/// <summary> /// Updates information about a user in the data source. /// </summary> /// <param name="user">A <see cref="T:System.Web.Security.MembershipUser"></see> object that represents the user to update and the updated information for the user.</param> public override void UpdateUser(MembershipUser user) { lock (SyncRoot) { XmlUser suser = this.Store.GetUserByKey((Guid)user.ProviderUserKey); if (suser != null) { if (!ValidateUserName(suser.UserName, suser.UserKey)) { throw new ArgumentException("UserName is not unique!"); } if (this.RequiresUniqueEmail && !ValidateEmail(suser.Email, suser.UserKey)) { throw new ArgumentException("Email is not unique!"); } try { suser.Email = user.Email; suser.LastActivityDate = user.LastActivityDate; suser.LastLoginDate = user.LastLoginDate; suser.Comment = user.Comment; suser.IsApproved = user.IsApproved; this.Store.Save(); } catch { throw; } } else { throw new ProviderException("User does not exist!"); } } }
/// <summary> /// Verifies that the specified user name and password exist in the data source. /// </summary> /// <param name="username">The name of the user to validate.</param> /// <param name="password">The password for the specified user.</param> /// <returns> /// true if the specified username and password are valid; otherwise, false. /// </returns> public override bool ValidateUser(string username, string password) { try { lock (SyncRoot) { XmlUser user = this.Store.GetUserByName(username); if (user == null) { return(false); } if (ValidateUserInternal(user, password)) { user.LastLoginDate = DateTime.Now; user.LastActivityDate = DateTime.Now; this.Store.Save(); return(true); } else { return(false); } } } catch { throw; } }
/// <summary> /// Resets a user's password to a new, automatically generated password. /// </summary> /// <param name="username">The user to reset the password for.</param> /// <param name="answer">The password answer for the specified user.</param> /// <returns>The new password for the specified user.</returns> public override string ResetPassword(string username, string answer) { lock (SyncRoot) { XmlUser user = this.Store.GetUserByName(username); if (user != null) { if (answer != null && !user.PasswordAnswer.Equals(answer, StringComparison.OrdinalIgnoreCase)) { throw new Exception("Invalid answer entered!"); } else if (answer == null && Membership.RequiresQuestionAndAnswer) { throw new Exception("Invalid question and answer entered!"); } try { byte[] NewPassword = new byte[16]; RandomNumberGenerator rng = RandomNumberGenerator.Create(); rng.GetBytes(NewPassword); string NewPasswordString = Convert.ToBase64String(NewPassword); user.PasswordSalt = string.Empty; user.Password = TransformPassword(NewPasswordString, ref user.PasswordSalt); this.Store.Save(); return(NewPasswordString); } catch { throw; } } } return(null); }
/// <summary> /// Creates the membership from internal user. /// </summary> /// <param name="user">The user.</param> /// <returns></returns> private MembershipUser CreateMembershipFromInternalUser(XmlUser user) { MembershipUser muser = new MembershipUser(base.Name, user.UserName, user.UserKey, user.Email, user.PasswordQuestion, user.Comment, user.IsApproved, user.IsLockedOut, user.CreationDate, user.LastLoginDate, user.LastActivityDate, user.LastPasswordChangeDate, user.LastLockoutDate); return(muser); }
/// <summary> /// Validates the user internal. /// </summary> /// <param name="user">The user.</param> /// <param name="password">The password.</param> /// <returns></returns> private bool ValidateUserInternal(XmlUser user, string password) { if (user != null) { string passwordValidate = TransformPassword(password, ref user.PasswordSalt); if (string.Compare(passwordValidate, user.Password) == 0) { return(true); } } return(false); }
/// <summary> /// Gets the user name associated with the specified e-mail address. /// </summary> /// <param name="email">The e-mail address to search for.</param> /// <returns> /// The user name associated with the specified e-mail address. If no match is found, return null. /// </returns> public override string GetUserNameByEmail(string email) { try { lock (SyncRoot) { XmlUser user = this.Store.GetUserByEmail(email); return((user != null) ? user.UserName : null); } } catch { throw; } }
