Changeset 3957
- Timestamp:
- 06/26/10 11:00:41 (15 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/HeuristicLab.Services.Authentication Prototype/Service/Provider/HeuristicLabMembershipProvider.cs
r3956 r3957 1 1 using System; 2 using System.Configuration.Provider; 2 3 using System.Linq; 4 using System.Security.Cryptography; 5 using System.Text; 6 using System.Web.Configuration; 3 7 using System.Web.Security; 4 8 using Persistence; … … 6 10 namespace Service.Provider { 7 11 class HeuristicLabMembershipProvider : MembershipProvider { 8 public override string ApplicationName { 12 13 private string pApplicationName; 14 private bool pEnablePasswordReset; 15 private bool pEnablePasswordRetrieval; 16 private bool pRequiresQuestionAndAnswer; 17 private bool pRequiresUniqueEmail; 18 private int pMaxInvalidPasswordAttempts; 19 private int pPasswordAttemptWindow; 20 private MembershipPasswordFormat pPasswordFormat; 21 private MachineKeySection machineKey; 22 23 public override string ApplicationName { 9 24 get { 10 25 throw new NotImplementedException(); … … 210 225 throw new NotImplementedException(); 211 226 } 212 213 public override bool ValidateUser(string username, string password) { 214 throw new NotImplementedException(); 227 /// <summary> 228 /// Validates a user 229 /// </summary> 230 /// <param name="username"></param> 231 /// <param name="password"></param> 232 /// <returns></returns> 233 public override bool ValidateUser(string username, string password) 234 { 235 bool isValid = false; 236 using (DataClassesDataContext db = DatabaseUtil.createDataClassesDataContext()) 237 { 238 if (db == null) 239 { 240 return false; 241 } 242 HeuristicLabUser u = db.HeuristicLabUsers.Single(x => x.UserName == username); 243 isValid = CheckPassword(password, u.GetPassword()); 244 } 245 return isValid; 246 } 247 248 /// <summary> 249 /// compaiers to passwords 250 /// </summary> 251 /// <param name="password"></param> 252 /// <param name="dbpassword"></param> 253 /// <returns></returns> 254 private bool CheckPassword(string password, string dbpassword) 255 { 256 string pass1 = password; 257 string pass2 = dbpassword; 258 259 switch (PasswordFormat) 260 { 261 case MembershipPasswordFormat.Encrypted: 262 pass2 = DecodePassword(dbpassword); 263 break; 264 case MembershipPasswordFormat.Hashed: 265 pass1 = EncodePassword(password); 266 break; 267 default: 268 break; 269 } 270 271 if (pass1 == pass2) 272 { 273 return true; 274 } 275 276 return false; 277 } 278 279 280 /// <summary> 281 /// Encodes a password 282 /// </summary> 283 /// <param name="password"></param> 284 /// <returns></returns> 285 private string EncodePassword(string password) 286 { 287 string encodedPassword = password; 288 289 switch (PasswordFormat) 290 { 291 case MembershipPasswordFormat.Clear: 292 break; 293 case MembershipPasswordFormat.Encrypted: 294 encodedPassword = 295 Convert.ToBase64String(EncryptPassword(Encoding.Unicode.GetBytes(password))); 296 break; 297 case MembershipPasswordFormat.Hashed: 298 HMACSHA1 hash = new HMACSHA1(); 299 hash.Key = HexToByte(machineKey.ValidationKey); 300 encodedPassword = 301 Convert.ToBase64String(hash.ComputeHash(Encoding.Unicode.GetBytes(password))); 302 break; 303 default: 304 throw new ProviderException("Unsupported password format."); 305 } 306 307 return encodedPassword; 308 } 309 310 311 /// <summary> 312 /// Decodes a encoded Password 313 /// </summary> 314 /// <param name="encodedPassword"></param> 315 /// <returns></returns> 316 private string DecodePassword(string encodedPassword) 317 { 318 string password = encodedPassword; 319 320 switch (PasswordFormat) 321 { 322 case MembershipPasswordFormat.Clear: 323 break; 324 case MembershipPasswordFormat.Encrypted: 325 password = 326 Encoding.Unicode.GetString(DecryptPassword(Convert.FromBase64String(password))); 327 break; 328 case MembershipPasswordFormat.Hashed: 329 throw new ProviderException("Cannot unencode a hashed password."); 330 default: 331 throw new ProviderException("Unsupported password format."); 332 } 333 334 return password; 335 } 336 337 /// <summary> 338 /// returns byte array of an HexString 339 /// </summary> 340 /// <param name="hexString"></param> 341 /// <returns></returns> 342 private static byte[] HexToByte(string hexString) 343 { 344 byte[] returnBytes = new byte[hexString.Length / 2]; 345 for (int i = 0; i < returnBytes.Length; i++) 346 returnBytes[i] = Convert.ToByte(hexString.Substring(i * 2, 2), 16); 347 return returnBytes; 215 348 } 216 349 }
Note: See TracChangeset
for help on using the changeset viewer.