C# Class Candor.Security.SqlProvider.UserProvider

Sql Server implementation of the cs.UserProvider.

The user and user salt tables can be accessed from a different connection than the audit tables if desired for extra security. You may want to store the salt for the users in a separate database server to make it less likely that a hacker would get into both systems and have a means to decrypt the user password hashes. If you do not want to do this or are not able to have the extra databases then just specifify the main 'connectionName' property and it will be used for all the tables. Separate connection names / strings is not typical in other providers. This is a special case for security reasons.

Inheritance: Candor.Security.UserProvider

Show file Open project: michael-lang/candor-common

Public Methods

Method	Description
GetLatestUserSessions ( System.Guid userId, Int32 take ) : List	Gets the latest session(s) for a given user.
GetUserByID ( System.Guid userId ) : User	Gets a user by identity.
GetUserByName ( string name ) : User	Gets a user by name.
Initialize ( string name, NameValueCollection config ) : void	Initializes the provider from the configuration values.
UserProvider ( ) : System	Creates a new instance.
UserProvider ( String name, string connectionName ) : System	Creates a new instance with a specific name and a single named connection used for all operations.
UserProvider ( String name, string connectionNameUser, string connectionNameUserSalt, string connectionNameAudit ) : System	Creates a new instance with a separate named connections for each secure area.
UserProvider ( string name ) : System	Creates a new isntance with a specific name. No initialization.

Protected Methods

Method	Description
GetRecentFailedUserNameAuthenticationCount ( string name ) : Int32	Gets the number of times a user name has failed authentication within the configured allowable failure period.
GetSessionAuthenticationHistory ( UserSession session ) : AuthenticationHistory	Gets the authentication history for a specific session.
GetUserSalt ( System.Guid userId ) : UserSalt	Gets a user's salt metadata.
GetUserSession ( System.Guid renewalToken ) : UserSession	Gets a user session by the renewal token.
InsertUserHistory ( AuthenticationHistory history ) : void	Inserts a new user authentication history.
SaveUser ( User user ) : void	Saves a user, insert or update depending if RecordId is non-zero.
SaveUserSalt ( UserSalt salt ) : void	Saves a user salt, insert or update depending if RecordId is non-zero.
SaveUserSession ( UserSession session ) : void	Saves a user session, insert or update.

Private Methods

Method	Description
BuildUser ( System.Data.SqlClient.SqlDataReader reader ) : User
GetConnectionString ( String name ) : string
InitializeInternal ( string name, NameValueCollection config ) : void

Method Details

GetLatestUserSessions() public method

Gets the latest session(s) for a given user.

public GetLatestUserSessions ( System.Guid userId, Int32 take ) : List
userId	System.Guid	The unique identity.
take	System.Int32	The maximum number of sessions to retrieve.
return	List

GetRecentFailedUserNameAuthenticationCount() protected method

Gets the number of times a user name has failed authentication within the configured allowable failure period.

protected GetRecentFailedUserNameAuthenticationCount ( string name ) : Int32
name	string
return	System.Int32

GetSessionAuthenticationHistory() protected method

Gets the authentication history for a specific session.

protected GetSessionAuthenticationHistory ( UserSession session ) : AuthenticationHistory
session	Candor.Security.UserSession
return	Candor.Security.AuthenticationHistory

GetUserByID() public method

Gets a user by identity.

public GetUserByID ( System.Guid userId ) : User
userId	System.Guid	The unique identity.
return	Candor.Security.User

GetUserByName() public method

Gets a user by name.

public GetUserByName ( string name ) : User
name	string	The unique sign in name.
return	Candor.Security.User

GetUserSalt() protected method

Gets a user's salt metadata.

protected GetUserSalt ( System.Guid userId ) : UserSalt
userId	System.Guid
return	Candor.Security.UserSalt

GetUserSession() protected method

Gets a user session by the renewal token.

protected GetUserSession ( System.Guid renewalToken ) : UserSession
renewalToken	System.Guid
return	Candor.Security.UserSession

Initialize() public method

Initializes the provider from the configuration values.

public Initialize ( string name, NameValueCollection config ) : void
name	string	The name of this provider instance.
config	System.Collections.Specialized.NameValueCollection	The configuration values.
return	void

InsertUserHistory() protected method

Inserts a new user authentication history.

protected InsertUserHistory ( AuthenticationHistory history ) : void
history	Candor.Security.AuthenticationHistory
return	void

SaveUser() protected method

Saves a user, insert or update depending if RecordId is non-zero.

protected SaveUser ( User user ) : void
user	Candor.Security.User
return	void

SaveUserSalt() protected method

Saves a user salt, insert or update depending if RecordId is non-zero.

protected SaveUserSalt ( UserSalt salt ) : void
salt	Candor.Security.UserSalt
return	void

SaveUserSession() protected method

Saves a user session, insert or update.

protected SaveUserSession ( UserSession session ) : void
session	Candor.Security.UserSession
return	void

UserProvider() public method

Creates a new instance.

public UserProvider ( ) : System
return	System

UserProvider() public method

Creates a new instance with a specific name and a single named connection used for all operations.

public UserProvider ( String name, string connectionName ) : System
name	String	A name for this provider instance, unique for all User Providers.
connectionName	string	A SQL database connection named defined in configuration.
return	System

UserProvider() public method

Creates a new instance with a separate named connections for each secure area.

public UserProvider ( String name, string connectionNameUser, string connectionNameUserSalt, string connectionNameAudit ) : System
name	String	A name for this provider instance, unique for all User Providers.
connectionNameUser	string	A SQL database connection named defined in configuration; used for the user table only.
connectionNameUserSalt	string	A SQL database connection named defined in configuration; used for storing user salts only.
connectionNameAudit	string	A SQL database connection named defined in configuration; used for audit tables.
return	System

UserProvider() public method

Creates a new isntance with a specific name. No initialization.

public UserProvider ( string name ) : System
name	string
return	System