/// <summary> /// Adds a new membership user to the data source. /// </summary> /// <param name="username">The user name for the new user.</param> /// <param name="password">The password for the new user.</param> /// <param name="email">The e-mail address for the new user.</param> /// <param name="passwordQuestion">The password question for the new user.</param> /// <param name="passwordAnswer">The password answer for the new user</param> /// <param name="isApproved">Whether or not the new user is approved to be validated.</param> /// <param name="providerUserKey">The unique identifier from the membership data source for the user.</param> /// <param name="status">A <see cref="T:System.Web.Security.MembershipCreateStatus"></see> enumeration value indicating whether the user was created successfully.</param> /// <returns> /// A <see cref="T:System.Web.Security.MembershipUser"></see> object populated with the information for the newly created user. /// </returns> public override MembershipUser CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status) { status = MembershipCreateStatus.Success; try { // Validate the username and email if (!ValidateUserName(username, Guid.Empty)) { status = MembershipCreateStatus.DuplicateUserName; return(null); } if (this.RequiresUniqueEmail && !ValidateEmail(password, Guid.Empty)) { status = MembershipCreateStatus.DuplicateEmail; return(null); } // Validate the password ValidatePasswordEventArgs e = new ValidatePasswordEventArgs(username, password, true); // Raise the event before validating the password base.OnValidatingPassword(e); if (e.Cancel || !ValidatePassword(password)) { status = MembershipCreateStatus.InvalidPassword; return(null); } // Everything is valid, create the user lock (SyncRoot) { XmlUser user = new XmlUser(); user.UserKey = Guid.NewGuid(); user.UserName = username; user.PasswordSalt = string.Empty; user.Password = this.TransformPassword(password, ref user.PasswordSalt); user.Email = email; user.PasswordQuestion = passwordQuestion; user.PasswordAnswer = passwordAnswer; user.IsApproved = isApproved; user.CreationDate = DateTime.Now; user.LastActivityDate = DateTime.Now; user.LastPasswordChangeDate = DateTime.Now; // Add the user to the store this.Store.Users.Add(user); this.Store.Save(); return(CreateMembershipFromInternalUser(user)); } } catch { throw; } }
/// <summary> /// Processes a request to update the password for a membership user. /// </summary> /// <param name="username">The user to update the password for.</param> /// <param name="oldPassword">The current password for the specified user.</param> /// <param name="newPassword">The new password for the specified user.</param> /// <returns> /// true if the password was updated successfully; otherwise, false. /// </returns> public override bool ChangePassword(string username, string oldPassword, string newPassword) { lock (SyncRoot) { XmlUser user = this.Store.GetUserByName(username); if (user == null) { throw new Exception("User does not exist!"); } if (ValidateUserInternal(user, oldPassword)) { ValidatePasswordEventArgs args = new ValidatePasswordEventArgs(username, newPassword, false); base.OnValidatingPassword(args); if (args.Cancel) { if (args.FailureInformation != null) { throw args.FailureInformation; } else { throw new MembershipPasswordException("Change password canceled due to new password validation failure."); } } if (!ValidatePassword(newPassword)) { throw new ArgumentException("Password doesn't meet password strength requirements!"); } /// user.PasswordSalt = string.Empty; user.Password = TransformPassword(newPassword, ref user.PasswordSalt); user.LastPasswordChangeDate = DateTime.Now; this.Store.Save(); /// return(true); } else { return(false); } } }
/// <summary> /// Removes a user from the membership data source. /// </summary> /// <param name="username">The name of the user to delete.</param> /// <param name="deleteAllRelatedData">true to delete data related to the user from the database; false to leave data related to the user in the database.</param> /// <returns> /// true if the user was successfully deleted; otherwise, false. /// </returns> public override bool DeleteUser(string username, bool deleteAllRelatedData) { try { lock (SyncRoot) { XmlUser user = this.Store.GetUserByName(username); if (user != null) { this.Store.Users.Remove(user); // FIX: http://www.codeplex.com/aspnetxmlproviders/WorkItem/View.aspx?WorkItemId=7186 this.Store.Save(); return(true); } } } catch { throw; } // return(false); }
