public async Task <Guid> AddUser(Register register)
{
if (await _context.Users.AnyAsync(u => u.UserName == register.UserName))
{
throw new Exception("Username already exists");
}
var user = new User()
{
FirstName = register.FirstName,
LastName = register.LastName,
UserName = register.UserName.ToLower(),
EmailAddress = register.EmailAddress,
CreatedDate = DateTime.UtcNow
};
_passwordHasher.CreatePasswordHash(register.Password, out byte[] passwordHash, out byte[] passwordSalt);
user.PasswordHash = passwordHash;
user.PasswordSalt = passwordSalt;
await _context.Users.AddAsync(user);
await _context.SaveChangesAsync();
return(user.UserId);
}
/// <summary>
/// Create a new user.
/// </summary>
/// <param name="user">User details</param>
/// <param name="password">Password</param>
/// <returns>Newly created user</returns>
public User Create(User user, string password)
{
// Validation of required fields etc.
// TODO: Need to add in validation of required name fields etc.
if (string.IsNullOrWhiteSpace(password))
{
throw new AppException("Password is required");
}
if (_context.Users.Any(x => x.Email == user.Email))
{
throw new AppException($"User already exists with email address {user.Email}.");
}
// Hash password
_hasher.CreatePasswordHash(password, out byte[] passwordHash, out byte[] passwordSalt);
user.PasswordHash = passwordHash;
user.PasswordSalt = passwordSalt;
// Save user
_context.Users.Add(user);
_context.SaveChanges();
// TODO: Need to add step to verify email address is owned by the user.
return(user);
}
public async Task RegisterAsync(UserModel newUser, string password, string verificationCode)
{
//double check user does not exist in case function is called in some other way.
bool isUserExist = await _userRepository.IsExistsAsync(newUser.Email);
if (isUserExist)
{
throw new UserWithRequestedEmailAlreadyExistsException(newUser.Email);
}
EmailVerificationModel verification = await _userRepository.GetVerificationCodeAsync(newUser.Email);
if (verification.Code != verificationCode)
{
throw new IncorrectVerificationCodeException(verificationCode);
}
if (verification.ExpirationTime < DateTime.Now)
{
throw new VerificationCodeExpiredException(verification.ExpirationTime);
}
string passwordSalt = _passwordHasher.CreateSalt();
string passwordHash = _passwordHasher.CreatePasswordHash(password, passwordSalt);
newUser.PasswordHash = passwordHash;
newUser.PasswordSalt = passwordSalt;
newUser.IsAdmin = false;
newUser.Address.Id = Guid.NewGuid();
await _userRepository.AddAsync(newUser);
Log.Information("User with email {@email} created successfully", newUser.Email);
}
/// <summary>
/// Insert sample users into the database.
/// </summary>
/// <param name="modelBuilder">Database model builder</param>
public void SeedUsers(ModelBuilder modelBuilder)
{
var adminRole = new UserRole {
Name = "Admin"
};
var userRole = new UserRole {
Name = "User"
};
modelBuilder.Entity <UserRole>().HasData(adminRole);
modelBuilder.Entity <UserRole>().HasData(userRole);
_hasher.CreatePasswordHash("thisisapassword", out byte[] hash, out byte[] salt);
modelBuilder.Entity <User>().HasData(new User
{
Id = Guid.Parse("efb032d2-6f61-4ee8-b6a3-94fffe625be5"),
Email = "*****@*****.**",
FirstName = "John",
LastName = "Smith",
PasswordHash = hash,
PasswordSalt = salt,
//Roles = new[] { adminRole },
});
modelBuilder.Entity <User>().HasData(new User
{
Id = Guid.Parse("46253d9f-4c50-493a-9bb5-9fce27f1adb4"),
Email = "*****@*****.**",
FirstName = "Jim",
LastName = "Smith",
PasswordHash = hash,
PasswordSalt = salt,
//Roles = new[] { userRole },
});
}
private bool SeedFromConfig()
{
var claimTypesSection = _configuration.GetSection(nameof(ClaimType));
var claimTypes = claimTypesSection.Get <ClaimType[]>();
// Seed ClaimType entities
SeedEntities(claimTypes);
var claimsSection = _configuration.GetSection(nameof(Claim));
var claimsSeedModels = claimsSection.Get <ClaimSeedModel[]>();
foreach (var claimsSeedModel in claimsSeedModels)
{
var claimType = _dbContext.ClaimType
.Single(ct => ct.Name.Equals(claimsSeedModel.ClaimType));
_dbContext.Claim.Add(new Claim
{
ClaimType = claimType,
ClaimValue = claimsSeedModel.ClaimValue
});
}
// Seed Claim entities
_dbContext.SaveChanges();
// Read roles from config
var rolesSection = _configuration.GetSection(nameof(Role));
var roleSeedModels = rolesSection.Get <RoleSeedModel[]>();
var roles = roleSeedModels
.Select(rol => new Role
{
Name = rol.RoleName,
NormalizedName = rol.RoleName.ToUpperInvariant(),
Description = rol.RoleDescription
})
.ToArray();
// Seed Role entities
SeedEntities(roles);
// Assign claims to roles
//foreach (var roleSeedModel in roleSeedModels)
//{
// var claimSeedModels = roleSeedModel.Claim;
// // DbContext is not thread safe, so this does not work...
// Parallel.ForEach(claimSeedModels, (claimSeedModel) =>
// {
// var claim = _dbContext.Claim
// .FirstOrDefault(cl =>
// cl.ClaimType.Name.Equals(claimSeedModel.ClaimType)
// && cl.ClaimValue.Equals(claimSeedModel.ClaimValue));
// var role = _dbContext.Role.Single(rol => rol.Name.Equals(roleSeedModel.RoleName));
// var roleClaim = new RoleClaim
// {
// Role = role,
// Claim = claim
// };
// _dbContext.RoleClaim.Add(roleClaim);
// });
//}
//// Seed RoleClaim entities
//_dbContext.SaveChanges();
foreach (var roleSeedModel in roleSeedModels)
{
foreach (var claimSeedModel in roleSeedModel.Claim)
{
var claim = _dbContext.Claim
.FirstOrDefault(cl =>
cl.ClaimType.Name.Equals(claimSeedModel.ClaimType) &&
cl.ClaimValue.Equals(claimSeedModel.ClaimValue));
var role = _dbContext.Role.Single(rol => rol.Name.Equals(roleSeedModel.RoleName));
var roleClaim = new RoleClaim
{
Role = role,
Claim = claim
};
_dbContext.RoleClaim.Add(roleClaim);
}
}
_dbContext.SaveChanges();
// Read roles from config
var usersSection = _configuration.GetSection(nameof(User));
var usersSeedModels = usersSection.Get <UserSeedModel[]>();
var users = usersSeedModels
.Select(usr => new User
{
UserName = usr.UserName,
Role = _dbContext.Role.Single(rol => rol.Name.Equals(usr.Role)),
Password = new Password
{
Hash = _passwordHasher.CreatePasswordHash(usr.Password)
},
Person = usr.Person == null ? null : new Person
{
GivenName = usr.Person.GivenName,
Surname = usr.Person.SurName
},
})
.ToArray();
// Seed User entities
SeedEntities(users);
// Read admin user credentials from appsettings
var credentialsSection = _configuration.GetSection(nameof(Credentials));
var adminUserCredentials = credentialsSection.GetSection("Admin").Get <Credentials>();
return(true);
}
