📄 bll_aspnet_membership.cs
字号:
//----------------------------------------------------------------
// <copyright file="BLL_AspNet_Membership.cs" >
// Copyright (c) Wenzy , All rights reserved.
// author:温正宇 E-Mail:wenzy@tom.com MyBlog:wenzy.cnblogs.com
// All rights reserved.
// </copyright>
//----------------------------------------------------------------
using System;
using System.Collections.Generic;
using System.Text;
using MemberShipDAL.DataObject;
using System.Security.Cryptography;
using System.Web.Security;
using System.Collections.Specialized;
using System.Text.RegularExpressions;
using System.Configuration.Provider;
using System.Web.Configuration;
using System.Web;
namespace MemberServerBLL
{
public class BLL_AspNet_Membership : MembershipProvider
{
#region 变量定义
/// <summary>
/// 获取密码类型
/// </summary>
private MembershipPasswordFormat _PasswordFormat;
public override MembershipPasswordFormat PasswordFormat { get { return _PasswordFormat; } }
/// <summary>
/// 最多尝试次数
/// </summary>
public override int MaxInvalidPasswordAttempts { get { return _MaxInvalidPasswordAttempts; } }
/// <summary>
/// 密码最少需要的长度
/// </summary>
public override int MinRequiredPasswordLength
{
get { return _MinRequiredPasswordLength; }
}
//最少需要的非数字字数
public override int MinRequiredNonAlphanumericCharacters
{
get { return _MinRequiredNonalphanumericCharacters; }
}
//密码强度正则表达式
public override string PasswordStrengthRegularExpression
{
get { return _PasswordStrengthRegularExpression; }
}
//应用程序名称
public override string ApplicationName
{
get { return _AppName; }
set
{
if (String.IsNullOrEmpty(value))
throw new ArgumentNullException("value");
if (value.Length > 256)
throw new ProviderException(SR.GetString(SR.Provider_application_name_too_long));
_AppName = value;
}
}
private string _AppName;
private int _MaxInvalidPasswordAttempts;
private int _MinRequiredPasswordLength;
private int _MinRequiredNonalphanumericCharacters;
private string _PasswordStrengthRegularExpression;
private const int PASSWORD_SIZE = 14;
#endregion
public BLL_AspNet_Membership(NameValueCollection config)
{
Initialize(config);
}
/// <summary>
/// 加载WebConfig配置,以便判断密码的配置
/// </summary>
/// <param name="name"></param>
/// <param name="config"></param>
public void Initialize(NameValueCollection config)
{
if (config == null)
throw new ArgumentNullException("config");
_MaxInvalidPasswordAttempts = SecUtility.GetIntValue(config, "maxInvalidPasswordAttempts", 5, false, 0);
_MinRequiredPasswordLength = SecUtility.GetIntValue(config, "minRequiredPasswordLength", 7, false, 128);
_MinRequiredNonalphanumericCharacters = SecUtility.GetIntValue(config, "minRequiredNonalphanumericCharacters", 1, true, 128);
_PasswordStrengthRegularExpression = config["passwordStrengthRegularExpression"];
if (_PasswordStrengthRegularExpression != null)
{
_PasswordStrengthRegularExpression = _PasswordStrengthRegularExpression.Trim();
if (_PasswordStrengthRegularExpression.Length != 0)
{
try
{
Regex regex = new Regex(_PasswordStrengthRegularExpression);
}
catch (ArgumentException e)
{
throw new ProviderException(e.Message, e);
}
}
}
else
{
_PasswordStrengthRegularExpression = string.Empty;
}
if (_MinRequiredNonalphanumericCharacters > _MinRequiredPasswordLength)
throw new HttpException(SR.GetString(SR.MinRequiredNonalphanumericCharacters_can_not_be_more_than_MinRequiredPasswordLength));
_AppName = config["applicationName"];
if (string.IsNullOrEmpty(_AppName))
_AppName = SecUtility.GetDefaultAppName();
if (_AppName.Length > 256)
{
throw new ProviderException(SR.GetString(SR.Provider_application_name_too_long));
}
string strTemp = config["passwordFormat"];
if (strTemp == null)
strTemp = "Hashed";
switch (strTemp)
{
case "Clear":
_PasswordFormat = MembershipPasswordFormat.Clear;
break;
case "Encrypted":
_PasswordFormat = MembershipPasswordFormat.Encrypted;
break;
case "Hashed":
_PasswordFormat = MembershipPasswordFormat.Hashed;
break;
default:
throw new ProviderException(SR.GetString(SR.Provider_bad_password_format));
}
config.Remove("connectionStringName");
config.Remove("enablePasswordRetrieval");
config.Remove("enablePasswordReset");
config.Remove("requiresQuestionAndAnswer");
config.Remove("applicationName");
config.Remove("requiresUniqueEmail");
config.Remove("maxInvalidPasswordAttempts");
config.Remove("passwordAttemptWindow");
config.Remove("commandTimeout");
config.Remove("passwordFormat");
config.Remove("name");
config.Remove("minRequiredPasswordLength");
config.Remove("minRequiredNonalphanumericCharacters");
config.Remove("passwordStrengthRegularExpression");
if (config.Count > 0)
{
string attribUnrecognized = config.GetKey(0);
if (!String.IsNullOrEmpty(attribUnrecognized))
throw new ProviderException(SR.GetString(SR.Provider_unrecognized_attribute, attribUnrecognized));
}
}
/// <summary>
/// 生成密码的Salt
