public override string ResetPassword(string username, string answer) { username = Util.GetUserName(username); if (!EnablePasswordReset) { throw new NotSupportedException("Password reset is not enabled."); } var db = GetDb(); var user = db.Users.SingleOrDefault(u => u.Username == username); if (user == null) { throw new MembershipPasswordException("The supplied user name is not found."); } if (answer == null && RequiresQuestionAndAnswer) { UpdateFailureCount(db, user, "passwordAnswer"); throw new ProviderException("Password answer required for password reset."); } var newPassword = Membership.GeneratePassword(newPasswordLength, MinRequiredNonAlphanumericCharacters); var args = new ValidatePasswordEventArgs(username, newPassword, true); OnValidatingPassword(args); if (args.Cancel) { if (args.FailureInformation != null) { throw args.FailureInformation; } else { throw new MembershipPasswordException("Reset password canceled due to password validation failure."); } } if (user.IsLockedOut) { throw new MembershipPasswordException("The supplied user is locked out."); } if (RequiresQuestionAndAnswer && !CheckPassword(answer, user.PasswordAnswer)) { UpdateFailureCount(db, user, "passwordAnswer"); throw new MembershipPasswordException("Incorrect password answer."); } user.Password = EncodePassword(newPassword); user.LastPasswordChangedDate = Util.Now; ApiSessionModel.DeleteSession(db, user); db.SubmitChanges(); return(newPassword); }
public override bool ChangePassword(string username, string oldPwd, string newPwd) { username = Util.GetUserName(username); if (!ValidateUser(username, oldPwd)) { return(false); } var args = new ValidatePasswordEventArgs(username, newPwd, true); OnValidatingPassword(args); if (args.Cancel) { if (args.FailureInformation != null) { throw args.FailureInformation; } else { throw new MembershipPasswordException("Change password canceled due to new password validation failure."); } } if (!AdminOverride) { if (newPwd.Length < MinRequiredPasswordLength) { throw new ArgumentException("Password must contain at least {0} chars".Fmt(MinRequiredPasswordLength)); } if (MembershipService.RequireSpecialCharacter) { if (newPwd.All(char.IsLetterOrDigit)) { throw new ArgumentException("Password needs at least 1 non-alphanumeric chars"); } } if (MembershipService.RequireOneNumber) { if (!newPwd.Any(char.IsDigit)) { throw new ArgumentException("Password needs at least 1 number"); } } if (MembershipService.RequireOneUpper) { if (!newPwd.Any(char.IsUpper)) { throw new ArgumentException("Password needs at least 1 uppercase letter"); } } } var db = GetDb(); var user = db.Users.Single(u => u.Username == username); user.Password = EncodePassword(newPwd); user.MustChangePassword = false; user.LastPasswordChangedDate = Util.Now; ApiSessionModel.DeleteSession(db, user); db.SubmitChanges(); return(true); }