321 lines
10 KiB
C#
Raw Normal View History

//
// System.Web.Security.Membership
//
// Authors:
// Ben Maurer (bmaurer@users.sourceforge.net)
// Lluis Sanchez Gual (lluis@novell.com)
//
// (C) 2003 Ben Maurer
// (C) 2005 Novell, inc.
//
//
// Permission is hereby granted, free of charge, to any person obtaining
// a copy of this software and associated documentation files (the
// "Software"), to deal in the Software without restriction, including
// without limitation the rights to use, copy, modify, merge, publish,
// distribute, sublicense, and/or sell copies of the Software, and to
// permit persons to whom the Software is furnished to do so, subject to
// the following conditions:
//
// The above copyright notice and this permission notice shall be
// included in all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
using System.Collections;
using System.Collections.Specialized;
using System.Text;
using System.Web.Configuration;
using System.Configuration;
using System.Security.Cryptography;
namespace System.Web.Security
{
public static class Membership
{
static MembershipProviderCollection providers;
static MembershipProvider provider;
static int onlineTimeWindow;
static string hashAlgorithmType;
static Membership ()
{
MembershipSection section = (MembershipSection) WebConfigurationManager.GetSection ("system.web/membership");
providers = new MembershipProviderCollection ();
ProvidersHelper.InstantiateProviders (section.Providers, providers, typeof (MembershipProvider));
provider = providers[section.DefaultProvider];
onlineTimeWindow = (int) section.UserIsOnlineTimeWindow.TotalMinutes;
hashAlgorithmType = section.HashAlgorithmType;
if (String.IsNullOrEmpty (hashAlgorithmType)) {
MachineKeySection mks = WebConfigurationManager.GetSection ("system.web/machineKey") as MachineKeySection;
MachineKeyValidationConverter cvt = new MachineKeyValidationConverter ();
hashAlgorithmType = cvt.ConvertTo (null, null, mks.Validation, typeof (string)) as string;
}
if (String.IsNullOrEmpty (hashAlgorithmType))
hashAlgorithmType = "SHA1";
}
public static MembershipUser CreateUser (string username, string password)
{
return CreateUser (username, password, null);
}
public static MembershipUser CreateUser (string username, string password, string email)
{
MembershipCreateStatus status;
MembershipUser usr = CreateUser (username, password, email, null, null, true, out status);
if (usr == null)
throw new MembershipCreateUserException (status);
return usr;
}
public static MembershipUser CreateUser (string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, out MembershipCreateStatus status)
{
return CreateUser (username, password, email, passwordQuestion, passwordAnswer, isApproved, null, out status);
}
public static MembershipUser CreateUser (string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status)
{
if (String.IsNullOrEmpty (username)) {
status = MembershipCreateStatus.InvalidUserName;
return null;
}
if (String.IsNullOrEmpty (password)) {
status = MembershipCreateStatus.InvalidPassword;
return null;
}
return Provider.CreateUser (username, password, email, passwordQuestion, passwordAnswer, isApproved, providerUserKey, out status);
}
public static bool DeleteUser (string username)
{
return Provider.DeleteUser (username, true);
}
public static bool DeleteUser (string username, bool deleteAllRelatedData)
{
return Provider.DeleteUser (username, deleteAllRelatedData);
}
public static string GeneratePassword (int length, int numberOfNonAlphanumericCharacters)
{
RandomNumberGenerator rng = RandomNumberGenerator.Create ();
byte[] pass_bytes = new byte[length];
int i;
int num_nonalpha = 0;
rng.GetBytes (pass_bytes);
for (i = 0; i < length; i ++) {
/* convert the random bytes to ascii values 33-126 */
pass_bytes[i] = (byte)(pass_bytes[i] % 93 + 33);
/* and count the number of
* non-alphanumeric characters we have
* as we go */
if ((pass_bytes[i] >= 33 && pass_bytes[i] <= 47)
|| (pass_bytes[i] >= 58 && pass_bytes[i] <= 64)
|| (pass_bytes[i] >= 91 && pass_bytes[i] <= 96)
|| (pass_bytes[i] >= 123 && pass_bytes[i] <= 126))
num_nonalpha++;
/* get rid of any quotes in the
* password, just in case they cause
* problems */
if (pass_bytes[i] == 34 || pass_bytes[i] == 39)
pass_bytes[i] ++;
else if (pass_bytes[i] == 96)
pass_bytes[i] --;
}
if (num_nonalpha < numberOfNonAlphanumericCharacters) {
/* loop over the array, converting the
