public PasswordData EncryptPassword(string password)
{
CheckHelper.ArgumentNotNullAndNotEmpty(password, "password");
var passwordSalt = GeneratePasswordSalt();
return(EncryptPassword(password, passwordSalt));
}
public void ChangePassword(string newPassword)
{
CheckHelper.ArgumentNotNullAndNotEmpty(newPassword, "newPassword");
CheckHelper.ArgumentWithinCondition(
StringValidator.ValidatePassword(newPassword),
"Password has invalid format.");
CheckHelper.WithinCondition(IsLoggedIn, "User is not logged in.");
CheckHelper.WithinCondition(_currentUser.Login != DTO.User.GUEST_LOGIN, "Guest cannot change password.");
var persistentService = Container.Get <IPersistentService>();
var user = persistentService.GetEntityById <User>(_currentUser.Id);
CheckHelper.NotNull(user, "Current user does not exist.");
if (!user.Active)
{
throw new SecurityServiceException("Пользователь отключен администратором.");
}
var encryptService = Container.Get <IEncryptService>();
var passwordData = encryptService.EncryptPassword(newPassword);
user.UpdatePasswordData(passwordData);
user.UpdateTrackFields(Container);
persistentService.SaveChanges();
var actionLogService = Container.Get <IActionLogService>();
var actionLog =
new DTO.ActionLog
{
Text = string.Format("{0} сменил пароль.", user.GetDataString()),
DocumentId = user.Id,
ActionLogType = actionLogService.UserChangedPasswordType
};
actionLogService.CreateActionLog(actionLog);
}
public PasswordData EncryptPassword(string password, string passwordSalt)
{
CheckHelper.ArgumentNotNullAndNotEmpty(password, "password");
CheckHelper.ArgumentNotNullAndNotEmpty(passwordSalt, "passwordSalt");
var bytes = Encoding.Unicode.GetBytes(password + passwordSalt);
byte[] hashBytes;
using (var md5 = new MD5CryptoServiceProvider())
hashBytes = md5.ComputeHash(bytes);
var sb = new StringBuilder(32);
hashBytes.ForEach(hashByte => sb.AppendFormat("{0:X2}", hashByte));
return
(new PasswordData
{
Password = password,
PasswordSalt = passwordSalt,
PasswordHash = sb.ToString()
});
}