Changeset 3957 for branches/HeuristicLab.Services.Authentication Prototype/Service/Provider

Timestamp:

06/26/10 11:00:41 (14 years ago)

Author:

jhaider

Message:

Added ValidateUser (#1046)

File:

• branches/HeuristicLab.Services.Authentication Prototype/Service/Provider/HeuristicLabMembershipProvider.cs (modified) (3 diffs)

branches/HeuristicLab.Services.Authentication Prototype/Service/Provider/HeuristicLabMembershipProvider.cs

@@ -1 +1 @@
 using System;
+using System.Configuration.Provider;
 using System.Linq;
+using System.Security.Cryptography;
+using System.Text;
+using System.Web.Configuration;
 using System.Web.Security;
 using Persistence;
@@ -6 +10 @@
 namespace Service.Provider {
   class HeuristicLabMembershipProvider : MembershipProvider {
-    public override string ApplicationName {
+
+      private string pApplicationName;
+      private bool pEnablePasswordReset;
+      private bool pEnablePasswordRetrieval;
+      private bool pRequiresQuestionAndAnswer;
+      private bool pRequiresUniqueEmail;
+      private int pMaxInvalidPasswordAttempts;
+      private int pPasswordAttemptWindow;
+      private MembershipPasswordFormat pPasswordFormat;
+      private MachineKeySection machineKey;
+
+      public override string ApplicationName {
       get {
         throw new NotImplementedException();
@@ -210 +225 @@
       throw new NotImplementedException();
     }
-
-    public override bool ValidateUser(string username, string password) {
-      throw new NotImplementedException();
+    /// <summary>
+    /// Validates a user
+    /// </summary>
+    /// <param name="username"></param>
+    /// <param name="password"></param>
+    /// <returns></returns>
+    public override bool ValidateUser(string username, string password)
+    {
+        bool isValid = false;
+        using (DataClassesDataContext db = DatabaseUtil.createDataClassesDataContext())
+        {
+            if (db == null)
+            {
+                return false;
+            }
+            HeuristicLabUser u = db.HeuristicLabUsers.Single(x => x.UserName == username);
+            isValid = CheckPassword(password, u.GetPassword());
+        }
+        return isValid;
+    }
+    
+    /// <summary>
+    /// compaiers to passwords
+    /// </summary>
+    /// <param name="password"></param>
+    /// <param name="dbpassword"></param>
+    /// <returns></returns>
+    private bool CheckPassword(string password, string dbpassword)
+    {
+        string pass1 = password;
+        string pass2 = dbpassword;
+
+        switch (PasswordFormat)
+        {
+            case MembershipPasswordFormat.Encrypted:
+                pass2 = DecodePassword(dbpassword);
+                break;
+            case MembershipPasswordFormat.Hashed:
+                pass1 = EncodePassword(password);
+                break;
+            default:
+                break;
+        }
+
+        if (pass1 == pass2)
+        {
+            return true;
+        }
+
+        return false;
+    }
+
+
+   /// <summary>
+   /// Encodes a password
+   /// </summary>
+   /// <param name="password"></param>
+   /// <returns></returns>
+   private string EncodePassword(string password)
+    {
+        string encodedPassword = password;
+
+        switch (PasswordFormat)
+        {
+            case MembershipPasswordFormat.Clear:
+                break;
+            case MembershipPasswordFormat.Encrypted:
+                encodedPassword =
+                  Convert.ToBase64String(EncryptPassword(Encoding.Unicode.GetBytes(password)));
+                break;
+            case MembershipPasswordFormat.Hashed:
+                HMACSHA1 hash = new HMACSHA1();
+                hash.Key = HexToByte(machineKey.ValidationKey);
+                encodedPassword =
+                  Convert.ToBase64String(hash.ComputeHash(Encoding.Unicode.GetBytes(password)));
+                break;
+            default:
+                throw new ProviderException("Unsupported password format.");
+        }
+
+        return encodedPassword;
+    }
+
+
+    /// <summary>
+    /// Decodes a encoded Password
+    /// </summary>
+    /// <param name="encodedPassword"></param>
+    /// <returns></returns>
+    private string DecodePassword(string encodedPassword)
+    {
+        string password = encodedPassword;
+
+        switch (PasswordFormat)
+        {
+            case MembershipPasswordFormat.Clear:
+                break;
+            case MembershipPasswordFormat.Encrypted:
+                password =
+                  Encoding.Unicode.GetString(DecryptPassword(Convert.FromBase64String(password)));
+                break;
+            case MembershipPasswordFormat.Hashed:
+                throw new ProviderException("Cannot unencode a hashed password.");
+            default:
+                throw new ProviderException("Unsupported password format.");
+        }
+
+        return password;
+    }
+
+    /// <summary>
+    /// returns byte array  of an HexString
+    /// </summary>
+    /// <param name="hexString"></param>
+    /// <returns></returns>
+    private static byte[] HexToByte(string hexString)
+    {
+        byte[] returnBytes = new byte[hexString.Length / 2];
+        for (int i = 0; i < returnBytes.Length; i++)
+            returnBytes[i] = Convert.ToByte(hexString.Substring(i * 2, 2), 16);
+        return returnBytes;
     }
   }