public virtual User FindByUsernameOrEmailAddressAndPassword(string usernameOrEmail, string password)
{
// TODO: validate input
var user = FindByUsername(usernameOrEmail)
?? FindByEmailAddress(usernameOrEmail);
if (user == null)
{
return(ldapService.AutoEnroll(usernameOrEmail, password));
}
if (user.PasswordHashAlgorithm.Equals(Constants.LDAPHashAlgorithmId, StringComparison.OrdinalIgnoreCase))
{
//If input email , get userName for LDAP validation
if (usernameOrEmail.IndexOf('@') > -1)
{
usernameOrEmail = user.Username;
}
if (ldapService.ValidateUser(usernameOrEmail, password))
{
return(user);
}
else
{
return(null);
}
}
else
{
if (!Crypto.ValidateSaltedHash(user.HashedPassword, password, user.PasswordHashAlgorithm))
{
return(null);
}
else if (!user.PasswordHashAlgorithm.Equals(Constants.PBKDF2HashAlgorithmId, StringComparison.OrdinalIgnoreCase))
{
// If the user can be authenticated and they are using an older password algorithm, migrate them to the current one.
ChangePasswordInternal(user, password);
UserRepository.CommitChanges();
}
}
return(user);
}
