/
Service.cs
49 lines (41 loc) · 1.43 KB
/
Service.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
namespace Websilk.Services.Components
{
public class Login : Service
{
public Login(Core WebsilkCore) : base(WebsilkCore) { }
public string Authenticate(string email, string pass)
{
if (S.isSessionLost()) { return "err"; }
var page = new Page(S);
page.getPageInfo(pageId);
if (S.User.LogIn(email, pass, page.websiteId, page.websiteOwner))
{
//logged in
return "success";
}
return "err";
}
public Inject ForgotPassword()
{
//this feature is very vulnerable to attack and should
//require 2-way authentication (via cell phone)
var response = new Inject();
if (S.isSessionLost()) { return lostInject(); }
return response;
}
public string SavePass(string pass)
{
//save a new password for an existing user that does not have a password set
if (S.isSessionLost()) { return "err"; }
//validate password
if(pass == "") { return "err"; }
if(pass.Length < 8) { return "err"; }
if (S.Server.resetPass == true)
{
//update password for administrator
S.User.UpdatePassword(1, pass);
}
return "saved";
}
}
}