Geek Answers Handbook

Old member in the new mvc5 application

I need to reuse an old database created using the old membership provider, which creates tables with names like "dbo.aspnet_Users". I can create users using

MembershipUser createdUser = 
    Membership.CreateUser("UserName", "Password", "UserName@email.com", 
        "Password Question", "Password Answer", true, out status);

But when I try to check the user

Membership.ValidateUser("UserName", "Password")

As a result, I always get false.

Using Reflector, I found that I was calling this method from a class System.Web.Security.Membership:

public static bool ValidateUser(string username, string password)
{
   return Provider.ValidateUser(username, password);
}

And in the debugger, I see that both the username and password have their own values, after I enter the Provider.ValidateUser (username, password); I get to System.Web.Security.SqlMembershipProvider.ValidateUser:

public override bool ValidateUser(string username, string password)
{
    if ((SecUtility.ValidateParameter(ref username, true, true, true, 0x100) && SecUtility.ValidateParameter(ref password, true, true, false, 0x80)) && this.CheckPassword(username, password, true, true))
    {
        PerfCounters.IncrementCounter(AppPerfCounter.MEMBER_SUCCESS);
        WebBaseEvent.RaiseSystemEvent(null, 0xfa2, username);
        return true;
    }
    PerfCounters.IncrementCounter(AppPerfCounter.MEMBER_FAIL);
    WebBaseEvent.RaiseSystemEvent(null, 0xfa6, username);
    return false;
}

But the ValidateUser method parameter password is now null, and the username is not null. Am I doing something wrong?

upd: , http://youtu.be/N9rcNonGZTI

upd 2: ,

private bool CheckPassword(string username, string password, bool updateLastLoginActivityDate, bool failIfNotApproved, out string salt, out int passwordFormat)

System.Web.Security.SqlMembershipProvider

var provider = (SqlMembershipProvider) Membership.Provider;

var provider = (SqlMembershipProvider) Membership.Provider;

MethodInfo mInfoMethod = typeof(SqlMembershipProvider).GetMethod(
             "CheckPassword",
             BindingFlags.Instance | BindingFlags.NonPublic,
             Type.DefaultBinder,
             new[] { typeof(string), typeof(string), typeof(bool), typeof(bool), typeof(string).MakeByRefType(), typeof(int).MakeByRefType() }, null);
string str1 = null;
int num1 = 0;
var args = new object[] {"UserName", "Password", true, true, str1, num1};
var res = mInfoMethod.Invoke(provider, args);

, System.Web.Security.SqlMembershipProvider.CheckPassword :

private bool CheckPassword(string username, string password, bool updateLastLoginActivityDate, bool failIfNotApproved, out string salt, out int passwordFormat)
{
    SqlConnectionHolder connection = null;
    string str;
    int num;
    int num2;
    int num3;
    bool flag2;
    DateTime time;
    DateTime time2;
    this.GetPasswordWithFormat(username, updateLastLoginActivityDate, out num, out str, out passwordFormat, out salt, out num2, out num3, out flag2, out time, out time2);
    if (num != 0)
    {
        return false;
    }
    if (!flag2 && failIfNotApproved)
    {
        return false;
    }
    string str2 = this.EncodePassword(password, passwordFormat, salt);
    bool objValue = str.Equals(str2);
    if ((objValue && (num2 == 0)) && (num3 == 0))
    {
        return true;
    }
    try
    {
        try
        {
            connection = SqlConnectionHelper.GetConnection(this._sqlConnectionString, true);
            this.CheckSchemaVersion(connection.Connection);
            SqlCommand command = new SqlCommand("dbo.aspnet_Membership_UpdateUserInfo", connection.Connection);
            DateTime utcNow = DateTime.UtcNow;
            command.CommandTimeout = this.CommandTimeout;
            command.CommandType = CommandType.StoredProcedure;
            command.Parameters.Add(this.CreateInputParam("@ApplicationName", SqlDbType.NVarChar, this.ApplicationName));
            command.Parameters.Add(this.CreateInputParam("@UserName", SqlDbType.NVarChar, username));
            command.Parameters.Add(this.CreateInputParam("@IsPasswordCorrect", SqlDbType.Bit, objValue));
            command.Parameters.Add(this.CreateInputParam("@UpdateLastLoginActivityDate", SqlDbType.Bit, updateLastLoginActivityDate));
            command.Parameters.Add(this.CreateInputParam("@MaxInvalidPasswordAttempts", SqlDbType.Int, this.MaxInvalidPasswordAttempts));
            command.Parameters.Add(this.CreateInputParam("@PasswordAttemptWindow", SqlDbType.Int, this.PasswordAttemptWindow));
            command.Parameters.Add(this.CreateInputParam("@CurrentTimeUtc", SqlDbType.DateTime, utcNow));
            command.Parameters.Add(this.CreateInputParam("@LastLoginDate", SqlDbType.DateTime, objValue ? utcNow : time));
            command.Parameters.Add(this.CreateInputParam("@LastActivityDate", SqlDbType.DateTime, objValue ? utcNow : time2));
            SqlParameter parameter = new SqlParameter("@ReturnValue", SqlDbType.Int)
            {
                Direction = ParameterDirection.ReturnValue
            };
            command.Parameters.Add(parameter);
            command.ExecuteNonQuery();
            num = (parameter.Value != null) ? ((int)parameter.Value) : -1;
        }
        finally
        {
            if (connection != null)
            {
                connection.Close();
                connection = null;
            }
        }
    }
    catch
    {
        throw;
    }
    return objValue;
}

, , , .

+4

:

8
4

More articles:


All Articles