/// <summary> /// Resets a user's password to a new, automatically generated password. /// </summary> /// <param name="username">The user to reset the password for.</param> /// <param name="answer">The password answer for the specified user.</param> /// <returns> /// The new password for the specified user. /// </returns> public override string ResetPassword(string username, string answer) { using (var session = this.DocumentStore.OpenSession()) { try { var q = from u in session.Query <User>() where u.Username == username && u.ApplicationName == this.ApplicationName select u; var user = q.SingleOrDefault(); if (user == null) { throw new Exception("The user to reset the password for could not be found."); } var newPassword = Membership.GeneratePassword(8, 2); user.PasswordHash = PasswordUtil.HashPassword(newPassword, user.PasswordSalt); session.SaveChanges(); return(newPassword); } catch (Exception ex) { // TODO: log exception properly Console.WriteLine(ex.ToString()); throw; } } }
/// <summary> /// Verifies that the specified user name and password exist in the data source. /// </summary> /// <param name="username">The name of the user to validate.</param> /// <param name="password">The password for the specified user.</param> /// <returns> /// true if the specified username and password are valid; otherwise, false. /// </returns> public override bool ValidateUser(string username, string password) { using (var session = this.DocumentStore.OpenSession()) { var q = from u in session.Query <User>() where u.Username == username // && u.ApplicationName == this.ApplicationName select u; var user = q.SingleOrDefault(); if (user != null && user.PasswordHash == PasswordUtil.HashPassword(password, user.PasswordSalt)) { user.DateLastLogin = DateTime.Now; session.SaveChanges(); return(true); } } return(false); }
/// <summary> /// Processes a request to update the password for a membership user. /// </summary> /// <param name="username">The user to update the password for.</param> /// <param name="oldPassword">The current password for the specified user.</param> /// <param name="newPassword">The new password for the specified user.</param> /// <returns> /// true if the password was updated successfully; otherwise, false. /// </returns> public override bool ChangePassword(string username, string oldPassword, string newPassword) { ValidatePasswordEventArgs args = new ValidatePasswordEventArgs(username, newPassword, false); OnValidatingPassword(args); if (args.Cancel) { throw new MembershipPasswordException("Apparently, the new password doesn't seem to be valid."); } using (var session = this.DocumentStore.OpenSession()) { var q = from u in session.Query <User>() where u.Username == username && u.ApplicationName == this.ApplicationName select u; var user = q.SingleOrDefault(); if (user == null || user.PasswordHash != PasswordUtil.HashPassword(oldPassword, user.PasswordSalt)) { throw new MembershipPasswordException("Invalid username or old password."); } user.PasswordHash = PasswordUtil.HashPassword(newPassword, user.PasswordSalt); session.SaveChanges(); } return(true); }
/// <summary> /// Adds a new membership user to the data source. /// </summary> /// <param name="username">The user name for the new user.</param> /// <param name="password">The password for the new user.</param> /// <param name="email">The e-mail address for the new user.</param> /// <param name="passwordQuestion">The password question for the new user.</param> /// <param name="passwordAnswer">The password answer for the new user</param> /// <param name="isApproved">Whether or not the new user is approved to be validated.</param> /// <param name="providerUserKey">The unique identifier from the membership data source for the user.</param> /// <param name="status">A <see cref="T:System.Web.Security.MembershipCreateStatus"/> enumeration value indicating whether the user was created successfully.</param> /// <returns> /// A <see cref="T:System.Web.Security.MembershipUser"/> object populated with the information for the newly created user. /// </returns> public override MembershipUser CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status) { ValidatePasswordEventArgs args = new ValidatePasswordEventArgs(username, password, true); OnValidatingPassword(args); if (args.Cancel) { status = MembershipCreateStatus.InvalidPassword; return(null); } var user = new User { Username = username, PasswordSalt = PasswordUtil.CreateRandomSalt() }; user.PasswordHash = PasswordUtil.HashPassword(password, user.PasswordSalt); user.Email = email; user.ApplicationName = this.ApplicationName; user.DateCreated = DateTime.Now; using (var session = this.DocumentStore.OpenSession()) { try { session.Store(user); session.SaveChanges(); status = MembershipCreateStatus.Success; return(new MembershipUser(ProviderName, username, user.Id, email, null, null, true, false, user.DateCreated, new DateTime(1900, 1, 1), new DateTime(1900, 1, 1), DateTime.Now, new DateTime(1900, 1, 1))); } catch (Exception ex) { // TODO: log exception properly Console.WriteLine(ex.ToString()); status = MembershipCreateStatus.ProviderError; } } return(null); }