/// <summary> /// Processes a request to update the password question and answer for a membership user. /// </summary> /// <param name="username">The user to change the password question and answer for.</param> /// <param name="password">The password for the specified user.</param> /// <param name="newPasswordQuestion">The new password question for the specified user.</param> /// <param name="newPasswordAnswer">The new password answer for the specified user.</param> /// <returns> /// true if the password question and answer are updated successfully; otherwise, false. /// </returns> public override bool ChangePasswordQuestionAndAnswer(string username, string password, string newPasswordQuestion, string newPasswordAnswer) { try { lock (SyncRoot) { XmlUser user = this.Store.GetUserByName(username); if (user != null && ValidateUserInternal(user, password)) { user.PasswordQuestion = newPasswordQuestion; user.PasswordAnswer = newPasswordAnswer; this.Store.Save(); return(true); } } } catch { throw; } // return(false); }
/// <summary> /// Gets information from the data source for a user based on the unique identifier for the membership user. Provides an option to update the last-activity date/time stamp for the user. /// </summary> /// <param name="providerUserKey">The unique identifier for the membership user to get information for.</param> /// <param name="userIsOnline">true to update the last-activity date/time stamp for the user; false to return user information without updating the last-activity date/time stamp for the user.</param> /// <returns> /// A <see cref="T:System.Web.Security.MembershipUser"></see> object populated with the specified user's information from the data source. /// </returns> public override MembershipUser GetUser(object providerUserKey, bool userIsOnline) { try { lock (SyncRoot) { XmlUser user = this.Store.GetUserByKey((Guid)providerUserKey); if (user != null) { if (userIsOnline) { user.LastActivityDate = DateTime.Now; this.Store.Save(); } return(CreateMembershipFromInternalUser(user)); } else { return(null); } } } catch { throw; } }
/// <summary> /// Gets information from the data source for a user. Provides an option to update the last-activity date/time stamp for the user. /// </summary> /// <param name="username">The name of the user to get information for.</param> /// <param name="userIsOnline">true to update the last-activity date/time stamp for the user; false to return user information without updating the last-activity date/time stamp for the user.</param> /// <returns> /// A <see cref="T:System.Web.Security.MembershipUser"></see> object populated with the specified user's information from the data source. /// </returns> public override MembershipUser GetUser(string username, bool userIsOnline) { try { lock (SyncRoot) { XmlUser user = this.Store.GetUserByName(username); if (user != null) { if (userIsOnline) { user.LastActivityDate = DateTime.Now; this.Store.Save(); } return(CreateMembershipFromInternalUser(user)); } else { return(null); } } } catch { throw; } }
/// <summary> /// Gets the password for the specified user name from the data source. /// </summary> /// <param name="username">The user to retrieve the password for.</param> /// <param name="answer">The password answer for the user.</param> /// <returns> /// The password for the specified user name. /// </returns> public override string GetPassword(string username, string answer) { try { if (EnablePasswordRetrieval) { lock (SyncRoot) { XmlUser user = this.Store.GetUserByName(username); if (user != null) { // >> FIX http://www.codeplex.com/aspnetxmlproviders/WorkItem/View.aspx?WorkItemId=9701 if (RequiresQuestionAndAnswer && answer.Equals(user.PasswordAnswer, StringComparison.OrdinalIgnoreCase)) { return(UnEncodePassword(user.Password)); } else if (!RequiresQuestionAndAnswer) { return(UnEncodePassword(user.Password)); } else { throw new System.Web.Security.MembershipPasswordException(); } // << FIX } } return(null); } else { throw new Exception("Password retrieval is not enabled!"); } } catch { throw; } }