protected void SubmitButton_Click(object sender, EventArgs e)
{
if (Page.IsValid)
{
//VERIFY THE NEW PASSWORD MEETS POLICY
PasswordPolicy policy;
if (_User.IsAdmin)
{
policy = new MerchantPasswordPolicy();
}
else
{
policy = new CustomerPasswordPolicy();
}
PasswordTestResult result = policy.TestPasswordWithFeedback(_User, Password.Text);
if ((result & PasswordTestResult.Success) == PasswordTestResult.Success)
{
_User.SetPassword(Password.Text);
_User.Comment = string.Empty;
_User.Save();
CommerceBuilder.Users.User.Migrate(AbleContext.Current.User, _User);
FormsAuthentication.SetAuthCookie(_User.UserName, false);
Response.Redirect(AbleCommerce.Code.NavigationHelper.GetHomeUrl());
}
else
{
//Your password did not meet the following minimum requirements
if ((result & PasswordTestResult.PasswordTooShort) == PasswordTestResult.PasswordTooShort)
{
AddPasswordValidator("Password length must be at least " + policy.MinLength.ToString() + " characters.");
}
if ((result & PasswordTestResult.RequireLower) == PasswordTestResult.RequireLower)
{
AddPasswordValidator("Password must contain at least one lowercase letter.<br/>");
}
if ((result & PasswordTestResult.RequireUpper) == PasswordTestResult.RequireUpper)
{
AddPasswordValidator("Password must contain at least one uppercase letter.<br/> ");
}
if ((result & PasswordTestResult.RequireNonAlpha) == PasswordTestResult.RequireNonAlpha)
{
AddPasswordValidator("Password must contain at least one non-letter.<br/> ");
}
if ((result & PasswordTestResult.RequireNumber) == PasswordTestResult.RequireNumber)
{
AddPasswordValidator("Password must contain at least one number.<br/> ");
}
if ((result & PasswordTestResult.RequireSymbol) == PasswordTestResult.RequireSymbol)
{
AddPasswordValidator("Password must contain at least one symbol.<br/> ");
}
if ((result & PasswordTestResult.PasswordHistoryLimitation) == PasswordTestResult.PasswordHistoryLimitation)
{
AddPasswordValidator("You have recently used this password.<br/>");
}
}
}
}
/// <summary>
/// Validates the password against the effective policy
/// </summary>
/// <returns>True if the password is valid, false if it does not meet the policy requirements.</returns>
private bool ValidatePassword()
{
// GET THE INITIAL GROUP SO WE CAN DETERMINE PASSWORD POLICY TO EMPLOY
int groupId = AlwaysConvert.ToInt(AddGroup.SelectedValue);
CommerceBuilder.Users.Group group = GroupDataSource.Load(groupId);
// LOAD THE APPROPRIATE PASSWORD POLICY
PasswordPolicy policy;
if (IsAdminGroup(group))
{
policy = new MerchantPasswordPolicy();
}
else
{
policy = new CustomerPasswordPolicy();
}
PasswordTestResult result = policy.TestPasswordWithFeedback(null, AddPassword.Text);
if ((result & PasswordTestResult.Success) != PasswordTestResult.Success)
{
// THE PASSWORD DOES NOT MEET THE POLICY
if ((result & PasswordTestResult.PasswordTooShort) == PasswordTestResult.PasswordTooShort)
{
AddCustomValidationError(phPasswordValidation, AddPassword, "Password length must be at least " + policy.MinLength.ToString() + " characters.");
}
if ((result & PasswordTestResult.RequireUpper) == PasswordTestResult.RequireUpper)
{
AddCustomValidationError(phPasswordValidation, AddPassword, "Password must contain at least one uppercase character.");
}
