public override string GetPassword(string username, string answer)
{
if (!EnablePasswordRetrieval)
throw new ProviderException("Password retrieval not enabled.");
if (PasswordFormat == MembershipPasswordFormat.Hashed)
throw new ProviderException("Cannot retrieve hashed passwords.");
string password = null;
string passwordAnswer = null;
using (Database db = new MySqlDatabase())
{
password = db.GetPassword(username, answer, _applicationName, out passwordAnswer);
}
if (RequiresQuestionAndAnswer && !CheckPassword(answer, passwordAnswer))
{
UpdateFailureCount(username, "passwordAnswer");
throw new MembershipPasswordException("Incorrect password answer.");
}
if (PasswordFormat == MembershipPasswordFormat.Encrypted)
password = UnEncodePassword(password);
return password;
}