lsm/Orchard
1
0
Fork 0
mirror of https://github.com/OrchardCMS/Orchard.git synced 2025-10-15 19:54:57 +08:00
Code Issues Actions 4 Packages Projects Releases Wiki Activity

Make user validate a bit more robust

Browse Source
This commit is contained in:
Renaud Paquay
2010-05-13 16:31:40 -07:00
parent edb1867e25
commit 641e3833cd
2 changed files with 23 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
src/Orchard.Web/Modules/Orchard.Users/Controllers/AccountController.cs
View File

@@ -173,12 +173,20 @@ namespace Orchard.Users.Controllers {
} }
private IUser ValidateLogOn(string userNameOrEmail, string password) { private IUser ValidateLogOn(string userNameOrEmail, string password) {
bool validate = true;
if (String.IsNullOrEmpty(userNameOrEmail)) { if (String.IsNullOrEmpty(userNameOrEmail)) {
ModelState.AddModelError("userNameOrEmail", T("You must specify a username or e-mail.")); ModelState.AddModelError("userNameOrEmail", T("You must specify a username or e-mail."));
validate = false;
} }
if (String.IsNullOrEmpty(password)) { if (String.IsNullOrEmpty(password)) {
ModelState.AddModelError("password", T("You must specify a password.")); ModelState.AddModelError("password", T("You must specify a password."));
validate = false;
} }
if (!validate)
return null;
var user = _membershipService.ValidateUser(userNameOrEmail, password); var user = _membershipService.ValidateUser(userNameOrEmail, password);
if (user == null) { if (user == null) {
ModelState.AddModelError("_FORM", T("The username or e-mail or password provided is incorrect.")); ModelState.AddModelError("_FORM", T("The username or e-mail or password provided is incorrect."));
@@ -188,12 +196,20 @@ namespace Orchard.Users.Controllers {
} }
private bool ValidateRegistration(string userName, string email, string password, string confirmPassword) { private bool ValidateRegistration(string userName, string email, string password, string confirmPassword) {
bool validate = true;
if (String.IsNullOrEmpty(userName)) { if (String.IsNullOrEmpty(userName)) {
ModelState.AddModelError("username", T("You must specify a username.")); ModelState.AddModelError("username", T("You must specify a username."));
validate = false;
} }
if (String.IsNullOrEmpty(email)) { if (String.IsNullOrEmpty(email)) {
ModelState.AddModelError("email", T("You must specify an email address.")); ModelState.AddModelError("email", T("You must specify an email address."));
validate = false;
} }
if (!validate)
return false;
string userUnicityMessage = _userService.VerifyUserUnicity(userName, email); string userUnicityMessage = _userService.VerifyUserUnicity(userName, email);
if (userUnicityMessage != null) { if (userUnicityMessage != null) {
ModelState.AddModelError("userExists", T(userUnicityMessage)); ModelState.AddModelError("userExists", T(userUnicityMessage));

13
src/Orchard.Web/Modules/Orchard.Users/Services/MembershipService.cs
View File

@@ -44,10 +44,9 @@ namespace Orchard.Users.Services {
} }
public IUser GetUser(string username) { public IUser GetUser(string username) {
if(username == null) { var lowerName = username == null ? "" : username.ToLower();
throw new ArgumentNullException("username");
} var userRecord = _userRepository.Get(x => x.NormalizedUserName == lowerName);
var userRecord = _userRepository.Get(x => x.NormalizedUserName == username.ToLower());
if (userRecord == null) { if (userRecord == null) {
return null; return null;
} }
@@ -55,9 +54,11 @@ namespace Orchard.Users.Services {
} }
public IUser ValidateUser(string userNameOrEmail, string password) { public IUser ValidateUser(string userNameOrEmail, string password) {
var userRecord = _userRepository.Get(x => x.NormalizedUserName == userNameOrEmail.ToLower()); var lowerName = userNameOrEmail == null ? "" : userNameOrEmail.ToLower();
var userRecord = _userRepository.Get(x => x.NormalizedUserName == lowerName);
if(userRecord == null) if(userRecord == null)
userRecord = _userRepository.Get(x => x.Email == userNameOrEmail.ToLower()); userRecord = _userRepository.Get(x => x.Email == lowerName);
if (userRecord == null || ValidatePassword(userRecord, password) == false) if (userRecord == null || ValidatePassword(userRecord, password) == false)
return null; return null;