public override string ResetPassword(string username, string passwordAnswer)
{
if (!EnablePasswordReset)
{
throw new NotSupportedException();
}
SecUtility.CheckParameter(ref username, true, true, true, 256, "username");
string salt;
int passwordFormat;
int status;
bool isApproved;
GetPasswordWithFormat(username, out passwordFormat, out status, out salt, out isApproved);
//Check to see if there were any problems (may expand later to involve more specific errors)
if (status != 0) //problem occurred
{
throw new ProviderException();
}
//We will do encoding of passwords later, will require changes to createUser, ValidateUser, and others
//string encodedPasswordAnswer;
//if (!string.IsNullOrEmpty(passwordAnswer))
// encodedPasswordAnswer = EncodePassword(passwordAnswer.ToLower(), passwordFormat, salt);
//else
// encodedPasswordAnswer = passwordAnswer;
if (passwordAnswer != null)
{
passwordAnswer = passwordAnswer.Trim();
}
SecUtility.CheckParameter(ref passwordAnswer, RequiresQuestionAndAnswer, RequiresQuestionAndAnswer, false, 128, "passwordAnswer");
string newPassword = GeneratePassword();
ValidatePasswordEventArgs eventArgs = new ValidatePasswordEventArgs(username, newPassword, false);
OnValidatingPassword(eventArgs);
if (eventArgs.Cancel)
{
if (eventArgs.FailureInformation != null)
{
throw eventArgs.FailureInformation;
}
else
{
throw new ProviderException();
}
}
_dops.ResetDops();
_dops.Sproc = "usp_ResetPassword";
_dops.SetParameter("@Email", username, "IN");
_dops.SetParameter("@NewPassword", EncodePassword(newPassword, (int)passwordFormat, salt), "IN");
_dops.SetParameter("@PasswordFormat", passwordFormat, "IN");
_dops.SetParameter("@PasswordSalt", salt, "IN");
_dops.SetParameter("@PasswordAnswer", passwordAnswer, "IN");
_dops.SetParameter("RETURN_VALUE", string.Empty, "RETURN");
_dops.Execute_Sql();
int success = 1;
try
{
success = (int)_dops.GetOutputVariable("RETURN_VALUE");
}
catch (SqlException ex)
{
throw new ProviderException(ex.Message, ex);
}
//Check to see if there is a problem
if (success != 0)
{
throw new MembershipPasswordException(); //If there is a problem, throw the exception
}
return newPassword;
}