using System; using System.Collections.Generic; using System.Linq; using System.Web; using System.Web.Security; using System.Security.Cryptography; using System.Net.Mail; namespace CustomMembership.Models { public class UserRepository { public MembershipUser CreateUser(string username, string password, string email) { using (CustomMembershipDB db = new CustomMembershipDB()) { User user = new User(); user.UserName = username; user.Email = email; user.PasswordSalt = CreateSalt(); user.Password = CreatePasswordHash(password, user.PasswordSalt); user.CreatedDate = DateTime.Now; user.IsActivated = false; user.IsLockedOut = false; user.LastLockedOutDate = DateTime.Now; user.LastLoginDate = DateTime.Now; user.NewEmailKey = GenerateKey(); db.AddToUsers(user); db.SaveChanges(); string ActivationLink = "http://localhost:PORT/Account/Activate/" + user.UserName + "/" + user.NewEmailKey; var message = new MailMessage("EMAIL_FROM", user.Email) { Subject = "Activate your account", Body = ActivationLink }; var client = new SmtpClient("SERVER"); client.Credentials = new System.Net.NetworkCredential("USERNAME", "PASSWORD"); client.UseDefaultCredentials = false; client.Send(message); return GetUser(username); } } public bool ActivateUser(string username, string key) { using (CustomMembershipDB db = new CustomMembershipDB()) { var result = from u in db.Users where (u.UserName == username) select u; if (result.Count() != 0) { var dbuser = result.First(); if (dbuser.NewEmailKey == key) { dbuser.IsActivated = true; dbuser.LastModifiedDate = DateTime.Now; dbuser.NewEmailKey = null; db.SaveChanges(); return true; } else { return false; } } else { return false; } } } public bool ValidateUser(string username, string password) { using (CustomMembershipDB db = new CustomMembershipDB()) { var result = from u in db.Users where (u.UserName == username) select u; if (result.Count() != 0) { var dbuser = result.First(); if (dbuser.Password == CreatePasswordHash(password, dbuser.PasswordSalt) && dbuser.IsActivated == true) return true; else return false; } else { return false; } } } public string GetUserNameByEmail(string email) { using (CustomMembershipDB db = new CustomMembershipDB()) { var result = from u in db.Users where (u.Email == email) select u; if (result.Count() != 0) { var dbuser = result.FirstOrDefault(); return dbuser.UserName; } else { return ""; } } } public MembershipUser GetUser(string username) { using (CustomMembershipDB db = new CustomMembershipDB()) { var result = from u in db.Users where (u.UserName == username) select u; if (result.Count() != 0) { var dbuser = result.FirstOrDefault(); string _username = dbuser.UserName; int _providerUserKey = dbuser.UserId; string _email = dbuser.Email; string _passwordQuestion = ""; string _comment = dbuser.Comments; bool _isApproved = dbuser.IsActivated; bool _isLockedOut = dbuser.IsLockedOut; DateTime _creationDate = dbuser.CreatedDate; DateTime _lastLoginDate = dbuser.LastLoginDate; DateTime _lastActivityDate = DateTime.Now; DateTime _lastPasswordChangedDate = DateTime.Now; DateTime _lastLockedOutDate = dbuser.LastLockedOutDate; MembershipUser user = new MembershipUser("CustomMembershipProvider", _username, _providerUserKey, _email, _passwordQuestion, _comment, _isApproved, _isLockedOut, _creationDate, _lastLoginDate, _lastActivityDate, _lastPasswordChangedDate, _lastLockedOutDate); return user; } else { return null; } } } private static string CreateSalt() { RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider(); byte[] buff = new byte[32]; rng.GetBytes(buff); return Convert.ToBase64String(buff); } private static string CreatePasswordHash(string pwd, string salt) { string saltAndPwd = String.Concat(pwd, salt); string hashedPwd = FormsAuthentication.HashPasswordForStoringInConfigFile( saltAndPwd, "sha1"); return hashedPwd; } private static string GenerateKey() { Guid emailKey = Guid.NewGuid(); return emailKey.ToString(); } } }