public async Task <UserRegistrationResult> RegisterAsync(UserRegistrationObject registrationData)
{
if (await _userRepository.SelectUserAsync(registrationData.Email) != null)
{
return(UserRegistrationResult.UserExists);
}
if (!CredentialsValidator.IsValidEmail(registrationData.Email))
{
return(UserRegistrationResult.BadEmail);
}
if (!CredentialsValidator.IsValidPassword(registrationData.Password))
{
return(UserRegistrationResult.BadPassword);
}
if (!CredentialsValidator.IsValidName(registrationData.Name))
{
return(UserRegistrationResult.BadName);
}
var salt = PasswordHashHelper.GenerateSalt();
var passwordHash = PasswordHashHelper.GenerateHash(registrationData.Password, salt);
var userObject = new InsertUserObject
{
Email = registrationData.Email,
PasswordHash = passwordHash,
Salt = salt,
Name = registrationData.Name,
Address = registrationData.Address,
PhoneNumber = registrationData.PhoneNumber,
IsAdmin = false,
};
return(await _userRepository.InsertUserAsync(userObject)
? UserRegistrationResult.Success
: UserRegistrationResult.DatabaseError);
}
public async Task <bool> InsertUserAsync(InsertUserObject userObject)
{
bool result;
try
{
_logger.LogInformation("Preparing sql command to insert user");
var sqlCmd = _sqlConn.CreateCommand();
sqlCmd.CommandType = CommandType.StoredProcedure;
sqlCmd.CommandText = DbProcedures.InsertUser.ProcedureName;
sqlCmd.Parameters.AddRange(new[]
{
new MySqlParameter
{
ParameterName = DbProcedures.InsertUser.Parameters.Email,
DbType = DbType.String,
Value = userObject.Email
},
new MySqlParameter
{
ParameterName = DbProcedures.InsertUser.Parameters.Name,
DbType = DbType.String,
Value = userObject.Name
},
new MySqlParameter
{
ParameterName = DbProcedures.InsertUser.Parameters.PasswordHash,
DbType = DbType.String,
Value = userObject.PasswordHash
},
new MySqlParameter
{
ParameterName = DbProcedures.InsertUser.Parameters.Salt,
DbType = DbType.String,
Value = userObject.Salt
},
new MySqlParameter
{
ParameterName = DbProcedures.InsertUser.Parameters.Address,
DbType = DbType.String,
Value = userObject.Address
},
new MySqlParameter
{
ParameterName = DbProcedures.InsertUser.Parameters.PhoneNumber,
DbType = DbType.String,
Value = userObject.PhoneNumber
},
new MySqlParameter
{
ParameterName = DbProcedures.InsertUser.Parameters.Admin,
DbType = DbType.Boolean,
Value = userObject.IsAdmin
}
});
_logger.LogInformation("Inserting user into database");
await _sqlConn.OpenAsync();
await sqlCmd.ExecuteNonQueryAsync();
result = true;
}
catch (Exception ex)
{
_logger.LogError($"Exception while inserting user: {ex.Message}");
result = false;
}
finally
{
if (_sqlConn.State == ConnectionState.Open)
{
await _sqlConn.CloseAsync();
}
}
return(result);
}
