Changeset 3957


Ignore:
Timestamp:
06/26/10 11:00:41 (9 years ago)
Author:
jhaider
Message:

Added ValidateUser (#1046)

File:
1 edited

Legend:

Unmodified
Added
Removed
  • branches/HeuristicLab.Services.Authentication Prototype/Service/Provider/HeuristicLabMembershipProvider.cs

    r3956 r3957  
    11using System;
     2using System.Configuration.Provider;
    23using System.Linq;
     4using System.Security.Cryptography;
     5using System.Text;
     6using System.Web.Configuration;
    37using System.Web.Security;
    48using Persistence;
     
    610namespace Service.Provider {
    711  class HeuristicLabMembershipProvider : MembershipProvider {
    8     public override string ApplicationName {
     12
     13      private string pApplicationName;
     14      private bool pEnablePasswordReset;
     15      private bool pEnablePasswordRetrieval;
     16      private bool pRequiresQuestionAndAnswer;
     17      private bool pRequiresUniqueEmail;
     18      private int pMaxInvalidPasswordAttempts;
     19      private int pPasswordAttemptWindow;
     20      private MembershipPasswordFormat pPasswordFormat;
     21      private MachineKeySection machineKey;
     22
     23      public override string ApplicationName {
    924      get {
    1025        throw new NotImplementedException();
     
    210225      throw new NotImplementedException();
    211226    }
    212 
    213     public override bool ValidateUser(string username, string password) {
    214       throw new NotImplementedException();
     227    /// <summary>
     228    /// Validates a user
     229    /// </summary>
     230    /// <param name="username"></param>
     231    /// <param name="password"></param>
     232    /// <returns></returns>
     233    public override bool ValidateUser(string username, string password)
     234    {
     235        bool isValid = false;
     236        using (DataClassesDataContext db = DatabaseUtil.createDataClassesDataContext())
     237        {
     238            if (db == null)
     239            {
     240                return false;
     241            }
     242            HeuristicLabUser u = db.HeuristicLabUsers.Single(x => x.UserName == username);
     243            isValid = CheckPassword(password, u.GetPassword());
     244        }
     245        return isValid;
     246    }
     247   
     248    /// <summary>
     249    /// compaiers to passwords
     250    /// </summary>
     251    /// <param name="password"></param>
     252    /// <param name="dbpassword"></param>
     253    /// <returns></returns>
     254    private bool CheckPassword(string password, string dbpassword)
     255    {
     256        string pass1 = password;
     257        string pass2 = dbpassword;
     258
     259        switch (PasswordFormat)
     260        {
     261            case MembershipPasswordFormat.Encrypted:
     262                pass2 = DecodePassword(dbpassword);
     263                break;
     264            case MembershipPasswordFormat.Hashed:
     265                pass1 = EncodePassword(password);
     266                break;
     267            default:
     268                break;
     269        }
     270
     271        if (pass1 == pass2)
     272        {
     273            return true;
     274        }
     275
     276        return false;
     277    }
     278
     279
     280   /// <summary>
     281   /// Encodes a password
     282   /// </summary>
     283   /// <param name="password"></param>
     284   /// <returns></returns>
     285   private string EncodePassword(string password)
     286    {
     287        string encodedPassword = password;
     288
     289        switch (PasswordFormat)
     290        {
     291            case MembershipPasswordFormat.Clear:
     292                break;
     293            case MembershipPasswordFormat.Encrypted:
     294                encodedPassword =
     295                  Convert.ToBase64String(EncryptPassword(Encoding.Unicode.GetBytes(password)));
     296                break;
     297            case MembershipPasswordFormat.Hashed:
     298                HMACSHA1 hash = new HMACSHA1();
     299                hash.Key = HexToByte(machineKey.ValidationKey);
     300                encodedPassword =
     301                  Convert.ToBase64String(hash.ComputeHash(Encoding.Unicode.GetBytes(password)));
     302                break;
     303            default:
     304                throw new ProviderException("Unsupported password format.");
     305        }
     306
     307        return encodedPassword;
     308    }
     309
     310
     311    /// <summary>
     312    /// Decodes a encoded Password
     313    /// </summary>
     314    /// <param name="encodedPassword"></param>
     315    /// <returns></returns>
     316    private string DecodePassword(string encodedPassword)
     317    {
     318        string password = encodedPassword;
     319
     320        switch (PasswordFormat)
     321        {
     322            case MembershipPasswordFormat.Clear:
     323                break;
     324            case MembershipPasswordFormat.Encrypted:
     325                password =
     326                  Encoding.Unicode.GetString(DecryptPassword(Convert.FromBase64String(password)));
     327                break;
     328            case MembershipPasswordFormat.Hashed:
     329                throw new ProviderException("Cannot unencode a hashed password.");
     330            default:
     331                throw new ProviderException("Unsupported password format.");
     332        }
     333
     334        return password;
     335    }
     336
     337    /// <summary>
     338    /// returns byte array  of an HexString
     339    /// </summary>
     340    /// <param name="hexString"></param>
     341    /// <returns></returns>
     342    private static byte[] HexToByte(string hexString)
     343    {
     344        byte[] returnBytes = new byte[hexString.Length / 2];
     345        for (int i = 0; i < returnBytes.Length; i++)
     346            returnBytes[i] = Convert.ToByte(hexString.Substring(i * 2, 2), 16);
     347        return returnBytes;
    215348    }
    216349  }
Note: See TracChangeset for help on using the changeset viewer.