/// <summary> /// Set password /// </summary> /// <param name="user"></param> /// <param name="password"></param> public static void SetPassword(SystemUser user, string password) { string salt = SystemUser.GeneratePasswordSalt(16); string passwordHash = SystemUser.GeneratePasswordHash(user.Username, password, salt); user.Password = passwordHash; user.PasswordSalt = salt; }
void Handle(Input.RestoreClick action) { this.DisableRestoreClick = 1; this.MessageCss = "alert alert-danger"; if (string.IsNullOrEmpty(this.Username)) { this.Message = "Username is required!"; return; } SystemUser user = SystemUser.GetSystemUser(this.Username); if (user == null) { this.Message = "Invalid username!"; return; } Person person = user.WhoIs as Person; EmailAddress email = Utils.GetUserEmailAddress(user); if (person == null || email == null || string.IsNullOrEmpty(email.EMail)) { this.Message = "Unable to restore password, no e-mail address found!"; return; } string password = Utils.RandomString(5); string hash = SystemUser.GeneratePasswordHash(user.Username, password, user.PasswordSalt); try { this.SendNewPassword(person.FullName, user.Username, password, email.Name); this.Message = "Your new password has been sent to your email address."; this.MessageCss = "alert alert-success"; Db.Transact(() => { user.Password = hash; }); } catch (Exception ex) { this.Message = "Mail server is currently unavailable."; this.MessageCss = "alert alert-danger"; Starcounter.Logging.LogSource log = new Starcounter.Logging.LogSource(Application.Current.Name); log.LogException(ex); } }
void Handle(Input.ChangePasswordClick action) { action.Cancel(); this.Message = null; this.MessageCss = "alert alert-danger"; SystemUser user = SystemUser.GetCurrentSystemUser(); bool validOldPassword = SystemUser.ValidatePasswordHash( user.Username, this.OldPassword, user.PasswordSalt, user.Password); if (!validOldPassword) { this.Message = "Invalid old password!"; return; } if (string.IsNullOrEmpty(this.NewPassword)) { this.Message = "New password is required!"; return; } if (this.NewPassword != this.RepeatPassword) { this.Message = "Passwords do not match!"; return; } string password = SystemUser.GeneratePasswordHash( user.Username, this.NewPassword, user.PasswordSalt); Db.Transact(() => { user.Password = password; }); this.Message = "Your password has been successfully changed"; this.MessageCss = "alert alert-success"; this.OldPassword = null; this.NewPassword = null; this.RepeatPassword = null; }