[dbo].[aspnet_Membership_GetPassword]
SET ANSI_NULLS OFF
GO
CREATE PROCEDURE dbo.aspnet_Membership_GetPassword
@ApplicationName nvarchar(256),
@UserName nvarchar(256),
@MaxInvalidPasswordAttempts int,
@PasswordAttemptWindow int,
@CurrentTimeUtc datetime,
@PasswordAnswer nvarchar(128) = NULL
AS
BEGIN
DECLARE @UserId uniqueidentifier
DECLARE @PasswordFormat int
DECLARE @Password nvarchar(128)
DECLARE @passAns nvarchar(128)
DECLARE @IsLockedOut bit
DECLARE @LastLockoutDate datetime
DECLARE @FailedPasswordAttemptCount int
DECLARE @FailedPasswordAttemptWindowStart datetime
DECLARE @FailedPasswordAnswerAttemptCount int
DECLARE @FailedPasswordAnswerAttemptWindowStart datetime
DECLARE @ErrorCode int
SET @ErrorCode = 0
DECLARE @TranStarted bit
SET @TranStarted = 0
IF( @@TRANCOUNT = 0 )
BEGIN
BEGIN TRANSACTION
SET @TranStarted = 1
END
ELSE
SET @TranStarted = 0
SELECT @UserId = u.UserId,
@Password = m.Password,
@passAns = m.PasswordAnswer,
@PasswordFormat = m.PasswordFormat,
@IsLockedOut = m.IsLockedOut,
@LastLockoutDate = m.LastLockoutDate,
@FailedPasswordAttemptCount = m.FailedPasswordAttemptCount,
@FailedPasswordAttemptWindowStart = m.FailedPasswordAttemptWindowStart,
@FailedPasswordAnswerAttemptCount = m.FailedPasswordAnswerAttemptCount,
@FailedPasswordAnswerAttemptWindowStart = m.FailedPasswordAnswerAttemptWindowStart
FROM dbo.aspnet_Applications a, dbo.aspnet_Users u, dbo.aspnet_Membership m WITH ( UPDLOCK )
WHERE LOWER(@ApplicationName) = a.LoweredApplicationName AND
u.ApplicationId = a.ApplicationId AND
u.UserId = m.UserId AND
LOWER(@UserName) = u.LoweredUserName
IF ( @@rowcount = 0 )
BEGIN
SET @ErrorCode = 1
GOTO Cleanup
END
IF( @IsLockedOut = 1 )
BEGIN
SET @ErrorCode = 99
GOTO Cleanup
END
IF ( NOT( @PasswordAnswer IS NULL ) )
BEGIN
IF( ( @passAns IS NULL ) OR ( LOWER( @passAns ) <> LOWER( @PasswordAnswer ) ) )
BEGIN
IF( @CurrentTimeUtc > DATEADD( minute, @PasswordAttemptWindow, @FailedPasswordAnswerAttemptWindowStart ) )
BEGIN
SET @FailedPasswordAnswerAttemptWindowStart = @CurrentTimeUtc
SET @FailedPasswordAnswerAttemptCount = 1
END
ELSE
BEGIN
SET @FailedPasswordAnswerAttemptCount = @FailedPasswordAnswerAttemptCount + 1
SET @FailedPasswordAnswerAttemptWindowStart = @CurrentTimeUtc
END
BEGIN
IF( @FailedPasswordAnswerAttemptCount >= @MaxInvalidPasswordAttempts )
BEGIN
SET @IsLockedOut = 1
SET @LastLockoutDate = @CurrentTimeUtc
END
END
SET @ErrorCode = 3
END
ELSE
BEGIN
IF( @FailedPasswordAnswerAttemptCount > 0 )
BEGIN
SET @FailedPasswordAnswerAttemptCount = 0
SET @FailedPasswordAnswerAttemptWindowStart = CONVERT( datetime, '17540101', 112 )
END
END
UPDATE dbo.aspnet_Membership
SET IsLockedOut = @IsLockedOut, LastLockoutDate = @LastLockoutDate,
FailedPasswordAttemptCount = @FailedPasswordAttemptCount,
FailedPasswordAttemptWindowStart = @FailedPasswordAttemptWindowStart,
FailedPasswordAnswerAttemptCount = @FailedPasswordAnswerAttemptCount,
FailedPasswordAnswerAttemptWindowStart = @FailedPasswordAnswerAttemptWindowStart
WHERE @UserId = UserId
IF( @@ERROR <> 0 )
BEGIN
SET @ErrorCode = -1
GOTO Cleanup
END
END
IF( @TranStarted = 1 )
BEGIN
SET @TranStarted = 0
COMMIT TRANSACTION
END
IF( @ErrorCode = 0 )
SELECT @Password, @PasswordFormat
RETURN @ErrorCode
Cleanup:
IF( @TranStarted = 1 )
BEGIN
SET @TranStarted = 0
ROLLBACK TRANSACTION
END
RETURN @ErrorCode
END
GO
GRANT EXECUTE ON [dbo].[aspnet_Membership_GetPassword] TO [aspnet_Membership_BasicAccess]
GO
