public IHttpActionResult PostNewUser(UserDTO userRequest)
{
if (!IsEmailAvailable(userRequest.Email))
{
var resp = new HttpResponseMessage(HttpStatusCode.MethodNotAllowed)
{
Content = new StringContent("Веќе постои корисник со внесената email адреса")
};
throw new HttpResponseException(resp);
}
byte[] salt;
rngCsp.GetBytes(salt = new byte[16]);
var pdkdf2 = new Rfc2898DeriveBytes(userRequest.Password, salt, 1000);
byte[] hash = pdkdf2.GetBytes(20);
byte[] hashBytes = new byte[36];
Array.Copy(salt, 0, hashBytes, 0, 16);
Array.Copy(hash, 0, hashBytes, 16, 20);
byte[] confirmationCode;
rngCsp.GetBytes(confirmationCode = new byte[10]);
User user = new User {
Email = userRequest.Email,
Password = Convert.ToBase64String(hashBytes),
Salt = Convert.ToBase64String(salt),
Role = "unconfirmed",
ConfirmationCode = Convert.ToBase64String(confirmationCode),
UserDetails = new UserDetails {
FirstName = userRequest.FirstName, LastName = userRequest.LastName
}
};
db.Users.Add(user);
db.SaveChanges();
ConfirmationMail.SendConfirmationEmail(user, Request);
return(Ok("Account successfully created"));
}
