static void ConvertOldPasswordFormat() { int processed = 0; var toBeUpdated = new List <IUser>(); foreach (var user in DataFacade.GetData <IUser>()) { if (string.IsNullOrEmpty(user.EncryptedPassword) || !string.IsNullOrEmpty(user.PasswordHashSalt)) { continue; } string password = Cryptographer.Decrypt(user.EncryptedPassword); var salt = UserFormLoginManager.GenerateHashSalt(); user.PasswordHashSalt = Convert.ToBase64String(salt); user.EncryptedPassword = UserFormLoginManager.GeneratePasswordHash(password, salt); toBeUpdated.Add(user); processed++; } if (toBeUpdated.Any()) { DataFacade.Update(toBeUpdated); } if (processed > 0) { Log.LogInformation(LogTitle, "User passwords converted to a new format: " + processed); } }
public void AddNewUser(string userName, string password, string folder, string email) { var user = DataFacade.BuildNew <IUser>(); user.Id = Guid.NewGuid(); user.Username = userName.Trim().ToLowerInvariant(); user.Email = email; user = DataFacade.AddNew(user); UserFormLoginManager.CreateUserFormLogin(user.Id, password, folder); Log.LogVerbose(LogTitle, "Added new userFormLogin '{0}'", userName); }
public void SetUserPassword(string username, string password) { using (var transactionScope = TransactionsFacade.CreateNewScope()) { IUser user = DataFacade.GetData <IUser>().FirstOrDefault(u => u.Username == username); Verify.IsNotNull(user, "The userFormLogin '{0}' does not exists", username); var userFormLogin = user.GetUserFormLogin(); UserFormLoginManager.SetPassword(userFormLogin, password); transactionScope.Complete(); } }
public LoginResult Validate(string username, string password) { username = username.ToLower(CultureInfo.InvariantCulture); FailedLoginInfo failedLoginInfo; _loginHistory.TryGetValue(username, out failedLoginInfo); if (!BruteForcePreventionCheck(username, failedLoginInfo)) { return(LoginResult.PolicyViolated); } IUser user = (from u in DataFacade.GetData <IUser>() where string.Compare(u.Username, username, StringComparison.InvariantCultureIgnoreCase) == 0 select u).FirstOrDefault(); if (user == null) { return(LoginResult.UserDoesNotExist); } var userFormLogin = DataFacade.GetData <IUserFormLogin>().FirstOrDefault(u => u.UserId == user.Id); if (userFormLogin == null) { if (!user.EncryptedPassword.IsNullOrEmpty()) { throw new InvalidOperationException("User form login data is missing or present in obsolete format."); } throw new InvalidOperationException("User form login data is missing."); } bool passwordIsCorrect = UserFormLoginManager.ValidatePassword(userFormLogin, password); if (passwordIsCorrect) { if (userFormLogin.IsLocked) { if (userFormLogin.LockoutReason == (int)UserLockoutReason.LockedByAdministrator) { return(LoginResult.UserLockedByAdministrator); } return(LoginResult.UserLockedAfterMaxLoginAttempts); } int passwordExpirationDays = PasswordPolicyFacade.PasswordExpirationTimeInDays; if (passwordExpirationDays > 0 && DateTime.Now > userFormLogin.LastPasswordChangeDate + TimeSpan.FromDays(passwordExpirationDays)) { return(LoginResult.PasswordUpdateRequired); } } UpdateLoginHistory(username, passwordIsCorrect, failedLoginInfo); if (!passwordIsCorrect && failedLoginInfo != null && failedLoginInfo.LoginAttemptCount >= _maxLoginAttemptsBeforeLockout) { LockUser(userFormLogin); } return(passwordIsCorrect ? LoginResult.Success : LoginResult.IncorrectPassword); }