/// <summary>
/// Change Users password Question and Answer
/// </summary>
/// <param name="username">Username to change Q&A for</param>
/// <param name="password">Password</param>
/// <param name="newPasswordQuestion">New question</param>
/// <param name="newPasswordAnswer">New answer</param>
/// <returns> Boolean depending on whether the change was successful</returns>
public override bool ChangePasswordQuestionAndAnswer(string username, string password, string newPasswordQuestion, string newPasswordAnswer)
{
// Check arguments for null values
if ((username == null) || (password == null) || (newPasswordQuestion == null) || (newPasswordAnswer == null))
{
throw new ArgumentException("Username, Password, Password Question or Password Answer cannot be null");
}
UserPasswordInfo currentPasswordInfo = UserPasswordInfo.CreateInstanceFromDB(this.ApplicationName, username, false, this.UseSalt);
newPasswordAnswer = YafMembershipProvider.EncodeString(newPasswordAnswer, currentPasswordInfo.PasswordFormat, currentPasswordInfo.PasswordSalt, this.UseSalt);
if (currentPasswordInfo != null && currentPasswordInfo.IsCorrectPassword(password))
{
try
{
DB.ChangePasswordQuestionAndAnswer(this.ApplicationName, username, newPasswordQuestion, newPasswordAnswer);
return(true);
}
catch
{
// will return false...
}
}
return(false); // Invalid password return false
}
/// <summary>
/// Validates a user by user name / password
/// </summary>
/// <param name="userName">Username</param>
/// <param name="userName">Password</param>
/// /// <returns>True/False whether username/password match what is on database.</returns>
public override bool ValidateUser(string username, string password)
{
UserPasswordInfo currentUser = UserPasswordInfo.CreateInstanceFromDB(this.ApplicationName, username, false, this.UseSalt);
if (currentUser != null && currentUser.IsApproved)
{
return(currentUser.IsCorrectPassword(password));
}
return(false);
}
/// <summary>
/// Change Users password
/// </summary>
/// <param name="username">Username to change password for</param>
/// <param name="oldpassword">Password</param>
/// <param name="newPassword">New question</param>
/// <returns> Boolean depending on whether the change was successful</returns>
public override bool ChangePassword(string username, string oldPassword, string newPassword)
{
string newPasswordSalt = string.Empty;
string newEncPassword = string.Empty;
// Clean input
// Check password meets requirements as set by Configuration settings
if (!(this.IsPasswordCompliant(newPassword)))
{
return(false);
}
UserPasswordInfo currentPasswordInfo = UserPasswordInfo.CreateInstanceFromDB(this.ApplicationName, username, false, this.UseSalt);
// validate the correct user information was found...
if (currentPasswordInfo == null)
{
return(false);
}
// validate the correct user password was entered...
if (!currentPasswordInfo.IsCorrectPassword(oldPassword))
{
return(false);
}
// generate a salt if desired...
if (UseSalt)
{
newPasswordSalt = YafMembershipProvider.GenerateSalt();
}
// encode new password
newEncPassword = YafMembershipProvider.EncodeString(newPassword, ( int )this.PasswordFormat, newPasswordSalt, this.UseSalt);
// Call SQL Password to Change
DB.ChangePassword(this.ApplicationName, username, newEncPassword, newPasswordSalt, ( int )this.PasswordFormat, currentPasswordInfo.PasswordAnswer);
// Return True
return(true);
}