if ((result & PasswordTestResult.RequireLower) == PasswordTestResult.RequireLower)
{
AddCustomValidationError(phPasswordValidation, AddPassword, "Password must contain at least one lowercase character.");
}
if ((result & PasswordTestResult.RequireNumber) == PasswordTestResult.RequireNumber)
{
AddCustomValidationError(phPasswordValidation, AddPassword, "Password must contain at least one number.");
}
if ((result & PasswordTestResult.RequireSymbol) == PasswordTestResult.RequireSymbol)
{
AddCustomValidationError(phPasswordValidation, AddPassword, "Password must contain at least one symbol (e.g. underscore or punctuation)");
}
if ((result & PasswordTestResult.RequireSymbol) == PasswordTestResult.RequireSymbol)
{
AddCustomValidationError(phPasswordValidation, AddPassword, "Password must contain at least one symbol (e.g. underscore or punctuation)");
}
if ((result & PasswordTestResult.RequireNonAlpha) == PasswordTestResult.RequireNonAlpha)
{
AddCustomValidationError(phPasswordValidation, AddPassword, "Password must contain at least one non-alphabetic character");
}
return(false);
}
return(true);
}
private PasswordTestResult UpdatePasswordTestResult(PasswordTestResult oldResult, PasswordTestResult newResult)
{
if ((oldResult & PasswordTestResult.Success) == PasswordTestResult.Success)
{
return(newResult);
}
else
{
return(oldResult | newResult);
}
}
protected bool EnforcePasswordPolicy()
{
// DETERMINE THE APPROPRIATE POLICY FOR THE USER
PasswordPolicy policy;
if (_User.IsAdmin)
{
policy = new MerchantPasswordPolicy();
}
else
{
policy = new CustomerPasswordPolicy();
}
// CHECK IF PASSWORD MEETS POLICY
PasswordTestResult result = policy.TestPasswordWithFeedback(NewPassword.Text.Trim());
if ((result & PasswordTestResult.Success) == PasswordTestResult.Success)
{
return(true);
}
// PASSWORD DOES NOT MEET POLICY
StringBuilder newErrorMessage = new StringBuilder();
newErrorMessage.Append(PasswordPolicyValidator.ErrorMessage + "<ul>");
if ((result & PasswordTestResult.PasswordTooShort) == PasswordTestResult.PasswordTooShort)
{
newErrorMessage.Append("<li>New password length must be at least " + policy.MinLength.ToString() + " characters.</li>");
}
if ((result & PasswordTestResult.RequireLower) == PasswordTestResult.RequireLower)
{
newErrorMessage.Append("<li>New password must contain at least one lowercase letter.<li>");
}
if ((result & PasswordTestResult.RequireUpper) == PasswordTestResult.RequireUpper)
{
newErrorMessage.Append("<li>New password must contain at least one uppercase letter.</li>");
}
if ((result & PasswordTestResult.RequireNonAlpha) == PasswordTestResult.RequireNonAlpha)
{
newErrorMessage.Append("<li>New password must contain at least one non-letter.</li>");
}
if ((result & PasswordTestResult.RequireNumber) == PasswordTestResult.RequireNumber)
{
newErrorMessage.Append("<li>New password must contain at least one number.</li> ");
}
if ((result & PasswordTestResult.RequireSymbol) == PasswordTestResult.RequireSymbol)
{
newErrorMessage.Append("<li>New password must contain at least one symbol.</li>");
}
PasswordPolicyValidator.ErrorMessage = newErrorMessage.ToString() + "</ul>";
PasswordPolicyValidator.IsValid = false;
return(false);
}
/// <summary>
/// Tests a user new password to see if it conforms with the rules established by the policy.