/// </summary>
/// <returns></returns>
internal string GenerateSalt()
{
byte[] buf = new byte[16];
(new RNGCryptoServiceProvider()).GetBytes(buf);
return Convert.ToBase64String(buf);
}
/// <summary>
/// 密码加密
/// </summary>
/// <param name="pass"></param>
/// <param name="passwordFormat"></param>
/// <param name="salt"></param>
/// <returns></returns>
internal string EncodePassword(string pass, int passwordFormat, string salt)
{
if (passwordFormat == 0) // MembershipPasswordFormat.Clear
return pass;
byte[] bIn = Encoding.Unicode.GetBytes(pass);
byte[] bSalt = Convert.FromBase64String(salt);
byte[] bAll = new byte[bSalt.Length + bIn.Length];
byte[] bRet = null;
Buffer.BlockCopy(bSalt, 0, bAll, 0, bSalt.Length);
Buffer.BlockCopy(bIn, 0, bAll, bSalt.Length, bIn.Length);
if (passwordFormat == 1)
{ // MembershipPasswordFormat.Hashed
HashAlgorithm s = HashAlgorithm.Create(Membership.HashAlgorithmType);
bRet = s.ComputeHash(bAll);
}
else
{
bRet = EncryptPassword(bAll);
}
return Convert.ToBase64String(bRet);
}
/// <summary>
/// 强制修改密码
/// </summary>
/// <param name="userId"></param>
/// <param name="password"></param>
/// <returns></returns>
public int ForceResetPassword(Guid userId, string password)
{
string salt = GenerateSalt();
string pass = EncodePassword(password, (int)_PasswordFormat, salt);
MemberShipDAL.DataObject.DataMembershipTableAdapters.aspnet_MembershipTableAdapter da = new MemberShipDAL.DataObject.DataMembershipTableAdapters.aspnet_MembershipTableAdapter();
return da.UpdatePassword(pass, (int)_PasswordFormat, salt, userId, ApplicationName);
}
#region 以下是为了实现MembershipProvider而写的方法,没有实际用处,主要是为了强制修改密码
public override bool ChangePassword(string username, string oldPassword, string newPassword)
{
throw new Exception("The method or operation is not implemented.");
}
public override bool ChangePasswordQuestionAndAnswer(string username, string password, string newPasswordQuestion, string newPasswordAnswer)
{
throw new Exception("The method or operation is not implemented.");
}
public override MembershipUser CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status)
{
throw new Exception("The method or operation is not implemented.");
}
public override bool DeleteUser(string username, bool deleteAllRelatedData)
{
throw new Exception("The method or operation is not implemented.");
}
public override bool EnablePasswordReset
{
get { throw new Exception("The method or operation is not implemented."); }
}
public override bool EnablePasswordRetrieval
{
get { throw new Exception("The method or operation is not implemented."); }
}
public override MembershipUserCollection FindUsersByEmail(string emailToMatch, int pageIndex, int pageSize, out int totalRecords)
{
throw new Exception("The method or operation is not implemented.");
}
public override MembershipUserCollection FindUsersByName(string usernameToMatch, int pageIndex, int pageSize, out int totalRecords)
{
throw new Exception("The method or operation is not implemented.");
}
public override MembershipUserCollection GetAllUsers(int pageIndex, int pageSize, out int totalRecords)
{
throw new Exception("The method or operation is not implemented.");
}
public override int GetNumberOfUsersOnline()
{
throw new Exception("The method or operation is not implemented.");
}
public override string GetPassword(string username, string answer)
{
throw new Exception("The method or operation is not implemented.");
}
public override MembershipUser GetUser(string username, bool userIsOnline)
{
throw new Exception("The method or operation is not implemented.");
}
public override MembershipUser GetUser(object providerUserKey, bool userIsOnline)
{
throw new Exception("The method or operation is not implemented.");
}
public override string GetUserNameByEmail(string email)
{
throw new Exception("The method or operation is not implemented.");
}
public override int PasswordAttemptWindow
{
get { throw new Exception("The method or operation is not implemented."); }
}
public override bool RequiresQuestionAndAnswer
{
get { throw new Exception("The method or operation is not implemented."); }
}
public override bool RequiresUniqueEmail
{
get { throw new Exception("The method or operation is not implemented."); }
}
public override string ResetPassword(string username, string answer)
{
throw new Exception("The method or operation is not implemented.");
}
public override bool UnlockUser(string userName)
{
throw new Exception("The method or operation is not implemented.");
}
public override void UpdateUser(MembershipUser user)
{
throw new Exception("The method or operation is not implemented.");
}
public override bool ValidateUser(string username, string password)
{
throw new Exception("The method or operation is not implemented.");
}
#endregion
}
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -