Changeset 4009 for branches/HeuristicLab.Services.Authentication Prototype/Service/Provider/HeuristicLabMembershipProvider.cs

Timestamp:

07/07/10 03:26:15 (14 years ago)

Author:

bfarka

Message:

fixed bugs in membership provider 32 out of 43 tests are now passing.. (#1046)

File:

• branches/HeuristicLab.Services.Authentication Prototype/Service/Provider/HeuristicLabMembershipProvider.cs (modified) (4 diffs)

branches/HeuristicLab.Services.Authentication Prototype/Service/Provider/HeuristicLabMembershipProvider.cs

@@ -22 +22 @@
     private bool pRequiresQuestionAndAnswer;
     private bool pRequiresUniqueEmail;
-    private int pMaxInvalidPasswordAttempts;
+    private int pMaxInvalidPasswordAttempts = 3;
     private int pPasswordAttemptWindow;
     private int pMinRequiredPasswordLength = 5;
@@ -69 +69 @@
 
     public override bool RequiresQuestionAndAnswer {
-      get { return pRequiresQuestionAndAnswer; }
+      get { return false; }
     }
 
@@ -163 +163 @@
           u.PasswordAnswer = newPasswordAnswer;
           u.PasswordQuestion = newPasswordQuestion;
+          
           db.SubmitChanges();
+          
           return true;
         }
@@ -432 +434 @@
           return false;
         }
-        HeuristicLabUser u = db.HeuristicLabUsers.Single(x => x.UserName == username);
-        isValid = CheckPassword(password, u.Password);
+        if (db.HeuristicLabUsers.Count(x => x.UserName == username && x.Locked == false) > 0) {
+          HeuristicLabUser u = db.HeuristicLabUsers.Single(x => x.UserName == username && x.Locked == false);
+          isValid = CheckPassword(password, u.Password) && u.FailedLogins <= MaxInvalidPasswordAttempts;
+          if (!isValid) {
+            u.FailedLogins++;
+            if (u.FailedLogins > MaxInvalidPasswordAttempts) {
+              u.Locked = true;
+            }
+          } else {
+            u.FailedLogins = 0;
+          }
+
+          db.SubmitChanges();
+        }
       }
       return isValid;