/// </summary>
/// <param name="user">user</param>
/// <param name="password">password to test</param>
/// <returns>PasswordTestResult flag indicating the test result</returns>
public PasswordTestResult TestPasswordWithFeedback(User user, string password)
{
PasswordTestResult result = PasswordTestResult.Success;
if (password.Length < this.MinLength)
{
result = UpdatePasswordTestResult(result, PasswordTestResult.PasswordTooShort);
}
if ((this.RequireUpper) && (!Regex.IsMatch(password, "[A-Z]")))
{
result = UpdatePasswordTestResult(result, PasswordTestResult.RequireUpper);
}
if ((this.RequireLower) && (!Regex.IsMatch(password, "[a-z]")))
{
result = UpdatePasswordTestResult(result, PasswordTestResult.RequireLower);
}
if ((this.RequireNumber) && (!Regex.IsMatch(password, "[0-9]")))
{
result = UpdatePasswordTestResult(result, PasswordTestResult.RequireNumber);
}
if ((this.RequireSymbol) && (!Regex.IsMatch(password, "[^0-9a-zA-Z]")))
{
result = UpdatePasswordTestResult(result, PasswordTestResult.RequireSymbol);
}
if ((this.RequireNonAlpha) && (!Regex.IsMatch(password, "[^a-zA-Z]")))
{
result = UpdatePasswordTestResult(result, PasswordTestResult.RequireNonAlpha);
}
if (user != null)
{
//VERIFY THE GIVEN PASSWORD DOES NOT EXIST IN HISTORY
DateTime historyExpirationDate = LocaleHelper.LocalNow.AddDays(-1 * this.HistoryDays);
foreach (UserPassword oldPassword in user.Passwords)
{
if ((oldPassword.PasswordNumber - 1) <= this.HistoryCount)
{
if ((this.HistoryDays == 0) || (historyExpirationDate <= oldPassword.CreateDate))
{
if (oldPassword.VerifyPassword(password))
{
result = UpdatePasswordTestResult(result, PasswordTestResult.PasswordHistoryLimitation);
}
}
}
}
}
return(result);
}
protected void SaveButton_Click(object sender, EventArgs e)
{
if (Page.IsValid)
{
User user = AbleContext.Current.User;
string currentUserName = user.UserName;
// VALIDATE THE PASSWORD IF THIS IS NOT AN ANONYMOUS USER
bool validPassword;
if (!user.IsAnonymousOrGuest)
{
validPassword = Membership.ValidateUser(currentUserName, CurrentPassword.Text);
if (!validPassword)
{
InvalidPassword.IsValid = false;
return;
}
}
else
{
validPassword = true;
}
// VALIDATE NEW PASSWORD AGASINT POLICY
if (Password.Text.Length > 0)
{
PasswordPolicy policy;
if (user.IsAdmin)
{
policy = new MerchantPasswordPolicy();
}
else
{
policy = new CustomerPasswordPolicy();
}
PasswordTestResult result = policy.TestPasswordWithFeedback(user, Password.Text);
if ((result & PasswordTestResult.Success) != PasswordTestResult.Success)
{
PasswordPolicyValidator.ErrorMessage += "<UL>";
if ((result & PasswordTestResult.PasswordTooShort) == PasswordTestResult.PasswordTooShort)
{
AddPwdValidationError(string.Format(PasswordPolicyLength.Text, policy.MinLength));
}
if ((result & PasswordTestResult.RequireLower) == PasswordTestResult.RequireLower)
{
AddPwdValidationError("New password must contain at least one lowercase letter.");
}
if ((result & PasswordTestResult.RequireUpper) == PasswordTestResult.RequireUpper)
{
AddPwdValidationError("New password must contain at least one uppercase letter. ");
}
if ((result & PasswordTestResult.RequireNonAlpha) == PasswordTestResult.RequireNonAlpha)
{
AddPwdValidationError("New password must contain at least one non-letter.");
}
if ((result & PasswordTestResult.RequireNumber) == PasswordTestResult.RequireNumber)
{
AddPwdValidationError("New password must contain at least one number.");
}
if ((result & PasswordTestResult.RequireSymbol) == PasswordTestResult.RequireSymbol)
{
AddPwdValidationError("New password must contain at least one symbol.");
}
if ((result & PasswordTestResult.PasswordHistoryLimitation) == PasswordTestResult.PasswordHistoryLimitation)
