/Gradebook.Security/Providers/MembershipProvider.cs

using Gradebook.Contracts.Repositories;

using Gradebook.Contracts.Security;

using Gradebook.Model;

using System;

using System.Collections.Specialized;

using System.Linq;

using System.Web.Security;



namespace Gradebook.Security.Providers

{

    public class AccountMembershipProvider : MembershipProvider, IAccountProvider

    {

        public const string ProviderName = "AccountMembershipProvider";



        private IAccountRepository _repository;

        private IAccountRepository AccountRepository

        {

            get { return _repository ?? ProvidersHelper.GetAccountRepository(); }

            set { _repository = value; }

        }



        public AccountMembershipProvider() { }

        public AccountMembershipProvider(IAccountRepository repository)

        {

            AccountRepository = repository;

        }



        public override void Initialize(string name, NameValueCollection config)

        {

            if (config == null)

            {

                throw new ArgumentNullException("config");

            }

            if (string.IsNullOrEmpty(name))

            {

                name = ProviderName;

            }

            if (string.IsNullOrEmpty(config["description"]))

            {

                config.Remove("description");

                config.Add("description", "Extended Membership Provider");

            }



            base.Initialize(name, config);



            ApplicationName = config["applicationName"];



            if (string.IsNullOrEmpty(config["passwordStrengthRegularExpression"]))

            {

                _passwordStrengthRegularExpression = config["passwordStrengthRegularExpression"];

            }

            if (string.IsNullOrEmpty(config["enablePasswordReset"]))

            {

                _enablePasswordReset = Convert.ToBoolean(config["enablePasswordReset"]);

            }

            if (string.IsNullOrEmpty(config["enablePasswordRetrieval"]))

            {

                _enablePasswordRetrieval = Convert.ToBoolean(config["enablePasswordRetrieval"]);

            }

            if (string.IsNullOrEmpty(config["requiresQuetionAndAnswer"]))

            {

                _requiresQuetionAndAnswer = Convert.ToBoolean(config["requiresQuetionAndAnswer"]);

            }

            if (string.IsNullOrEmpty(config["requiresUniqueEmail"]))

            {

                _requiresUniqueEmail = Convert.ToBoolean(config["requiresUniqueEmail"]);

            }

            if (string.IsNullOrEmpty(config["maxInvalidPasswordAttempts"]))

            {

                _maxInvalidPasswordAttempts = Convert.ToInt32(config["maxInvalidPasswordAttempts"]);

            }

            if (string.IsNullOrEmpty(config["passwordAttemptWindow"]))

            {

                _passwordAttemptWindow = Convert.ToInt32(config["passwordAttemptWindow"]);

            }

            if (string.IsNullOrEmpty(config["minRequiredPasswordLength"]))

            {

                _minRequiredPasswordLength = Convert.ToInt32(config["minRequiredPasswordLength"]);

            }

            if (string.IsNullOrEmpty(config["minRequiredNonalphanumericCharacters"]))

            {

                _minRequiredNonalphanumericCharacters = Convert.ToInt32(config["minRequiredNonalphanumericCharacters"]);

            }

            if (string.IsNullOrEmpty(config["passwordFormat"]))

            {

                Enum.TryParse(config["passwordFormat"], true, out _passwordFormat);

            }

        }



        #region "Default config values"



        private string _passwordStrengthRegularExpression = "";

        private bool _enablePasswordReset = true;

        private bool _enablePasswordRetrieval = false;

        private bool _requiresQuetionAndAnswer = false;

        private bool _requiresUniqueEmail = true;

        private int _maxInvalidPasswordAttempts = 5;

        private int _passwordAttemptWindow = 10;

        private int _minRequiredPasswordLength = 6;

        private int _minRequiredNonalphanumericCharacters = 1;

        private MembershipPasswordFormat _passwordFormat = MembershipPasswordFormat.Hashed;



        #endregion



        #region "Properties"



        public override string ApplicationName { get; set; }

        public override string PasswordStrengthRegularExpression

        {

            get { return _passwordStrengthRegularExpression; }

        }

        public override bool EnablePasswordReset

        {

            get { return _enablePasswordReset; }

        }



        public override bool EnablePasswordRetrieval

        {

            get { return _enablePasswordRetrieval; }

        }

        public override bool RequiresQuestionAndAnswer

        {

            get { return _requiresQuetionAndAnswer; }

        }

        public override bool RequiresUniqueEmail

        {

            get { return _requiresUniqueEmail; }

        }

        public override int MaxInvalidPasswordAttempts

        {

            get { return _maxInvalidPasswordAttempts; }

        }

        public override int MinRequiredNonAlphanumericCharacters

        {

            get { return _minRequiredNonalphanumericCharacters; }

        }

        public override int MinRequiredPasswordLength

        {

            get { return _minRequiredPasswordLength; }

        }

        public override int PasswordAttemptWindow

        {

            get { return _passwordAttemptWindow; }

        }

        public override MembershipPasswordFormat PasswordFormat

        {

            get { return _passwordFormat; }

        }



        #endregion



        #region "Main Functions"



        public override MembershipUser CreateUser(

            string username,

            string password,

            string email,

            string passwordQuestion,

            string passwordAnswer,

            bool isApproved,

            object providerUserKey,

            out MembershipCreateStatus status)