* least number of alphanumeric
* characters to non-alpha */
for (i = 0; i < length; i ++) {
if (num_nonalpha == numberOfNonAlphanumericCharacters)
break;
if (pass_bytes[i] >= 48 && pass_bytes[i] <= 57) {
pass_bytes[i] = (byte)(pass_bytes[i] - 48 + 33);
num_nonalpha++;
}
else if (pass_bytes[i] >= 65 && pass_bytes[i] <= 90) {
pass_bytes[i] = (byte)((pass_bytes[i] - 65) % 13 + 33);
num_nonalpha++;
}
else if (pass_bytes[i] >= 97 && pass_bytes[i] <= 122) {
pass_bytes[i] = (byte)((pass_bytes[i] - 97) % 13 + 33);
num_nonalpha++;
}
/* and make sure we don't end up with quote characters */
if (pass_bytes[i] == 34 || pass_bytes[i] == 39)
pass_bytes[i]++;
else if (pass_bytes[i] == 96)
pass_bytes[i] --;
}
}
return Encoding.ASCII.GetString (pass_bytes);
}
public static MembershipUserCollection GetAllUsers ()
{
int total;
return GetAllUsers (0, int.MaxValue, out total);
}
public static MembershipUserCollection GetAllUsers (int pageIndex, int pageSize, out int totalRecords)
{
return Provider.GetAllUsers (pageIndex, pageSize, out totalRecords);
}
public static int GetNumberOfUsersOnline ()
{
return Provider.GetNumberOfUsersOnline ();
}
public static MembershipUser GetUser ()
{
return GetUser (HttpContext.Current.User.Identity.Name, true);
}
public static MembershipUser GetUser (bool userIsOnline)
{
return GetUser (HttpContext.Current.User.Identity.Name, userIsOnline);
}
public static MembershipUser GetUser (string username)
{
return GetUser (username, false);
}
public static MembershipUser GetUser (string username, bool userIsOnline)
{
return Provider.GetUser (username, userIsOnline);
}
public static MembershipUser GetUser (object providerUserKey)
{
return GetUser (providerUserKey, false);
}
public static MembershipUser GetUser (object providerUserKey, bool userIsOnline)
{
return Provider.GetUser (providerUserKey, userIsOnline);
}
public static string GetUserNameByEmail (string emailToMatch)
{
return Provider.GetUserNameByEmail (emailToMatch);
}
public static void UpdateUser (MembershipUser user)
{
Provider.UpdateUser (user);
}
public static bool ValidateUser (string username, string password)
{
return Provider.ValidateUser (username, password);
}
public static MembershipUserCollection FindUsersByEmail (string emailToMatch)
{
int totalRecords;
return Provider.FindUsersByEmail (emailToMatch, 0, int.MaxValue, out totalRecords);
}
public static MembershipUserCollection FindUsersByEmail (string emailToMatch, int pageIndex, int pageSize, out int totalRecords)
{
return Provider.FindUsersByEmail (emailToMatch, pageIndex, pageSize, out totalRecords);
}
public static MembershipUserCollection FindUsersByName (string usernameToMatch)
{
int totalRecords;
return Provider.FindUsersByName (usernameToMatch, 0, int.MaxValue, out totalRecords);
}
public static MembershipUserCollection FindUsersByName (string usernameToMatch, int pageIndex, int pageSize, out int totalRecords)
{
return Provider.FindUsersByName (usernameToMatch, pageIndex, pageSize, out totalRecords);
}
public static string ApplicationName {
get { return Provider.ApplicationName; }
set { Provider.ApplicationName = value; }
}
public static bool EnablePasswordReset {
get { return Provider.EnablePasswordReset; }
}
public static bool EnablePasswordRetrieval {
get { return Provider.EnablePasswordRetrieval; }
}
public static string HashAlgorithmType {
get { return hashAlgorithmType; }
}
public static bool RequiresQuestionAndAnswer {
get { return Provider.RequiresQuestionAndAnswer; }
}
public static int MaxInvalidPasswordAttempts {
get { return Provider.MaxInvalidPasswordAttempts; }
}
public static int MinRequiredNonAlphanumericCharacters {
get { return Provider.MinRequiredNonAlphanumericCharacters; }
}
public static int MinRequiredPasswordLength {
get { return Provider.MinRequiredPasswordLength; }
}
public static int PasswordAttemptWindow {
get { return Provider.PasswordAttemptWindow; }
}
public static string PasswordStrengthRegularExpression {
get { return Provider.PasswordStrengthRegularExpression; }
}
public static MembershipProvider Provider {
get { return provider; }
}
public static MembershipProviderCollection Providers {
get { return providers; }
}
public static int UserIsOnlineTimeWindow {
get { return onlineTimeWindow; }
}
public static event MembershipValidatePasswordEventHandler ValidatingPassword {
add { Provider.ValidatingPassword += value; }
remove { Provider.ValidatingPassword -= value; }
}
}
}