/// <summary>
/// Generates a random password based on the rules passed in the settings parameter
/// This does not do any validation
/// </summary>
/// <param name="settings">Password generator settings object</param>
/// <returns>a random password</returns>
private string GenerateRandomPassword(PasswordGeneratorSettings settings)
{
const int MAXIMUM_IDENTICAL_CONSECUTIVE_CHARS = 2;
char[] password = new char[settings.PasswordLength];
char[] characters = settings.CharacterSet.ToCharArray();
char[] shuffledChars = Shuffle(characters.Select(x => x)).ToArray();
string shuffledCharacterSet = string.Join(null, shuffledChars);
int characterSetLength = shuffledCharacterSet.Length;
System.Random random = new System.Random();
for (int characterPosition = 0; characterPosition < settings.PasswordLength; characterPosition++)
{
password[characterPosition] = shuffledCharacterSet[random.Next(characterSetLength - 1)];
bool moreThanTwoIdenticalInARow =
characterPosition > MAXIMUM_IDENTICAL_CONSECUTIVE_CHARS &&
password[characterPosition] == password[characterPosition - 1] &&
password[characterPosition - 1] == password[characterPosition - 2];
if (moreThanTwoIdenticalInARow)
{
characterPosition--;
}
}
return(string.Join(null, password));
}
private static char[] GetAllowedCharsets(PasswordGeneratorSettings settings)
{
StringBuilder builder = new StringBuilder();
if (settings.AllowNumbers)
{
builder.Append(PasswordCharsets.Numbers);
}
if (settings.AllowLowercaseLetters)
{
builder.Append(PasswordCharsets.LowercaseLetters);
}
if (settings.AllowUppercaseLetters)
{
builder.Append(PasswordCharsets.UppercaseLetters);
}
if (settings.AllowSpecialCharacters)
{
builder.Append(PasswordCharsets.SpecialCharacters);
}
if (settings.AllowSpace)
{
builder.Append(PasswordCharsets.Space);
}
return(builder.ToString().ToCharArray());
}
public AddServiceDialog(Notifier notifier)
{
Service = new Service();
PasswordGeneratorSettings = new PasswordGeneratorSettings(AppSettings.Settings.DefaultPasswordGeneratorSettings);
Notifier = notifier;
DataContext = this;
InitializeComponent();
}
public EditServiceDialog(Service service, Notifier notifier)
{
_service = service;
Service = new Service(service);
PasswordGeneratorSettings = new PasswordGeneratorSettings(AppSettings.Settings.DefaultPasswordGeneratorSettings);
Notifier = notifier;
DataContext = this;
InitializeComponent();
}
public override void Load()
{
var passwordGeneratorSettings = new PasswordGeneratorSettings(true, false, true, false, 8, 3, false);
Bind <PasswordGenerator>()
.ToSelf()
.WithConstructorArgument(passwordGeneratorSettings);
Bind <IPasswordGenerator>()
.To <PasswordGeneratorAdapter>();
}
/// <summary>
/// When you give it a password and some _settings, it validates the password against the _settings.
/// </summary>
/// <param name="settings">Password settings</param>
/// <param name="password">Password to test</param>
/// <returns>True or False to say if the password is valid or not</returns>
public bool PasswordIsValid(PasswordGeneratorSettings settings, string password)
{
const string REGEX_LOWERCASE = @"[a-z]";
const string REGEX_UPPERCASE = @"[A-Z]";
const string REGEX_NUMERIC = @"[\d]";
const string REGEX_SPECIAL = @"([!#$%&*@\\])+";
bool lowerCaseIsValid = !settings.IncludeLowercase || (settings.IncludeLowercase && Regex.IsMatch(password, REGEX_LOWERCASE));
bool upperCaseIsValid = !settings.IncludeUppercase || (settings.IncludeUppercase && Regex.IsMatch(password, REGEX_UPPERCASE));
bool numericIsValid = !settings.IncludeNumeric || (settings.IncludeNumeric && Regex.IsMatch(password, REGEX_NUMERIC));
bool specialIsValid = !settings.IncludeSpecial || (settings.IncludeSpecial && Regex.IsMatch(password, REGEX_SPECIAL));
