public override string ResetPassword(string username, string answer)
{
if (!EnablePasswordReset)
{
throw new NotSupportedException("Password reset is not supported");
}
N2.Security.Items.User u = Bridge.GetUser(username);
if (u != null)
{
// JH
/* original implementation does not provide service as expected for ResetPassword.
* MSDN: Resets a user's password to a new, automatically generated password.
* u.IsLockedOut = false;
* Bridge.Save(u);
* return u.Password;
*/
if (RequiresQuestionAndAnswer && !string.Equals(u.PasswordAnswer, answer))
{
throw new MembershipPasswordException("Incorrect password answer");
}
string newPassword = GenerateRandomPassword();
u.Password = ToStoredPassword(newPassword);
u.IsLockedOut = false;
Bridge.Save(u);
return(newPassword);
}
return(null);
}
public override bool DeleteUser(string username, bool deleteAllRelatedData)
{
N2.Security.Items.User u = Bridge.GetUser(username);
if (u == null)
{
return(false);
}
Bridge.Delete(u);
return(true);
}
public override bool ValidateUser(string username, string password)
{
N2.Security.Items.User u = Bridge.GetUser(username);
if (u != null && u.Password == ToStoredPassword(password)) // JH
{
u.LastLoginDate = DateTime.Now; // JH
Bridge.Save(u);
return(true);
}
return(false);
}
public override bool UnlockUser(string userName)
{
N2.Security.Items.User u = Bridge.GetUser(userName);
if (u == null)
{
return(false);
}
u.IsLockedOut = false;
Bridge.Save(u);
return(true);
}
public override bool ChangePassword(string username, string oldPassword, string newPassword)
{
N2.Security.Items.User u = Bridge.GetUser(username);
if (u == null || u.Password != ToStoredPassword(oldPassword)) // JH
{
return(false);
}
u.Password = ToStoredPassword(newPassword); // JH
Bridge.Save(u);
return(true);
}
public override bool ChangePasswordQuestionAndAnswer(string username, string password, string newPasswordQuestion, string newPasswordAnswer)
{
N2.Security.Items.User u = Bridge.GetUser(username);
if (u == null || u.Password != ToStoredPassword(password)) // JH
{
return(false);
}
u.PasswordQuestion = newPasswordQuestion;
u.PasswordAnswer = newPasswordAnswer;
Bridge.Save(u);
return(true);
}
public override MembershipUser GetUser(string username, bool userIsOnline)
{
return(Cache.GetValue(username, (un) =>
{
N2.Security.Items.User u = Bridge.GetUser(username);
if (u != null)
{
return u.GetMembershipUser(this.Name);
}
return null;
}));
}
public override MembershipUser GetUser(string username, bool userIsOnline)
{
N2.Security.Items.User u = Bridge.GetUser(username);
if (u != null)
{
if (userIsOnline)
{
u.LastActivityDate = DateTime.Now;
Bridge.Save(u); // JH
}
return(u.GetMembershipUser(this.Name));
}
return(null);
}
public override void UpdateUser(MembershipUser user)
{
if (user == null)
{
throw new ArgumentNullException("user");
}
N2.Security.Items.User u = Bridge.GetUser(user.UserName);
if (u != null)
{
u.UpdateFromMembershipUser(user); // JH: note that password remains unaffected
Bridge.Save(u);
}
else
{
throw new N2Exception("User '" + user.UserName + "' not found.");
}
}
public override string GetPassword(string username, string answer)
{
if (!EnablePasswordRetrieval)
{
throw new NotSupportedException("Password retrieval is not supported");
}
N2.Security.Items.User u = Bridge.GetUser(username);
if (u != null)
{
if (RequiresQuestionAndAnswer && !string.Equals(u.PasswordAnswer, answer, StringComparison.InvariantCultureIgnoreCase)) // JH
{
throw new MembershipPasswordException("Invalid password answer");
}
// Note: may throw exception for hashed passwords!
return(FromStoredPassword(u.Password)); // JH
}
return(null);
}
public override MembershipUser CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status)
{
N2.Security.Items.User u = Bridge.GetUser(username);
if (u != null)
{
status = MembershipCreateStatus.DuplicateUserName;
return(null);
}
if (string.IsNullOrEmpty(username))
{
status = MembershipCreateStatus.InvalidUserName;
return(null);
}
if (string.IsNullOrEmpty(password))
{
status = MembershipCreateStatus.InvalidPassword;
return(null);
}
// TODO: RequiresUniqueEmail validation
var args = new ValidatePasswordEventArgs(username, password, true);
OnValidatingPassword(args);
if (args.Cancel)
{
throw new MembershipCreateUserException("Create user cancelled", args.FailureInformation);
}
status = MembershipCreateStatus.Success;
u = Bridge.CreateUser(username, ToStoredPassword(password), // JH
email, passwordQuestion, passwordAnswer, isApproved, providerUserKey);
Cache.Expire();
MembershipUser m = u.GetMembershipUser(this.Name);
return(m);
}
