/// <summary> /// Update password and answer failure information. /// </summary> /// <param name="username">User name.</param> /// <param name="failureType">Type of failure</param> /// <remarks></remarks> private void UpdateFailureCount(IObjectScope objScope, Employee e, FailureType failureType) { int failureCount = 0; objScope.Transaction.Begin(); if (failureType == FailureType.Password) { failureCount = e.FailedPasswordAttemptCount; if (failureCount == 0 || DateTime.Now > e.FailedPasswordAttemptWindowStart.AddMinutes(passwordAttemptWindow)) { e.FailedPasswordAttemptCount = 1; e.FailedPasswordAttemptWindowStart = DateTime.Now; } } else if(failureType == FailureType.PasswordAnswer) { failureCount = e.FailedPasswordAnswerAttemptCount; if (failureCount == 0 || DateTime.Now > e.FailedPasswordAnswerAttemptWindowStart.AddMinutes(passwordAttemptWindow)) { e.FailedPasswordAnswerAttemptCount = 1; e.FailedPasswordAnswerAttemptWindowStart = DateTime.Now; } } failureCount++; if (failureCount >= maxInvalidPasswordAttempts) { e.IsLockedOut = true; e.LastLockedOutDate = DateTime.Now; } else { if (failureType == FailureType.Password) e.FailedPasswordAttemptCount = failureCount; else if (failureType == FailureType.PasswordAnswer) e.FailedPasswordAnswerAttemptCount = failureCount; } objScope.Transaction.Commit(); }
private MembershipUser GetMembershipUser(IObjectScope objScope, bool userIsOnline, Employee e) { MembershipUser membershipUser = GetUserFromEmployee(e); if (userIsOnline) { objScope.Transaction.Begin(); e.LastActivityDate = DateTime.Now; objScope.Transaction.Commit(); } return membershipUser; }
/// <summary> /// Create a MembershipUser object from an employee /// </summary> /// <param name="emp">Employee.</param> /// <returns>MembershipUser object.</returns> private MembershipUser GetUserFromEmployee(Employee emp) { MembershipUser membershipUser = new MembershipUser( this.Name, emp.Name, emp.Employee_ID, emp.Email, emp.PasswordQuestion, emp.Description, emp.IsApproved, emp.IsLockedOut, emp.CreationDate, emp.LastLoginDate, emp.LastActivityDate, emp.LastPasswordChangedDate, emp.LastLockedOutDate); return membershipUser; }
/// <summary> /// Create a new user. /// </summary> /// <param name="username">User name.</param> /// <param name="password">Password.</param> /// <param name="email">Email address.</param> /// <param name="passwordQuestion">Security quesiton for password.</param> /// <param name="passwordAnswer">Security quesiton answer for password.</param> /// <param name="isApproved"></param> /// <param name="userID">User ID</param> /// <param name="status"></param> /// <returns>MembershipUser</returns> public override MembershipUser CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status) { ValidatePasswordEventArgs args = new ValidatePasswordEventArgs(username, password, true); OnValidatingPassword(args); if (args.Cancel) { status = MembershipCreateStatus.InvalidPassword; return null; } if ((RequiresUniqueEmail && (GetUserNameByEmail(email) != String.Empty))) { status = MembershipCreateStatus.DuplicateEmail; return null; } MembershipUser membershipUser = GetUser(username, false); if (membershipUser == null) { IObjectScope objScope = ORM.GetNewObjectScope(); System.DateTime createDate = DateTime.Now; objScope.Transaction.Begin(); Employee e = new Employee(); e.Name = username; e.Password = EncodePassword(password); e.Email = email; e.PasswordQuestion = passwordQuestion; e.PasswordAnswer = EncodePassword(passwordAnswer); e.IsApproved = isApproved; objScope.Add(e); objScope.Transaction.Commit(); status = MembershipCreateStatus.Success; return GetUser(username, false); } else { status = MembershipCreateStatus.DuplicateUserName; } return null; }