return(lowerCaseIsValid && upperCaseIsValid && numericIsValid && specialIsValid && LengthIsValid(password.Length, settings.MinimumLength, settings.MaximumLength));
}
public static string Generate(PasswordGeneratorSettings settings)
{
var allowedCharset = GetAllowedCharsets(settings);
var array = ShuffleArray(allowedCharset);
StringBuilder password = new StringBuilder();
for (int i = 0; i < settings.PasswordLength; i++)
{
password.Append(array[RandomNumberGenerator.GetInt32(int.MaxValue) % array.Length]);
}
return(password.ToString());
}
public PasswordGenerator IncludeSpecial()
{
this._settings = _settings.AddSpecial();
return(this);
}
public PasswordGenerator IncludeNumeric()
{
this._settings = _settings.AddNumeric();
return(this);
}
public PasswordGenerator IncludeUppercase()
{
this._settings = _settings.AddUppercase();
return(this);
}
public PasswordGenerator(bool includeLowercase, bool includeUppercase, bool includeNumeric, bool includeSpecial, int passwordLength, int maximumAttempts)
{
_settings = new PasswordGeneratorSettings(includeLowercase, includeUppercase, includeNumeric, includeSpecial, passwordLength, maximumAttempts, false);
}
public PasswordGenerator(bool includeLowercase, bool includeUppercase, bool includeNumeric, bool includeSpecial, int passwordLength)
{
_settings = new PasswordGeneratorSettings(includeLowercase, includeUppercase, includeNumeric, includeSpecial, passwordLength, _defaultMaxPasswordAttempts, false);
}
public PasswordGenerator(int passwordLength)
{
_settings = new PasswordGeneratorSettings(_defaultIncludeLowercase, _defaultIncludeUppercase, _defaultIncludeNumeric, _defaultIncludeSpecial, passwordLength, _defaultMaxPasswordAttempts, true);
}
public PasswordGenerator(PasswordGeneratorSettings settings)
{
_settings = settings;
}
//To be discussed !! (What to return)
public static TutorType UserSignUp(User user, string actUrl, string conStr = "")
{
TutorType tutor = null;
const int MAXIMUM_PASSWORD_ATTEMPTS = 10000;
bool includeLowercase = true;
bool includeUppercase = true;
bool includeNumeric = true;
bool includeSpecial = false;
int lengthOfPassword = 16;
PasswordGeneratorSettings settings = new PasswordGeneratorSettings(includeLowercase, includeUppercase, includeNumeric, includeSpecial, lengthOfPassword);
string password;
if (!settings.IsValidLength())
{
password = settings.LengthErrorMessage();
}
else
{
int passwordAttempts = 0;
do
{
password = PasswordGenerator.GeneratePassword(settings);
passwordAttempts++;
}while (passwordAttempts < MAXIMUM_PASSWORD_ATTEMPTS && !PasswordGenerator.PasswordIsValid(settings, password));
password = PasswordGenerator.PasswordIsValid(settings, password) ? password : "******";
}
user.ActivationCode = password;
using (SqlConnection con = new SqlConnection(conStr))
{
using (SqlCommand cmd = new SqlCommand("sp_ManageUsers", con))
{
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add(new SqlParameter()
{
ParameterName = "@Mode",
Value = "Insert"
});
cmd.Parameters.Add("@FirstName", SqlDbType.VarChar).Value = user.FirstName;
cmd.Parameters.Add("@LastName", SqlDbType.VarChar).Value = user.LastName;
cmd.Parameters.Add("@Email", SqlDbType.VarChar).Value = user.Email;
cmd.Parameters.Add("@Password", SqlDbType.VarChar).Value = user.Password;
cmd.Parameters.Add("@ActivationCode", SqlDbType.VarChar).Value = user.ActivationCode;
cmd.Parameters.Add("@CountryId", SqlDbType.Int).Value = user.LocationSettings.Country.Id;
cmd.Parameters.Add("@ObjEntityId", SqlDbType.Int).Value = (Byte)user.Type;
cmd.Parameters.Add("@TimeZoneOffset", SqlDbType.Int).Value = user.TimezoneOffset;
con.Open();
int rows = cmd.ExecuteNonQuery();
bool success = false;
if (rows > 0)
{
//TODO: Notify SecondaryEmail first if any.
