public async Task <IHttpActionResult> Register([FromBody] RegisterForm form)
        {
            try
            {
                var check = db.accounts.Where(a => a.username == form.username).FirstOrDefault();
                if (check == null)
                {
                    var pa1  = HashPassword.hashPassword(form.password);
                    var pa2  = HashPassword.hashPassword(form.password2);
                    var role = 2;
                    if (form.section.ToLower() == "teacher")
                    {
                        role = 1;
                    }
                    if (pa1 == pa2)
                    {
                        var user = new account
                        {
                            card_id   = form.card_id,
                            username  = form.username,
                            password  = pa1,
                            password2 = pa2,
                            section   = form.section,
                            status    = false,
                            role_id   = role,
                            date_join = form.date_join,
                            create_at = DateTime.Now
                        };
                        db.accounts.Add(user);
                        int val = await db.SaveChangesAsync();

                        if (val > 0)
                        {
                            var msg = new ResponseMsg
                            {
                                message = "Register success. please wait check from admin."
                            };
                            return(Created("ok", msg));
                        }
                        else
                        {
                            return(BadRequest("Register fails."));
                        }
                    }
                    else
                    {
                        return(BadRequest("Passwords are not the same."));
                    }
                }
                else
                {
                    return(BadRequest("username have changes."));
                }
            }
            catch (Exception e)
            {
                string message = e.Message;
                return(BadRequest(message));
            }
        }
        public async Task <IHttpActionResult> ResetPasswordAdmin([FromBody] admin form)
        {
            try
            {
                var identity = (ClaimsIdentity)User.Identity;
                var username = identity.Claims.Where(a => a.Type == ClaimTypes.Name).Select(c => c.Value).FirstOrDefault();
                var admin    = (from a in db.admins where a.username == username select a).FirstOrDefault();
                if (admin != null)
                {
                    admin.password = HashPassword.hashPassword(form.password);
                    int val = await db.SaveChangesAsync();

                    if (val > 0)
                    {
                        return(Ok(await FetchDetailsAdmin.GetDetailsAccount(admin.id)));
                    }
                    else
                    {
                        return(BadRequest("Reset password error."));
                    }
                }
                else
                {
                    return(BadRequest("Not found accounts."));
                }
            }
            catch (Exception e)
            {
                return(BadRequest(e.Message));
            }
        }
        public async Task <IHttpActionResult> ResetPassword(int id, [FromBody] ResetAccount form)
        {
            try
            {
                var account = (from a in db.accounts where a.id == id select a).FirstOrDefault();
                if (account != null)
                {
                    //check same password
                    var pass1 = HashPassword.hashPassword(form.password);
                    var pass2 = HashPassword.hashPassword(form.pre_password);
                    if (pass1 == pass2)
                    {
                        account.password  = pass1;
                        account.password2 = pass2;
                        int val = await db.SaveChangesAsync();

                        //search  from list report
                        var findListReport = db.report_account.Where(a => a.account_id == account.id).FirstOrDefault();
                        if (findListReport != null)
                        {
                            db.Entry(findListReport).State = System.Data.Entity.EntityState.Deleted;
                            await db.SaveChangesAsync();
                        }
                        if (val > 0)
                        {
                            return(Ok(await FetchDetailsAccount.GetDetailsAccount(id)));
                        }
                        else
                        {
                            return(BadRequest("Reset password error."));
                        }
                    }
                    else
                    {
                        return(BadRequest("Passwords are not the same."));
                    }
                }
                else
                {
                    return(BadRequest("Not found accounts."));
                }
            }catch (Exception e)
            {
                return(BadRequest(e.Message));
            }
        }
        public async Task <IHttpActionResult> ResetPasswordUser([FromBody] account form)
        {
            try
            {
                var identity = (ClaimsIdentity)User.Identity;
                var username = identity.Claims.Where(a => a.Type == ClaimTypes.Name).Select(c => c.Value).FirstOrDefault();
                var account  = (from a in db.accounts where a.username == username select a).FirstOrDefault();
                if (account != null)
                {
                    //check same password
                    var pass1 = HashPassword.hashPassword(form.password);
                    var pass2 = HashPassword.hashPassword(form.password2);
                    if (pass1 == pass2)
                    {
                        account.password  = pass1;
                        account.password2 = pass2;
                        int val = await db.SaveChangesAsync();

                        if (val > 0)
                        {
                            return(Ok(await FetchDetailsAccount.GetDetailsAccount(account.id)));
                        }
                        else
                        {
                            return(BadRequest("Reset password error."));
                        }
                    }
                    else
                    {
                        return(BadRequest("Passwords are not the same."));
                    }
                }
                else
                {
                    return(BadRequest("Not found accounts."));
                }
            }
            catch (Exception e)
            {
                return(BadRequest(e.Message));
            }
        }