void NewPasswordRulesValidator_ServerValidate( object source, ServerValidateEventArgs args) { CustomValidator validator = source as CustomValidator; validator.ErrorMessage = string.Empty; if (args.Value.Length < Membership.MinRequiredPasswordLength) { args.IsValid = false; validator.ErrorMessage += Resource.ChangePasswordMinimumLengthWarning + Membership.MinRequiredPasswordLength.ToInvariantString() + "<br />"; } if (!HasEnoughNonAlphaNumericCharacters(args.Value)) { args.IsValid = false; validator.ErrorMessage += Resource.ChangePasswordMinNonAlphanumericCharsWarning + Membership.MinRequiredNonAlphanumericCharacters.ToInvariantString() + "<br />"; } mojoMembershipProvider m = Membership.Provider as mojoMembershipProvider; if (siteUser.Password == m.EncodePassword(siteUser.PasswordSalt + txtNewPassword.Text, siteSettings)) { args.IsValid = false; validator.ErrorMessage += Resource.ChangePasswordNewMatchesOldWarning + "<br />"; } }
public bool UsingCustomMachineKey() { mojoMembershipProvider mojoMembership = Membership.Provider as mojoMembershipProvider; if (mojoMembership != null) { string encoded = mojoMembership.EncodePassword(WebConfigSettings.TestDecryptedValueForDefaultMahineKey, MembershipPasswordFormat.Encrypted); if (encoded == WebConfigSettings.TestEncryptedValueForDefaultMahineKey) { return(false); } } return(true); }
void btnChangePassword_Click(object sender, EventArgs e) { Page.Validate("ChangePassword1"); if (Page.IsValid) { siteUser.PasswordResetGuid = Guid.Empty; mojoMembershipProvider m = Membership.Provider as mojoMembershipProvider; siteUser.Password = m.EncodePassword(siteSettings, siteUser, txtNewPassword.Text); siteUser.MustChangePwd = false; siteUser.Save(); siteUser.UpdateLastPasswordChangeTime(); WebUtils.SetupRedirect(this, redirectUrl); return; } }
private void CreateUser( string openId, string email, string loginName, string name) { SiteUser newUser = new SiteUser(siteSettings); newUser.Email = email; if (loginName.Length > 50) { loginName = loginName.Substring(0, 50); } int i = 1; while (SiteUser.LoginExistsInDB( siteSettings.SiteId, loginName)) { loginName += i.ToString(); if (loginName.Length > 50) { loginName = loginName.Remove(40, 1); } i++; } if ((name == null) || (name.Length == 0)) { name = loginName; } newUser.LoginName = loginName; newUser.Name = name; //newUser.Password = SiteUser.CreateRandomPassword(7); mojoMembershipProvider mojoMembership = (mojoMembershipProvider)Membership.Provider; newUser.Password = mojoMembership.EncodePassword(siteSettings, newUser, SiteUser.CreateRandomPassword(7, WebConfigSettings.PasswordGeneratorChars)); newUser.PasswordQuestion = Resource.ManageUsersDefaultSecurityQuestion; newUser.PasswordAnswer = Resource.ManageUsersDefaultSecurityAnswer; newUser.OpenIdUri = openId; newUser.Save(); if (siteSettings.UseSecureRegistration) { newUser.SetRegistrationConfirmationGuid(Guid.NewGuid()); } mojoProfileConfiguration profileConfig = mojoProfileConfiguration.GetConfig(); // set default values first foreach (mojoProfilePropertyDefinition propertyDefinition in profileConfig.PropertyDefinitions) { mojoProfilePropertyDefinition.SavePropertyDefault( newUser, propertyDefinition); } foreach (mojoProfilePropertyDefinition propertyDefinition in profileConfig.PropertyDefinitions) { if ((propertyDefinition.RequiredForRegistration) || (propertyDefinition.ShowOnRegistration)) { mojoProfilePropertyDefinition.SaveProperty( newUser, pnlRequiredProfileProperties, propertyDefinition, timeOffset, timeZone); } } // track user ip address UserLocation userLocation = new UserLocation(newUser.UserGuid, SiteUtils.GetIP4Address()); userLocation.SiteGuid = siteSettings.SiteGuid; userLocation.Hostname = Page.Request.UserHostName; userLocation.Save(); UserRegisteredEventArgs u = new UserRegisteredEventArgs(newUser); OnUserRegistered(u); CacheHelper.ClearMembershipStatisticsCache(); NewsletterHelper.ClaimExistingSubscriptions(newUser); DoUserLogin(newUser); }