        {

            var args = new ValidatePasswordEventArgs(username, password, true);

            OnValidatingPassword(args);



            if (args.Cancel)

            {

                status = MembershipCreateStatus.InvalidPassword;

                return null;

            }

            if (RequiresUniqueEmail && !string.IsNullOrEmpty(GetUserNameByEmail(email)))

            {

                status = MembershipCreateStatus.DuplicateEmail;

                return null;

            }



            var user = GetUser(username, false);

            if (user == null)

            {

                //var hashedPassword = Cryptography.HashPassword(password);

                AccountRepository.Create(username, password, email);

                AccountRepository.Commit();

                status = MembershipCreateStatus.Success;

                return GetUser(username, false);

            }



            status = MembershipCreateStatus.DuplicateUserName;

            return null;

        }



        public override MembershipUser GetUser(string username, bool userIsOnline)

        {

            if (!AccountRepository.Contains(username)) return null;



            var user = AccountRepository.GetUserByName(username);



            return new MembershipUser(

                ProviderName,

                user.Name,

                user.Id,

                user.Email,

                null,               // user.PasswordQuestion

                null,               // user.Comment

                true,               // user.IsApproved

                false,              // user.isLockedOut

                DateTime.Now,       // user.CreationDate

                DateTime.Now,       // user.LastLoginDate

                DateTime.Now,       // user.LastActivityDate

                DateTime.Now,       // user.PasswordChangedDate

                DateTime.MinValue   // user.LastLockedOutDate

                );

        }



        public User CurrentUser

        {

            get

            {

                var user = Membership.GetUser();

                if (user != null)

                {

                    if (user.ProviderUserKey != null)

                    {

                        var id = (int)user.ProviderUserKey;

                        return AccountRepository.Read(id);

                    }

                }

                return null;

            }

        }



        public override string GetUserNameByEmail(string email)

        {

            var user = AccountRepository.Get(x => x.Email == email).FirstOrDefault();

            return (user != null) ? user.Name : string.Empty;

        }



        public override void UpdateUser(MembershipUser user)

        {

            AccountRepository.Update(new User

            {

                Name = user.UserName,

                Email = user.Email

            });

            AccountRepository.Commit();

        }



        public override bool ValidateUser(string username, string password)

        {

            var user = AccountRepository.GetUserByName(username);

            //return user != null && Cryptography.VerifyHashedPassword(user.Password, password);

            return user != null && user.Password == password;

        }



        public override bool DeleteUser(string username, bool deleteAllRelatedData)

        {

            var user = AccountRepository.GetUserByName(username);

            if (user != null)

            {

                AccountRepository.Delete(user);

                AccountRepository.Commit();

                return true;

            }



            return false;

        }



        #endregion



        #region Not implemented



        public override bool ChangePasswordQuestionAndAnswer(string username, string password, string newPasswordQuestion, string newPasswordAnswer)

        {

            throw new NotImplementedException();

        }



        public override string GetPassword(string username, string answer)

        {

            throw new NotImplementedException();

        }



        public override bool ChangePassword(string username, string oldPassword, string newPassword)

        {

            throw new NotImplementedException();

        }



        public override string ResetPassword(string username, string answer)

        {

            throw new NotImplementedException();

        }



        public override bool UnlockUser(string userName)

        {

            throw new NotImplementedException();

        }



        public override MembershipUser GetUser(object providerUserKey, bool userIsOnline)

        {

            throw new NotImplementedException();

        }



        public override MembershipUserCollection GetAllUsers(int pageIndex, int pageSize, out int totalRecords)

        {

            throw new NotImplementedException();

        }



        public override int GetNumberOfUsersOnline()

        {

            throw new NotImplementedException();

        }



        public override MembershipUserCollection FindUsersByName(string usernameToMatch, int pageIndex, int pageSize, out int totalRecords)

        {

            throw new NotImplementedException();

        }



        public override MembershipUserCollection FindUsersByEmail(string emailToMatch, int pageIndex, int pageSize, out int totalRecords)

        {

            throw new NotImplementedException();

        }



        #endregion

    }

}