{
AddPwdValidationError("You have recently used this password.");
}
PasswordPolicyValidator.ErrorMessage += "</UL>";
PasswordPolicyValidator.IsValid = false;
return;
}
}
else if (user.IsAnonymousOrGuest)
{
// PASSWORD IS REQUIRED FOR NEW ANONYMOUS ACCOUNTS
PasswordRequiredValidator.IsValid = false;
return;
}
// IF USERNAME IS CHANGED, VALIDATE THE NEW NAME IS AVAILABLE
string newUserName = UserName.Text.Trim();
bool userNameChanged = (currentUserName != newUserName);
if (userNameChanged)
{
// CHECK IF THERE IS ALREADY A USER WITH DESIRED USERNAME
if (UserDataSource.GetUserIdByUserName(newUserName) > 0)
{
// A USER ALREADY EXISTS WITH THAT NAME
phUserNameUnavailable.Visible = true;
return;
}
}
// OPT-OUT REVIEW REMINDERS
user.Settings.OptOutReviewReminders = !ReviewReminders.Checked;
// UPDATE THE USER RECORD WITH NEW VALUES
user.Email = Email.Text.Trim();
user.PrimaryAddress.Email = user.Email;
user.UserName = newUserName;
user.Save();
// RESET AUTH COOKIE WITH NEW USERNAME IF NEEDED
if (userNameChanged)
{
FormsAuthentication.SetAuthCookie(newUserName, false);
}
// UPDATE PASSWORD IF INDICATED
if (Password.Text.Length > 0)
{
user.SetPassword(Password.Text);
}
// UPDATE MAILING PREFERENCES
if (phEmailLists.Visible)
{
UpdateEmailLists();
}
// DISPLAY RESULT
SavedMessage.Visible = true;
}
}
protected void SaveButton_Click(object sender, EventArgs e)
{
if (Page.IsValid)
{
User user = AbleContext.Current.User;
string currentUserName = user.UserName;
// VALIDATE THE PASSWORD IF THIS IS NOT AN ANONYMOUS USER
bool validPassword;
if (!user.IsAnonymousOrGuest)
{
validPassword = Membership.ValidateUser(currentUserName, CurrentPassword.Text);
if (!validPassword)
{
InvalidPassword.IsValid = false;
return;
}
}
else
{
validPassword = true;
}
// VALIDATE NEW PASSWORD AGASINT POLICY
if (Password.Text.Length > 0)
{
PasswordPolicy policy;
if (user.IsAdmin)
{
policy = new MerchantPasswordPolicy();
}
else
{
policy = new CustomerPasswordPolicy();
}
PasswordTestResult result = policy.TestPasswordWithFeedback(user, Password.Text);
if ((result & PasswordTestResult.Success) != PasswordTestResult.Success)
{
PasswordPolicyValidator.ErrorMessage += "<UL>";
if ((result & PasswordTestResult.PasswordTooShort) == PasswordTestResult.PasswordTooShort)
{
AddPwdValidationError(string.Format(PasswordPolicyLength.Text, policy.MinLength));
}
if ((result & PasswordTestResult.RequireLower) == PasswordTestResult.RequireLower)
{
AddPwdValidationError("New password must contain at least one lowercase letter.");
}
if ((result & PasswordTestResult.RequireUpper) == PasswordTestResult.RequireUpper)
{
AddPwdValidationError("New password must contain at least one uppercase letter. ");
}
if ((result & PasswordTestResult.RequireNonAlpha) == PasswordTestResult.RequireNonAlpha)
{
AddPwdValidationError("New password must contain at least one non-letter.");
}
if ((result & PasswordTestResult.RequireNumber) == PasswordTestResult.RequireNumber)
{
AddPwdValidationError("New password must contain at least one number.");
}
if ((result & PasswordTestResult.RequireSymbol) == PasswordTestResult.RequireSymbol)
{
AddPwdValidationError("New password must contain at least one symbol.");
}
if ((result & PasswordTestResult.PasswordHistoryLimitation) == PasswordTestResult.PasswordHistoryLimitation)
{
AddPwdValidationError("You have recently used this password.");
}
PasswordPolicyValidator.ErrorMessage += "</UL>";
PasswordPolicyValidator.IsValid = false;
return;
}
}
else if (user.IsAnonymousOrGuest)
{
// PASSWORD IS REQUIRED FOR NEW ANONYMOUS ACCOUNTS
PasswordRequiredValidator.IsValid = false;
return;
}
// UPDATE THE USER RECORD WITH NEW VALUES
user.Save();