string htmlString = "<html><body><h1>Dear " + user.FirstName + ",</h1><br/>" +
"<h6>Please click on the link below to activate your account:</h6><br/><br/>" +
"<a href=\"" + actUrl + "/" + user.UserId + "/" + user.ActivationCode + "\">Activate</a></body></html>";
success = new EmailNotifier
{
From = "*****@*****.**", //TODO: Read from DB
Password = "******", //TODO: Read from DB
To = new string[] { user.Email },
Subject = "INTO Account",
Body = htmlString,
IsBodyHtml = true,
SmtpServer = "smtp.gmail.com",
SmtpPort = 587,
IsSSL = true
}.Notify();
}
if (success)
{
tutor = new TutorType {
FirstName = user.FirstName, LastName = user.LastName, Active = false, LocationSettings = user.LocationSettings, Phone = user.Phone, Email = user.Email, Password = user.Password
};
}
}
return(tutor);
}
}
public static TutorType PrepareForConfirmation(long userId, int objEntityId, int stepId, string actUrl = "", int? lang = 1, string conStr = "")
{
const int MAXIMUM_PASSWORD_ATTEMPTS = 10000;
bool includeLowercase = true;
bool includeUppercase = true;
bool includeNumeric = true;
bool includeSpecial = false;
int lengthOfPassword = 16;
PasswordGeneratorSettings settings = new PasswordGeneratorSettings(includeLowercase, includeUppercase, includeNumeric, includeSpecial, lengthOfPassword);
string actCode;
if (!settings.IsValidLength())
{
actCode = settings.LengthErrorMessage();
}
else
{
int passwordAttempts = 0;
do
{
actCode = PasswordGenerator.GeneratePassword(settings);
passwordAttempts++;
}
while (passwordAttempts < MAXIMUM_PASSWORD_ATTEMPTS && !PasswordGenerator.PasswordIsValid(settings, actCode));
actCode = PasswordGenerator.PasswordIsValid(settings, actCode) ? actCode : "Try again";
}
using (SqlConnection con = new SqlConnection(conStr))
{
SqlCommand cmd = new SqlCommand("sp_ManageTutor", con);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add(new SqlParameter()
{
ParameterName = "@Mode",
Value = "CheckAgreement"
});
cmd.Parameters.Add(new SqlParameter()
{
ParameterName = "@UId",
Value = userId
});
cmd.Parameters.Add(new SqlParameter()
{
ParameterName = "@ObjEntityId",
Value = objEntityId
});
cmd.Parameters.Add(new SqlParameter()
{
ParameterName = "@RegistrationStepId",
Value = stepId
});
cmd.Parameters.Add(new SqlParameter()
{
ParameterName = "@ActivationCode",
Value = actCode
});
con.Open();
SqlDataReader rdr = cmd.ExecuteReader();
TutorType tutor = null;
if (rdr.HasRows)
{
rdr.Read();
tutor = new TutorType(rdr);
}
bool success = false;
if (tutor != null)
{
//TODO: Notify SecondaryEmail first if any.
string htmlString = "<html><body><h1>Dear " + tutor.FirstName + ",</h1><br/>" +
"<h6>Please click on the link below to confirm our business agreement:</h6><br/><br/>" +
"<a href='" + actUrl + "/" + tutor.UserId + "/" + actCode + "/" + stepId + "/" + lang + "'>Ready For The Interview</a></body></html>";
success = new EmailNotifier
{
From = "*****@*****.**",//TODO: Read from DB
Password = "******",//TODO: Read from DB
To = new string[] { tutor.Email },
Subject = "INTO Tutoring Agreement",
Body = htmlString,
IsBodyHtml = true,
SmtpServer = "smtp.gmail.com",
SmtpPort = 587,
IsSSL = true
}.Notify();
}
return tutor;
}
}
public static User ResetPassword(string email, string actUrl, string conStr = "")
{
const int MAXIMUM_PASSWORD_ATTEMPTS = 10000;
bool includeLowercase = true;
bool includeUppercase = true;
bool includeNumeric = true;
bool includeSpecial = false;
int lengthOfPassword = 16;
PasswordGeneratorSettings settings = new PasswordGeneratorSettings(includeLowercase, includeUppercase, includeNumeric, includeSpecial, lengthOfPassword);
string password;
if (!settings.IsValidLength())
{
password = settings.LengthErrorMessage();
}
else
{
int passwordAttempts = 0;
do
{
password = PasswordGenerator.GeneratePassword(settings);
passwordAttempts++;
}while (passwordAttempts < MAXIMUM_PASSWORD_ATTEMPTS && !PasswordGenerator.PasswordIsValid(settings, password));
password = PasswordGenerator.PasswordIsValid(settings, password) ? password : "******";
}
User user = new User {
Email = email, ActivationCode = password
};
using (SqlConnection con = new SqlConnection(conStr))
{
using (SqlCommand cmd = new SqlCommand("sp_ManageUsers", con))
{
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add(new SqlParameter()
{
ParameterName = "@Mode",
Value = "PreparePwdReset"
});
cmd.Parameters.Add("@Email", SqlDbType.VarChar).Value = user.Email;
cmd.Parameters.Add("@ActivationCode", SqlDbType.VarChar).Value = user.ActivationCode;
con.Open();
SqlDataReader rdr = cmd.ExecuteReader();
bool success = false;
if (rdr.HasRows)
{
while (rdr.Read())
{
user = new User(rdr);
}
//TODO: Notify SecondaryEmail first if any.
string htmlString = "<html><body><h1>Dear " + user.FirstName + ",</h1><br/>" +
"<h6>Please click on the link below and follow the procedure to reset your password:</h6><br/><br/>" +
"<a href=\"" + actUrl + "/" + user.UserId + "?rcode=" + user.ActivationCode + "\">Reset Password</a></body></html>";
success = new EmailNotifier
{
From = "*****@*****.**",
Password = "******",
To = new string[] { user.Email },
Subject = "INTO Login Infos",
Body = htmlString,
IsBodyHtml = true,
SmtpServer = "smtp.gmail.com",
SmtpPort = 587,
IsSSL = true
}.Notify();
}
if (success)
{
return(user);
}
}
}
return(user);
}
