/// <summary>
/// Creates a user from the given parameters and settings in the web.config (under the membership section)
/// </summary>
/// <param name="username">Kerberos LoginID of the user who created the account (or string.empty)</param>
/// <param name="password">Password -- complexity determined by web.config settings</param>
/// <param name="email">Email entered by user</param>
/// <param name="passwordQuestion"></param>
/// <param name="passwordAnswer"></param>
/// <param name="isApproved"></param>
/// <param name="providerUserKey">Not used since username is always unique, we can look up with UserID when necessary</param>
/// <param name="status"></param>
/// <returns>A representation of the current user's membership information</returns>
public override MembershipUser CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status)
{
//if the username is SELFCREATED, set it to empty so that we know it was not created on a Kerberos user's behalf
if (username == "SELFCREATED")
{
username = string.Empty;
}
//Make sure the password is non-null or empty (excluding white space)
if (!SecUtility.ValidateParameter(ref password, true, true, false, 0))
{
//If the password is invalid, return the correct status
status = MembershipCreateStatus.InvalidPassword;
return(null);
}
//Check that the password meets all requirements laid out in the web.config
if (password.Length < MinRequiredPasswordLength)
{
status = MembershipCreateStatus.InvalidPassword;
return(null);
}
int count = 0;
for (int i = 0; i < password.Length; i++)
{
if (!char.IsLetterOrDigit(password, i))
{
count++;
}
}
if (count < MinRequiredNonAlphanumericCharacters)
{
status = MembershipCreateStatus.InvalidPassword;
return(null);
}
if (PasswordStrengthRegularExpression.Length > 0)
{
if (!Regex.IsMatch(password, PasswordStrengthRegularExpression))
{
status = MembershipCreateStatus.InvalidPassword;
return(null);
}
}
//Validate with email as the username
ValidatePasswordEventArgs e = new ValidatePasswordEventArgs(email, password, true);
OnValidatingPassword(e);
if (e.Cancel)
{
status = MembershipCreateStatus.InvalidPassword;
return(null);
}
//Generate a salt of length SALT_SIZE_IN_BYTES
string salt = GenerateSalt();
//Encodes the password using the method defined in the web.config membership section (clear, hashed, or encrypted)
//If method = hashed, then the algortihm defined by the HashAlgorithmType key is used
string encodedPassword = EncodePassword(password, (int)_PasswordFormat, salt);
//Make sure the password isn't too long (if it is, it will not fit in the database
if (encodedPassword.Length > 128)
{
status = MembershipCreateStatus.InvalidPassword;
return(null);
}
//Check the email, question, answer (only the last two if they are required in the web.config)
//if (!SecUtility.ValidateParameter(ref username, true, true, true, 255))
//{
// status = MembershipCreateStatus.InvalidUserName;
// return null;
//}
if (!SecUtility.ValidateParameter(ref email,
RequiresUniqueEmail,
RequiresUniqueEmail,
false,
128))
{
status = MembershipCreateStatus.InvalidEmail;
return(null);
}
if (!SecUtility.ValidateParameter(ref passwordQuestion,
RequiresQuestionAndAnswer,
true,
false,
255))
{
status = MembershipCreateStatus.InvalidQuestion;
return(null);
}
if (!SecUtility.ValidateParameter(ref passwordAnswer,
RequiresQuestionAndAnswer,
true,
false,
128))
{
status = MembershipCreateStatus.InvalidAnswer;
return(null);
}
_dops.ResetDops();
_dops.Sproc = "usp_InsertAccount";
_dops.SetParameter("@LoginID", username, "IN"); //KerberosID of user that created this account (null if created by applicant)
_dops.SetParameter("@Email", email, "IN");
_dops.SetParameter("@Password", encodedPassword, "IN");
_dops.SetParameter("@PasswordFormat", (int)PasswordFormat, "IN");
_dops.SetParameter("@PasswordSalt", salt, "IN");
_dops.SetParameter("@PasswordQuestion", passwordQuestion, "IN");
_dops.SetParameter("@PasswordAnswer", passwordAnswer, "IN");
_dops.SetParameter("@CreateStatus", string.Empty, "OUT");
_dops.SetParameter("RETURN_VALUE", string.Empty, "RETURN");
try
{
_dops.Execute_Sql();
}
catch (SqlException)
{
status = MembershipCreateStatus.ProviderError;
return(null);
}
//If the return value is not 0 (success), inspect the error and return it to the user
if ((int)_dops.GetOutputVariable("RETURN_VALUE") != 0)
{
switch ((string)_dops.GetOutputVariable("@CreateStatus"))
{
case "InvalidLogin":
status = MembershipCreateStatus.DuplicateUserName;
break;
case "InvalidEmail":
status = MembershipCreateStatus.DuplicateEmail;
break;
default:
status = MembershipCreateStatus.ProviderError;
break;
}
return(null);
}
else
{
//No error, so go ahead and return success
DateTime dt = DateTime.Now;
status = MembershipCreateStatus.Success;
return(new MembershipUser(this.Name,
username,
null,
email,
passwordQuestion,
string.Empty,
isApproved,
false,
dt,
dt,
dt,
dt,
DateTime.MinValue));
}
}
