siteidentity.cs

企业内部信息交流系统

using System;
using System.Data;
using System.Text;
using System.Collections;
using System.Security.Cryptography;

using infoWeb.WebModules.Accounts;

namespace infoWeb.WebModules.Accounts.Business
{
	/// <summary>
	/// Summary description for SiteIdentity.
	/// </summary>
	public class SiteIdentity: infoWeb.WebModules.Business.BizObject, System.Security.Principal.IIdentity
	{
		private string firstName;
		private string lastName;
		private string emailAddress;
		private byte[] password;
		private int userID;		

		// IIdentity interface requirments:
		// property AuthenticationType (string)
		// property IsAuthenticated (bool)
		// propertty Name (string)
	
		public string AuthenticationType
		{
			get
			{
				return "Custom Authentication";
			}
			set 
			{
				// do nothing
			}
		}

		public bool IsAuthenticated
		{
			get 
			{
				// assumption: all instances of a SiteIdentity have already
				// been authenticated.
				return true;
			}
		}

		public string Name
		{
			get 
			{
				return firstName + " " + lastName;
			}
		}

		// Constructors:

		public SiteIdentity( string currentEmailAddress )
		{
			Configuration.ModuleSettings moduleSettings = Configuration.ModuleConfig.GetSettings();
			Data.User dataUser = new Data.User( moduleSettings.ConnectionString );
			DataRow userRow = dataUser.Retrieve( currentEmailAddress );

			firstName = (string)userRow["FirstName"];
			lastName = (string)userRow["LastName"];
			emailAddress = currentEmailAddress;
			userID = (int)userRow["UserID"];
			password = (byte[])userRow["Password"];
		}
		
		public SiteIdentity( int currentUserID )
		{
			Configuration.ModuleSettings moduleSettings = Configuration.ModuleConfig.GetSettings();
			Data.User dataUser = new Data.User( moduleSettings.ConnectionString );
			DataRow userRow = dataUser.Retrieve( currentUserID );
			
			firstName = (string)userRow["FirstName"];
			lastName = (string)userRow["LastName"];
			emailAddress = (string)userRow["EmailAddress"];
			userID = currentUserID;
			password = (byte[])userRow["Password"];
		}

		// Properties and methods added on to existing interface implementation.
		public int TestPassword(string password)
		{
			// At some point, we may have a more complex way of encrypting or storing the passwords
			// so by supplying this procedure, we can simply replace its contents to move password
			// comparison to the database (as we've done below) or somewhere else (e.g. another
			// web service, etc).

			Configuration.ModuleSettings moduleSettings = Configuration.ModuleConfig.GetSettings();
			UnicodeEncoding encoding = new UnicodeEncoding();
			byte[] hashBytes = encoding.GetBytes( password );

			SHA1 sha1 = new SHA1CryptoServiceProvider();
			byte[] cryptPassword = sha1.ComputeHash( hashBytes );

			Data.User dataUser = new Data.User( moduleSettings.ConnectionString );
			return dataUser.TestPassword( userID, cryptPassword );
		}
		
		public string FirstName
		{
			get 
			{
				return firstName;
			}		
		}

		public string LastName
		{
			get 
			{
				return lastName;
			}
		}

		public string EmailAddress
		{
			get 
			{
				return emailAddress;
			}
		}

		public int UserID
		{
			get 
			{
				return userID;
			}
		}				

		public byte[] Password
		{
			get 
			{
				return password;
			}
		}
	}
}