public override string ExtendedValidateUser(string userNameOrEmail, string password)
{
if (string.IsNullOrEmpty(userNameOrEmail))
{
throw CreateArgumentNullOrEmptyException("userNameOrEmail");
}
if (string.IsNullOrEmpty(password))
{
throw CreateArgumentNullOrEmptyException("password");
}
using (BlogUnitOfWork context = new BlogUnitOfWork(new ModelContextInit()))
{
User user = null;
user = context.Users.FirstOrDefault(Usr => Usr.Username == userNameOrEmail);
if (user == null)
{
user = context.Users.FirstOrDefault(Usr => Usr.Email == userNameOrEmail);
}
if (user == null)
{
return string.Empty;
}
if (!user.IsConfirmed)
{
return string.Empty;
}
dynamic hashedPassword = user.Password;
bool verificationSucceeded = (hashedPassword != null && CodeFirstCrypto.VerifyHashedPassword(hashedPassword, password));
if (verificationSucceeded)
{
user.PasswordFailuresSinceLastSuccess = 0;
}
else
{
int failures = user.PasswordFailuresSinceLastSuccess;
if (failures != -1)
{
user.PasswordFailuresSinceLastSuccess += 1;
user.LastPasswordFailureDate = DateTime.UtcNow;
}
}
context.SaveChanges();
if (verificationSucceeded)
{
return user.Username;
}
else
{
return string.Empty;
}
}
}