public override bool ValidateUser(string username, string password)
{
var userProfile = this.usersService.GetUserProfile(username);
if (userProfile == null)
{
return false;
}
var membership = this.usersService.GetMembership(userProfile.UserId);
if (membership == null)
{
return false;
}
if (!membership.IsConfirmed)
{
return false;
}
if (membership.PasswordSalt == this.usersService.GetHash(password))
{
return true;
}
// first once time we can validate through membership ConfirmationToken,
// to be logged in immediately after confirmation
if (membership.ConfirmationToken != null)
{
if (membership.ConfirmationToken == password)
{
membership.ConfirmationToken = null;
this.usersService.Save(membership, add: false);
return true;
}
}
return false;
}