// UPDATE PASSWORD IF INDICATED
if (Password.Text.Length > 0)
{
user.SetPassword(Password.Text);
}
// DISPLAY RESULT
ConfirmationMsg.Visible = true;
}
}
protected void ChangePasswordButton_Click(object sender, EventArgs e)
{
if (Page.IsValid)
{
//VERIFY THE GIVEN USERNAME IS VALID
User user = UserDataSource.LoadForUserName(UserName.Text);
if ((user != null) && !string.IsNullOrEmpty(UserName.Text) && !string.IsNullOrEmpty(_LastPasswordValue))
{
//VERIFY CURRENT PASSWORD IS CORRECT
if (Membership.ValidateUser(UserName.Text, _LastPasswordValue))
{
//VERIFY THE NEW PASSWORD MEETS POLICY
MerchantPasswordPolicy policy = new MerchantPasswordPolicy();
PasswordTestResult result = policy.TestPasswordWithFeedback(user, NewPassword.Text);
if ((result & PasswordTestResult.Success) == PasswordTestResult.Success && !NewPassword.Text.Equals(_LastPasswordValue))
{
// PASSWORD CHANGE SUCCEEDED, REDIRECT TO THE MERCHANT ADMIN
user.SetPassword(NewPassword.Text);
FormsAuthentication.SetAuthCookie(UserName.Text, false);
Response.Redirect("~/Admin/Default.aspx");
}
else
{
//REDISPLAY THE PASSWORD REQUIREMENST
ShowPasswordExpired();
//"Your new password did not meet the following minimum requirements:<br/>";
if ((result & PasswordTestResult.PasswordTooShort) == PasswordTestResult.PasswordTooShort)
{
AddPasswordExpiredValidator(string.Format(PasswordPolicyLength.Text, policy.MinLength));
}
if ((result & PasswordTestResult.RequireLower) == PasswordTestResult.RequireLower)
{
AddPasswordExpiredValidator("New password must contain at least one lowercase letter.<br/>");
}
if ((result & PasswordTestResult.RequireUpper) == PasswordTestResult.RequireUpper)
{
AddPasswordExpiredValidator("New password must contain at least one uppercase letter.<br/> ");
}
if ((result & PasswordTestResult.RequireNonAlpha) == PasswordTestResult.RequireNonAlpha)
{
AddPasswordExpiredValidator("New password must contain at least one non-letter.<br/> ");
}
if ((result & PasswordTestResult.RequireNumber) == PasswordTestResult.RequireNumber)
{
AddPasswordExpiredValidator("New password must contain at least one number.<br/> ");
}
if ((result & PasswordTestResult.RequireSymbol) == PasswordTestResult.RequireSymbol)
{
AddPasswordExpiredValidator("New password must contain at least one symbol.<br/> ");
}
if ((result & PasswordTestResult.PasswordHistoryLimitation) == PasswordTestResult.PasswordHistoryLimitation)
{
AddPasswordExpiredValidator("You have recently used this password.<br/>");
}
if (NewPassword.Text.Equals(_LastPasswordValue))
{
AddPasswordExpiredValidator("You new password must be different from your current password.<br/>");
}
}
}
}
}
}
public async Task <ActionResult> Do(PasswordChangeRequestModel model)
{
try
{
this.rateLimiter.ThrowOnRateLimitExceeded(model.UserName, this.Request);
if (!this.ModelState.IsValid)
{
return(this.View(model));
}
if (model.NewPassword != model.ConfirmNewPassword)
{
this.ModelState.AddModelError(nameof(model.ConfirmNewPassword), Resources.UIMessages.PasswordsDoNotMatch);
return(this.View(model));
}
PasswordTestResult result = await this.passwordManager.TestPassword(model.UserName, model.NewPassword).ConfigureAwait(false);
if (result.Code != PasswordTestResultCode.Approved)
{
this.ModelState.AddModelError(nameof(model.ConfirmNewPassword), result.ToString());
return(this.View(model));
}
await this.ChangePassword(model.UserName, model.CurrentPassword, model.NewPassword).ConfigureAwait(false);
model.Success = true;
if (model.Redirect != null)
{
if (this.ValidRedirectUri(model.Redirect))
{
return(new RedirectResult(model.Redirect));
}
else
{
model.Redirect = null;
}
}
return(this.View("Success"));
}
catch (NotFoundException)
{
