Models.UserSecrets Class
Namespace: Nucleus.Abstractions.Models
Assembly: Nucleus.Abstractions.dll
Represents password and other user-login information.
Properties
PasswordHash Property
User's password hash.
PasswordHashAlgorithm Property
Algorithm used to create the PasswordHash.
PasswordResetToken Property
Auto-generated token used for password resets.
PasswordResetTokenExpiryDate Property
Expiry date/time for PasswordResetToken
VerificationToken Property
Auto-generated token used for new user verification.
VerificationTokenExpiryDate Property
Expiry date/time for VerificationToken
PasswordQuestion Property
Not in use
PasswordAnswer Property
Not in use
LastLoginDate Property
Date/time of the last successful login.
LastPasswordChangedDate Property
Date/time that the user last changed their password.
LastLockoutDate Property
Date/Time of the last lockout for the user.
Remarks
Users are locked out for a configurable period of time after a configurable number of failed password attempts.
IsLockedOut Property
Gets or sets whether the user is locked out.
FailedPasswordAttemptCount Property
Gets or sets the number of times that the user has entered the wrong password, within the configured time window.
FailedPasswordWindowStart Property
Gets or sets the date/time of the first password attempt failure, within the configured time window.
FailedPasswordAnswerAttemptCount Property
Not in use
FailedPasswordAnswerWindowStart Property
Not in use
Salt Property
Random value used by the hash algorithm.
Methods
VerifyPassword (String) Method
VerifyPassword (String password)
Compare the submitted password with the user's saved password.
Parameters
| Name | Type |
|---|---|
| password | String |
Remarks
Login modules should use Nucleus.Core.UserManager.VerifyPassword rather than calling this function directly, because UserManager.VerifyPassword tracks login failures and manages account suspension. If the user 'secrets' record has a blank password or blank password hash algirithm, this function always returns false, because users without a password cannot login using the login module. Users can have no password if they are authenticated by a different method such as OAuth, or an Authenticator app.
SetPassword (String) Method
SetPassword (String newPassword)
Set the password for the user.
Parameters
| Name | Type |
|---|---|
| newPassword | String |