public HttpResponseMessage Post(RegistrationRequest registrationRequest) { try { var respList = new List <string>(); if (!AuthUtils.IsEmailValid(registrationRequest.Email)) { respList.Add(registrationRequest.Email); return(Request.CreateResponse(HttpStatusCode.BadRequest, RespH.Create(RespH.SRV_REG_INVALID_EMAIL, respList))); } if (registrationRequest.Password.Length < 8) { respList.Add(registrationRequest.Password); return(Request.CreateResponse(HttpStatusCode.BadRequest, RespH.Create(RespH.SRV_REG_INVALID_PASSWORD, respList))); } var user = _context.Users.AsNoTracking().SingleOrDefault(a => a.Email == registrationRequest.Email); if (user != null) { respList.Add(registrationRequest.Email); return(Request.CreateResponse(HttpStatusCode.BadRequest, RespH.Create(RespH.SRV_REG_EXISTS_EMAIL, respList))); } var salt = AuthUtils.GenerateSalt(); var confirmCode = AuthUtils.RandomNumString(6); var userId = SequentialGuid.NewGuid().ToString(); var newUser = new User { Id = userId, Email = registrationRequest.Email, Salt = salt, EmailSubCode = SequentialGuid.NewGuid().ToString(), SaltedAndHashedPassword = AuthUtils.Hash(registrationRequest.Password, salt), SaltedAndHashedEmail = AuthUtils.Hash(confirmCode, salt) }; _context.Users.Add(newUser); _context.SaveChanges(); AuthUtils.CreateAccount(_context, StandartLoginProvider.ProviderName, registrationRequest.Email, StandartLoginProvider.ProviderName + ":" + registrationRequest.Email, registrationRequest.Email, registrationRequest.FirstName); using (MailSender mailSender = new MailSender()) { var bem = new BaseEmailMessage { Code = ConstVals.Reg, ToUserId = newUser.Id, ToUserEmail = registrationRequest.Email, ToUserName = registrationRequest.FirstName, ConfirmCode = confirmCode }; mailSender.Create(_context, bem); } respList.Add(newUser.Id); return(Request.CreateResponse(HttpStatusCode.OK, RespH.Create(RespH.SRV_CREATED, respList))); } catch (Exception ex) { return(Request.CreateResponse(HttpStatusCode.BadRequest, RespH.Create(RespH.SRV_EXCEPTION, new List <string> { ex.ToString() }))); } }