Logger.Error($"The password change attempt for user {model.UserName} failed because the user was not found in the directory");
this.ModelState.AddModelError(nameof(model.CurrentPassword), Resources.UIMessages.InvalidUserOrPassword);
return(this.View(model));
}
catch (PasswordIncorrectException)
{
Logger.Error($"The password change attempt for user {model.UserName} failed because the current password was incorrect");
this.ModelState.AddModelError(nameof(model.CurrentPassword), Resources.UIMessages.InvalidUserOrPassword);
return(this.View(model));
}
catch (PasswordDoesNotMeetPolicyException)
{
Logger.Error($"The password change attempt for user {model.UserName} failed because AD rejected the password change");
this.ModelState.AddModelError(nameof(model.ConfirmNewPassword), Resources.UIMessages.PasswordRejectedByAdPolicy);
return(this.View(model));
}
catch (RateLimitExceededException ex)
{
Logger.Error(ex.Message);
return(this.View("RateLimitExceeded"));
}
catch (Exception ex)
{
Logger.Error(ex, "An unhandled exception occurred when attempting the password change");
this.ModelState.AddModelError(nameof(model.ConfirmNewPassword), Resources.UIMessages.UnhandledError);
return(this.View(model));
}
}
protected void ChangePasswordButton_Click(object sender, EventArgs e)
{
if (Page.IsValid)
{
//VERIFY CURRENT PASSWORD IS CORRECT
User u = AbleContext.Current.User;
if (u.CheckPassword(CurrentPassword.Text))
{
//VERIFY THE NEW PASSWORD MEETS POLICY
PasswordPolicy policy = new MerchantPasswordPolicy();
PasswordTestResult result = policy.TestPasswordWithFeedback(u, NewPassword.Text);
if ((result & PasswordTestResult.Success) == PasswordTestResult.Success)
{
u.SetPassword(NewPassword.Text);
ShowChangePassword.Visible = false;
ChangePasswordPanel.Visible = false;
PasswordChangedMessage.Visible = true;
}
else
{
if (CurrentPassword.Text.Equals(NewPassword.Text))
{
AddPasswordValidator("Your new password is the same as your current password.");
}
else
{
//"Your new password did not meet the following minimum requirements:<br/>";
if ((result & PasswordTestResult.PasswordTooShort) == PasswordTestResult.PasswordTooShort)
{
AddPasswordValidator(string.Format(PasswordPolicyLength.Text, policy.MinLength));
}
if ((result & PasswordTestResult.RequireLower) == PasswordTestResult.RequireLower)
{
AddPasswordValidator("New password must contain at least one lowercase letter.<br/>");
}
if ((result & PasswordTestResult.RequireUpper) == PasswordTestResult.RequireUpper)
{
AddPasswordValidator("New password must contain at least one uppercase letter.<br/> ");
}
if ((result & PasswordTestResult.RequireNonAlpha) == PasswordTestResult.RequireNonAlpha)
{
AddPasswordValidator("New password must contain at least one non-letter.<br/> ");
}
if ((result & PasswordTestResult.RequireNumber) == PasswordTestResult.RequireNumber)
{
AddPasswordValidator("New password must contain at least one number.<br/> ");
}
if ((result & PasswordTestResult.RequireSymbol) == PasswordTestResult.RequireSymbol)
{
AddPasswordValidator("New password must contain at least one symbol.<br/> ");
}
if ((result & PasswordTestResult.PasswordHistoryLimitation) == PasswordTestResult.PasswordHistoryLimitation)
{
AddPasswordValidator("You have recently used this password.<br/>");
}
}
ChangePasswordPanel.Visible = true;
ShowChangePassword.Visible = false;
}
}
else
{
CustomValidator validator = new CustomValidator();
validator.ErrorMessage = "You did not type your current password correctly.";
validator.Text = "*";
validator.IsValid = false;
validator.ValidationGroup = "UserStatus";
phCustomValidator.Controls.Add(validator);
ChangePasswordPanel.Visible = true;
ShowChangePassword.Visible = false;
}
}
}
