Skip to content

Instantly share code, notes, and snippets.

@tiesont

tiesont/CustomMembershipProvider.cs

Last active December 22, 2015 04:49
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save tiesont/6420050 to your computer and use it in GitHub Desktop.
Save tiesont/6420050 to your computer and use it in GitHub Desktop.
Download ZIP
Template implementation of a custom ASP.NET MembershipProvider, using C#.
Raw
CustomMembershipProvider.cs
using System;
using System.Collections.Specialized;
using System.Configuration.Provider;
using System.Web.Configuration;
using System.Web.Security;
namespace Custom.Providers
{
public class CustomMembershipProvider : MembershipProvider
{
private string _applicationName, _passwordStrengthRegularExpression, _connectionString;
private bool _requiresUniqueEmail, _requiresQuestionAndAnswer, _enablePasswordRetrieval, _enablePasswordReset;
private int _passwordAttemptWindow, _minRequiredPasswordLength, _minRequiredNonAlphanumericCharacters, _maxInvalidPasswordAttempts;
private MachineKeySection _machineKey; //Used when determining encryption key values.
private MembershipPasswordFormat _passwordFormat = MembershipPasswordFormat.Hashed;
public override string ApplicationName
{
get
{
return _applicationName;
}
set
{
_applicationName = value;
}
}
public override int MaxInvalidPasswordAttempts
{
get { return _maxInvalidPasswordAttempts; }
}
public override int MinRequiredNonAlphanumericCharacters
{
get { return _minRequiredNonAlphanumericCharacters; }
}
public override int MinRequiredPasswordLength
{
get { return _minRequiredPasswordLength; }
}
public override int PasswordAttemptWindow
{
get { return _passwordAttemptWindow; }
}
public override MembershipPasswordFormat PasswordFormat
{
get { return _passwordFormat; }
}
public override string PasswordStrengthRegularExpression
{
get { return _passwordStrengthRegularExpression; }
}
public override bool RequiresQuestionAndAnswer
{
get { return _requiresQuestionAndAnswer; }
}
public override bool RequiresUniqueEmail
{
get { return _requiresUniqueEmail; }
}
public override bool EnablePasswordReset
{
get { return _enablePasswordReset; }
}
public override bool EnablePasswordRetrieval
{
get { return _enablePasswordRetrieval; }
}
public override bool ChangePassword( string username, string oldPassword, string newPassword )
{
throw new NotImplementedException();
}
public override bool ChangePasswordQuestionAndAnswer( string username, string password, string newPasswordQuestion, string newPasswordAnswer )
{
throw new NotImplementedException();
}
public override MembershipUser CreateUser( string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status )
{
throw new NotImplementedException();
}
public override bool DeleteUser( string username, bool deleteAllRelatedData )
{
throw new NotImplementedException();
}
public override MembershipUserCollection FindUsersByEmail( string emailToMatch, int pageIndex, int pageSize, out int totalRecords )
{
throw new NotImplementedException();
}
public override MembershipUserCollection FindUsersByName( string usernameToMatch, int pageIndex, int pageSize, out int totalRecords )
{
throw new NotImplementedException();
}
public override MembershipUserCollection GetAllUsers( int pageIndex, int pageSize, out int totalRecords )
{
throw new NotImplementedException();
}
public override int GetNumberOfUsersOnline()
{
throw new NotImplementedException();
}
public override string GetPassword( string username, string answer )
{
throw new NotImplementedException();
}
public override MembershipUser GetUser( string username, bool userIsOnline )
{
throw new NotImplementedException();
}
public override MembershipUser GetUser( object providerUserKey, bool userIsOnline )
{
throw new NotImplementedException();
}
public override string GetUserNameByEmail( string email )
{
throw new NotImplementedException();
}
public override string ResetPassword( string username, string answer )
{
throw new NotImplementedException();
}
public override bool UnlockUser( string userName )
{
throw new NotImplementedException();
}
public override void UpdateUser( MembershipUser user )
{
throw new NotImplementedException();
}
public override bool ValidateUser( string username, string password )
{
throw new NotImplementedException(); // NOTE: should implement this
}
public override void Initialize(string name, NameValueCollection config)
{
if (config == null)
{
throw new ArgumentNullException("config");
}
if (name == null || name.Length == 0)
{
name = "CustomMembershipProvider";
}
if (String.IsNullOrEmpty(config["description"]))
{
config.Remove("description");
config.Add("description", "Custom MembershipProvider");
}
// Initialize the abstract base class.
base.Initialize(name, config);
_applicationName = GetConfigValue(config, "applicationName", System.Web.Hosting.HostingEnvironment.ApplicationVirtualPath);
_maxInvalidPasswordAttempts = Convert.ToInt32(GetConfigValue(config, "maxInvalidPasswordAttempts", "5"));
_passwordAttemptWindow = Convert.ToInt32(GetConfigValue(config, "passwordAttemptWindow", "10"));
_minRequiredNonAlphanumericCharacters = Convert.ToInt32(GetConfigValue(config, "minRequiredAlphaNumericCharacters", "1"));
_minRequiredPasswordLength = Convert.ToInt32(GetConfigValue(config, "minRequiredPasswordLength", "7"));
_passwordStrengthRegularExpression = Convert.ToString(GetConfigValue(config, "passwordStrengthRegularExpression", String.Empty));
_enablePasswordReset = Convert.ToBoolean(GetConfigValue(config, "enablePasswordReset", "true"));
_enablePasswordRetrieval = Convert.ToBoolean(GetConfigValue(config, "enablePasswordRetrieval", "true"));
_requiresQuestionAndAnswer = Convert.ToBoolean(GetConfigValue(config, "requiresQuestionAndAnswer", "false"));
_requiresUniqueEmail = Convert.ToBoolean(GetConfigValue(config, "requiresUniqueEmail", "true"));
string temp_format = config["passwordFormat"];
if (temp_format == null)
{
temp_format = "Hashed";
}
switch (temp_format)
{
case "Hashed":
_passwordFormat = MembershipPasswordFormat.Hashed;
break;
case "Encrypted":
_passwordFormat = MembershipPasswordFormat.Encrypted;
break;
case "Clear":
_passwordFormat = MembershipPasswordFormat.Clear;
break;
default:
throw new ProviderException("Password format not supported.");
}
var ConnectionStringSettings = WebConfigurationManager.ConnectionStrings[config["connectionStringName"]];
if ((ConnectionStringSettings == null) || (string.IsNullOrWhiteSpace(ConnectionStringSettings.ConnectionString.Trim())))
{
throw new ProviderException("Connection string cannot be blank.");
}
_connectionString = ConnectionStringSettings.ConnectionString;
// Get encryption and decryption key information from the configuration.
var cfg = WebConfigurationManager.OpenWebConfiguration(System.Web.Hosting.HostingEnvironment.ApplicationVirtualPath);
_machineKey = cfg.GetSection("system.web/machineKey") as MachineKeySection;
if (_machineKey.ValidationKey.Contains("AutoGenerate"))
{
if (PasswordFormat != MembershipPasswordFormat.Clear)
{
throw new ProviderException("Hashed or encrypted passwords are not supported with auto-generated keys.");
}
}
}
private string GetConfigValue(NameValueCollection configuration, string key, string defaultValue)
{
if (configuration == null || String.IsNullOrEmpty(key))
{
return defaultValue;
}
return configuration[key];
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment