCreateUserException(MembershipCreateStatus.InvalidUserName);
}
//if (String.IsNullOrEmpty(user.Password)) throw new MembershipCreateUserException(MembershipCreateStatus.InvalidPassword);
if (String.IsNullOrEmpty(user.Email))
{
throw new MembershipCreateUserException(MembershipCreateStatus.InvalidEmail);
}
if (user.Id.IsNullOrEmpty()) // New user...
{
if (UserQueries.GetUserNameByEmail(user.Email) != null)
{
throw new MembershipCreateUserException(MembershipCreateStatus.DuplicateEmail);
}
if (UserQueries.Get(user.Name) != null)
{
throw new MembershipCreateUserException(MembershipCreateStatus.DuplicateUserName);
}
user.CreatedAt = _dateTimeManager.Now();
}
if (!user.ThirdPartyAuthenticationUserAccounts.Any() || !user.Password.IsNullOrEmpty())
{
try
{
ValidatePassword(user.Name, user.Password);
}
catch
{
// not the smoothest approach, but the best
// considering the inconsistent password failure handling.
throw new MembershipCreateUserException(MembershipCreateStatus.InvalidPassword);
}
}
var passwordInfo = new AccountPasswordInfo(user.Name, user.Password);
user.Password = PasswordStrategy.Encrypt(passwordInfo);
user.PasswordSalt = passwordInfo.PasswordSalt;
var status = UserCommands.Register(user);
if (status != MembershipCreateStatus.Success)
{
throw new MembershipCreateUserException(status);
}
return(user);
}
/// <summary>
/// Encrypt a password
/// </summary>
/// <param name="account">Account information used to encrypt password</param>
/// <returns>
/// encrypted password.
/// </returns>
public string Encrypt(AccountPasswordInfo account)
{
if (account.PasswordSalt == null)
{
account.PasswordSalt = CreateSalt(10);
}
var saltAndPwd = String.Concat(account.Password, account.PasswordSalt);
var bytes = Encoding.Default.GetBytes(saltAndPwd);
var sha1 = SHA1.Create();
var computedHash = sha1.ComputeHash(bytes);
return(Convert.ToBase64String(computedHash));
}
/// <summary>
/// Compare if the specified password matches the encrypted password
/// </summary>
/// <param name="account">Stored acount informagtion.</param>
/// <param name="clearTextPassword">Password specified by user.</param>
/// <returns>
/// true if passwords match; otherwise null
/// </returns>
public bool Compare(AccountPasswordInfo account, string clearTextPassword)
{
return(account.Password.Equals(clearTextPassword));
}
/// <summary>
/// Encrypt a password
/// </summary>
/// <param name="account">Account information used to encrypt password</param>
/// <returns>
/// encrypted password.
/// </returns>
public string Encrypt(AccountPasswordInfo account)
{
return(account.Password);
}
/// <summary>
/// Compare if the specified password matches the encrypted password
/// </summary>
/// <param name="account">Stored acount informagtion.</param>
/// <param name="clearTextPassword">Password specified by user.</param>
/// <returns>
/// true if passwords match; otherwise null
/// </returns>
public bool Compare(AccountPasswordInfo account, string clearTextPassword)
{
var clear = DecryptString(account.Password, _passphrase.ToString());
return(clearTextPassword == clear);
}
/// <summary>
/// Encrypt a password
/// </summary>
/// <param name="account">Account information used to encrypt password</param>
/// <returns>
/// encrypted password.
/// </returns>
public string Encrypt(AccountPasswordInfo account)
{
return(EncryptString(account.Password, _passphrase.ToString()));
}
/// <summary>
/// Compare if the specified password matches the encrypted password
/// </summary>
/// <param name="account">Stored acount informagtion.</param>
/// <param name="clearTextPassword">Password specified by user.</param>
/// <returns>
/// true if passwords match; otherwise null
/// </returns>
public bool Compare(AccountPasswordInfo account, string clearTextPassword)
{
var clear = DecryptString(account.Password, _passphrase.ToString());
return clearTextPassword == clear;
}
/// <summary>
/// Encrypt a password
/// </summary>
/// <param name="account">Account information used to encrypt password</param>
/// <returns>
/// encrypted password.
/// </returns>
public string Encrypt(AccountPasswordInfo account)
{
return EncryptString(account.Password, _passphrase.ToString());
}
/// <summary>
/// Compare if the specified password matches the encrypted password
/// </summary>
/// <param name="account">Stored acount informagtion.</param>
/// <param name="clearTextPassword">Password specified by user.</param>
/// <returns>
/// true if passwords match; otherwise null
/// </returns>
public bool Compare(AccountPasswordInfo account, string clearTextPassword)
{
return account.Password.Equals(clearTextPassword);
}
/// <summary>
/// Encrypt a password
/// </summary>
/// <param name="account">Account information used to encrypt password</param>
/// <returns>
/// encrypted password.
/// </returns>
public string Encrypt(AccountPasswordInfo account)
{
return account.Password;
}