void application_AuthenticateRequest(object sender, EventArgs e) { //if (debugLog) log.Debug("AuthHandlerHttpModule Application_AuthenticateRequest"); if (sender == null) { return; } HttpApplication app = (HttpApplication)sender; if (app.Request == null) { return; } if (!app.Request.IsAuthenticated) { return; } if (WebUtils.IsRequestForStaticFile(app.Request.Path)) { return; } if (app.Request.Path.ContainsCaseInsensitive(".ashx")) { return; } if (app.Request.Path.ContainsCaseInsensitive(".axd")) { return; } if (app.Request.Path.ContainsCaseInsensitive("setup/default.aspx")) { return; } //if (debugLog) log.Debug("IsAuthenticated == true"); SiteSettings siteSettings; try { siteSettings = CacheHelper.GetCurrentSiteSettings(); } catch (System.Data.Common.DbException ex) { // can happen during upgrades log.Error(ex); return; } catch (InvalidOperationException ex) { log.Error(ex); return; } catch (Exception ex) { // hate to trap System.Exception but SqlCeException doe snot inherit from DbException as it should if (DatabaseHelper.DBPlatform() != "SqlCe") { throw; } log.Error(ex); return; } bool useFolderForSiteDetection = WebConfigSettings.UseFoldersInsteadOfHostnamesForMultipleSites; // Added by Haluk Eryuksel - 2006-01-23 // support for Windows authentication if ( (app.User.Identity.AuthenticationType == "NTLM") || (app.User.Identity.AuthenticationType == "Negotiate") // || ( Context.User.Identity.AuthenticationType == "Windows" ) ) { //Added by Benedict Chan - 2008-08-05 //Added Cookie here so that we don't have to check the users in every page, also to authenticate under NTLM with "useFolderForSiteDetection == true" string cookieName = "siteguid" + siteSettings.SiteGuid; if (!CookieHelper.CookieExists(cookieName)) { bool existsInDB; existsInDB = SiteUser.LoginExistsInDB(siteSettings.SiteId, app.Context.User.Identity.Name); if (!existsInDB) { SiteUser u = new SiteUser(siteSettings); u.Name = app.Context.User.Identity.Name; u.LoginName = app.Context.User.Identity.Name; u.Email = GuessEmailAddress(u.Name); u.Password = SiteUser.CreateRandomPassword(7, WebConfigSettings.PasswordGeneratorChars); mojoMembershipProvider m = Membership.Provider as mojoMembershipProvider; if (m != null) { u.Password = m.EncodePassword(siteSettings, u, u.Password); } u.Save(); NewsletterHelper.ClaimExistingSubscriptions(u); UserRegisteredEventArgs args = new UserRegisteredEventArgs(u); OnUserRegistered(args); } SiteUser siteUser = new SiteUser(siteSettings, app.Context.User.Identity.Name); CookieHelper.SetCookie(cookieName, siteUser.UserGuid.ToString(), true); //Copied logic from SiteLogin.cs Since we will skip them if we use NTLM if (siteUser.UserId > -1 && siteSettings.AllowUserSkins && siteUser.Skin.Length > 0) { SiteUtils.SetSkinCookie(siteUser); } // track user ip address try { UserLocation userLocation = new UserLocation(siteUser.UserGuid, SiteUtils.GetIP4Address()); userLocation.SiteGuid = siteSettings.SiteGuid; userLocation.Hostname = app.Request.UserHostName; userLocation.Save(); log.Info("Set UserLocation : " + app.Request.UserHostName + ":" + SiteUtils.GetIP4Address()); } catch (Exception ex) { log.Error(SiteUtils.GetIP4Address(), ex); } } //End-Added by Benedict Chan } // End-Added by Haluk Eryuksel if ((useFolderForSiteDetection) && (!WebConfigSettings.UseRelatedSiteMode)) { // replace GenericPrincipal with custom one //string roles = string.Empty; if (!(app.Context.User is mojoIdentity)) { app.Context.User = new mojoPrincipal(app.Context.User); } } }
private SiteUser CreateUser( string openId, string email, string loginName, string name, bool emailIsVerified) { SiteUser newUser = new SiteUser(siteSettings); newUser.Email = email; if (loginName.Length > 50) { loginName = loginName.Substring(0, 50); } int i = 1; while (SiteUser.LoginExistsInDB( siteSettings.SiteId, loginName)) { loginName += i.ToString(); if (loginName.Length > 50) { loginName = loginName.Remove(40, 1); } i++; } if ((name == null) || (name.Length == 0)) { name = loginName; } newUser.LoginName = loginName; newUser.Name = name; //newUser.Password = SiteUser.CreateRandomPassword(7); mojoMembershipProvider mojoMembership = (mojoMembershipProvider)Membership.Provider; newUser.Password = mojoMembership.EncodePassword(siteSettings, newUser, SiteUser.CreateRandomPassword(7, WebConfigSettings.PasswordGeneratorChars)); newUser.PasswordQuestion = Resource.ManageUsersDefaultSecurityQuestion; newUser.PasswordAnswer = Resource.ManageUsersDefaultSecurityAnswer; newUser.OpenIdUri = openId; newUser.Save(); //test //emailIsVerified = false; if (siteSettings.UseSecureRegistration) { if (!emailIsVerified) { newUser.SetRegistrationConfirmationGuid(Guid.NewGuid()); } } mojoProfileConfiguration profileConfig = mojoProfileConfiguration.GetConfig(); // set default values first foreach (mojoProfilePropertyDefinition propertyDefinition in profileConfig.PropertyDefinitions) { // we are using the new TimeZoneInfo list but it doesn't work under Mono // this makes us skip the TimeOffsetHours setting from mojoProfile.config which is not used under windows if (propertyDefinition.Name == mojoProfilePropertyDefinition.TimeOffsetHoursKey) { continue; } mojoProfilePropertyDefinition.SavePropertyDefault( newUser, propertyDefinition); } foreach (mojoProfilePropertyDefinition propertyDefinition in profileConfig.PropertyDefinitions) { // we are using the new TimeZoneInfo list but it doesn't work under Mono // this makes us skip the TimeOffsetHours setting from mojoProfile.config which is not used under windows if (propertyDefinition.Name == mojoProfilePropertyDefinition.TimeOffsetHoursKey) { continue; } if ((propertyDefinition.RequiredForRegistration) || (propertyDefinition.ShowOnRegistration)) { mojoProfilePropertyDefinition.SaveProperty( newUser, pnlRequiredProfileProperties, propertyDefinition, timeOffset, timeZone); } } // track user ip address UserLocation userLocation = new UserLocation(newUser.UserGuid, SiteUtils.GetIP4Address()); userLocation.SiteGuid = siteSettings.SiteGuid; userLocation.Hostname = Page.Request.UserHostName; userLocation.Save(); UserRegisteredEventArgs u = new UserRegisteredEventArgs(newUser); OnUserRegistered(u); CacheHelper.ClearMembershipStatisticsCache(); // we'll map them next time they login //OpenIdRpxHelper rpxHelper = new OpenIdRpxHelper(rpxApiKey, rpxBaseUrl); //rpxHelper.Map(openId, newUser.UserGuid.ToString()); DoSubscribe(newUser); NewsletterHelper.ClaimExistingSubscriptions(newUser); return(newUser); }
private void CreateUser(string windowsLiveId) { SiteUser newUser = new SiteUser(siteSettings); newUser.WindowsLiveId = windowsLiveId; newUser.Name = SecurityHelper.RemoveMarkup(txtUserName.Text); newUser.LoginName = newUser.Name; newUser.Email = txtEmail.Text; mojoMembershipProvider mojoMembership = (mojoMembershipProvider)Membership.Provider; newUser.Password = mojoMembership.EncodePassword(siteSettings, newUser, SiteUser.CreateRandomPassword(7, WebConfigSettings.PasswordGeneratorChars)); //newUser.Password = SiteUser.CreateRandomPassword(7); newUser.PasswordQuestion = Resource.ManageUsersDefaultSecurityQuestion; newUser.PasswordAnswer = Resource.ManageUsersDefaultSecurityAnswer; newUser.Save(); if (siteSettings.UseSecureRegistration) { newUser.SetRegistrationConfirmationGuid(Guid.NewGuid()); } mojoProfileConfiguration profileConfig = mojoProfileConfiguration.GetConfig(); // set default values first foreach (mojoProfilePropertyDefinition propertyDefinition in profileConfig.PropertyDefinitions) { #if !MONO // we are using the new TimeZoneInfo list but it doesn't work under Mono // this makes us skip the TimeOffsetHours setting from mojoProfile.config which is not used under windows if (propertyDefinition.Name == mojoProfilePropertyDefinition.TimeOffsetHoursKey) { continue; } #endif mojoProfilePropertyDefinition.SavePropertyDefault( newUser, propertyDefinition); } foreach (mojoProfilePropertyDefinition propertyDefinition in profileConfig.PropertyDefinitions) { #if !MONO // we are using the new TimeZoneInfo list but it doesn't work under Mono // this makes us skip the TimeOffsetHours setting from mojoProfile.config which is not used under windows if (propertyDefinition.Name == mojoProfilePropertyDefinition.TimeOffsetHoursKey) { continue; } #endif if ((propertyDefinition.RequiredForRegistration) || (propertyDefinition.ShowOnRegistration)) { mojoProfilePropertyDefinition.SaveProperty( newUser, pnlRequiredProfileProperties, propertyDefinition, timeOffset, timeZone); } } // track user ip address UserLocation userLocation = new UserLocation(newUser.UserGuid, SiteUtils.GetIP4Address()); userLocation.SiteGuid = siteSettings.SiteGuid; userLocation.Hostname = Page.Request.UserHostName; userLocation.Save(); UserRegisteredEventArgs u = new UserRegisteredEventArgs(newUser); OnUserRegistered(u); CacheHelper.ClearMembershipStatisticsCache(); NewsletterHelper.ClaimExistingSubscriptions(newUser); DoUserLogin(newUser); }