public HttpResponseMessage AlterUser(string email, string oldPassword, string newPassword)
{
string connectionString = ConfigurationManager.ConnectionStrings["ApplicationServices"].ConnectionString;
using (MySqlConnection conn = new MySqlConnection(connectionString))
{
conn.Open();
try
{
var rdr = GetUserDataReader(conn, email, null);
while (rdr.Read())
{
if (rdr[2].ToString() == "1")
{
return(Request.CreateResponse(HttpStatusCode.Unauthorized, "Usuário Bloqueado"));
}
if (!UserRules.VerifyHash(oldPassword, "MD5", rdr[1].ToString()))
{
return(Request.CreateResponse(HttpStatusCode.Unauthorized, "Usuário e Senha Não Conferem"));
}
rdr.Close();
newPassword = UserRules.ComputeHash(newPassword, "MD5", null);
MySqlCommand comandoAlterUser = new MySqlCommand("UPDATE TB_USUARIO SET SENHA = @SENHA WHERE EMAIL = @EMAIL;", conn);
comandoAlterUser.Parameters.AddWithValue("@EMAIL", email);
comandoAlterUser.Parameters.AddWithValue("@SENHA", newPassword);
try
{
var exec = comandoAlterUser.ExecuteNonQuery();
if (exec == 1)
{
var newToken = Convert.ToBase64String(Guid.NewGuid().ToByteArray());
UserLoginController.AdicionarToken(rdr[0].ToString(), newToken, conn);
return(Request.CreateResponse(HttpStatusCode.OK, newToken));
}
else
{
return(Request.CreateResponse(HttpStatusCode.Unauthorized, "Houve um Erro ao Alterar seu Usário. Por Favor Entre em Contato com Nossa Central de Atendimento"));
}
}
finally { }
}
return(Request.CreateResponse(HttpStatusCode.Unauthorized, "Usuário e Senha Não Conferem"));
}
finally
{
conn.Close();
}
}
}
public HttpResponseMessage Login(string email, string password, string crm = null)
{
HttpResponseMessage retorno = new HttpResponseMessage();
string connectionString = ConfigurationManager.ConnectionStrings["ApplicationServices"].ConnectionString;
using (MySqlConnection conn = new MySqlConnection(connectionString))
{
try
{
conn.Open();
var rdr = GetUserDataReader(conn, email, crm);
if (rdr.Read())
{
if (rdr[2].ToString() == "1")
{
return(Request.CreateResponse(HttpStatusCode.Unauthorized, "Usuário Bloqueado."));
}
if (!UserRules.VerifyHash(password, "MD5", rdr[1].ToString()))
{
return(Request.CreateResponse(HttpStatusCode.Unauthorized, "Usuário/Senha Inválido."));
}
else
{
var id_user = rdr[0].ToString();
rdr.Close();
var newToken = Convert.ToBase64String(Guid.NewGuid().ToByteArray());
UserLoginController.AdicionarToken(id_user, newToken, conn);
return(Request.CreateResponse(HttpStatusCode.OK, newToken));
}
}
return(Request.CreateResponse(HttpStatusCode.Unauthorized, "Usuário/Senha Inválido."));
}
finally
{
conn.Close();
}
}
}