public IHttpActionResult Post(BOC.Entities.User aUser)
{
try
{
BOC.Entities.Role lSystemUser = _BOCWebDBContext.Roles.Where(e => e.RoleId == "1").First();
BOCPasswordHasher lBOCPasswordHasher = new BOCPasswordHasher();
aUser.Password = lBOCPasswordHasher.HashPassword(aUser.Password);
aUser.Roles = new List<BOC.Entities.Role>();
aUser.Roles.Add(lSystemUser);
_BOCWebDBContext.Users.Add(aUser);
_BOCWebDBContext.SaveChanges();
return Ok();
}
catch (Exception e)
{
return BadRequest("Can't add system user!");
}
}
public IHttpActionResult ModifyPassword(ModifyPassword aModifyPassword)
{
logger.InfoFormat("ModifyPassword {0}", aModifyPassword.ToString());
try
{
BOCPasswordHasher lBOCPasswordHasher = new BOCPasswordHasher();
string lOldPassword = lBOCPasswordHasher.HashPassword(aModifyPassword.OldPassword);
string lNewPassword = lBOCPasswordHasher.HashPassword(aModifyPassword.NewPassword);
BOC.Entities.User lUser = _BOCWebDBContext.Users.Where(e => e.UserName == aModifyPassword.UserName
&& e.Password == lOldPassword).FirstOrDefault();
if (lUser != null)
{
lUser.Password = lNewPassword;
_BOCWebDBContext.Users.Attach(lUser);
_BOCWebDBContext.Entry<BOC.Entities.User>(lUser).State = System.Data.Entity.EntityState.Modified;
_BOCWebDBContext.SaveChanges();
return Ok();
}
else
{
return BadRequest("_oldpasswordincorrect");
}
}
catch(Exception e)
{
return BadRequest(e.ToString());
}
}
public IHttpActionResult RegisterUser(RegisterAccount aRegisterAccount)
{
try
{
BOC.Entities.User lUser = new BOC.Entities.User();
lUser.UserID = aRegisterAccount.username;
lUser.UserName = aRegisterAccount.username;
BOCPasswordHasher lBOCPasswordHasher = new BOCPasswordHasher();
lUser.Password = lBOCPasswordHasher.HashPassword(aRegisterAccount.password);
BOC.Entities.Company lCompany = new BOC.Entities.Company();
lCompany.LoginUserName = aRegisterAccount.username;
lCompany.CompanyName = aRegisterAccount.companyname;
lCompany.CompanyLocalName = aRegisterAccount.companylocalname;
lCompany.CompanyEmail = aRegisterAccount.companyemail;
lCompany.CompanyType = aRegisterAccount.companytype;
lCompany.CompanyRegTime = DateTime.Now.ToUniversalTime();
lCompany.CompanyPhoneNumber = aRegisterAccount.companyphone;
lCompany.CompanyFaxNumber = aRegisterAccount.companyfax;
lCompany.CompanyWebSite = aRegisterAccount.companywebsite;
lCompany.CompanyCountry = aRegisterAccount.companycountry;
lCompany.CompanyProvince = aRegisterAccount.companyprovince;
lCompany.CompanyAddress = aRegisterAccount.companyaddress;
lCompany.RegesterIpAddress = GetIP();
lCompany.ContactPersons = new List<BOC.Entities.ContactPerson>();
BOC.Entities.ContactPerson lContactPerson = new BOC.Entities.ContactPerson();
lContactPerson.ContactPersonName = aRegisterAccount.contactpersonname;
lContactPerson.ContactPersonEnglishName = aRegisterAccount.contactpersonenglishname;
lContactPerson.ContactPersonSex = aRegisterAccount.sex;
lContactPerson.ContactPersonCellPhoneNumber = aRegisterAccount.cellphone;
lCompany.ContactPersons.Add(lContactPerson);
BOC.Entities.Role lNewUserRole = _BOCWebDBContext.Roles.Where(e => e.RoleId == "5").First();
lUser.Roles = new List<BOC.Entities.Role>();
lUser.Roles.Add(lNewUserRole);
_BOCWebDBContext.Users.Add(lUser);
_BOCWebDBContext.Companys.Add(lCompany);
BOC.Entities.Log lLogCompany = new BOC.Entities.Log();
lLogCompany.LogTime = DateTime.Now;
lLogCompany.LogInfo = "[ADD] Company " + lCompany.Dump();
_BOCWebDBContext.Logs.Add(lLogCompany);
BOC.Entities.Log lLogUser = new BOC.Entities.Log();
lLogUser.LogTime = DateTime.Now;
lLogUser.LogInfo = "[ADD] User " + lUser.Dump();
_BOCWebDBContext.Logs.Add(lLogUser);
_BOCWebDBContext.SaveChanges();
return Ok();
}
catch(Exception e)
{
return BadRequest("_cannotaddaccount");
}
}
public IHttpActionResult ResetPassword(ResetPassowrdParams aResetPassowrdParams)
{
try
{
BOCPasswordHasher lBOCPasswordHasher = new BOCPasswordHasher();
string lNewPassword = lBOCPasswordHasher.HashPassword(aResetPassowrdParams.Password);
DESCode lDESCode = new DESCode();
string lUserName = lDESCode.DecryptDES(aResetPassowrdParams.UserName);
string[] lStringArray = lUserName.Split('|');
string lUserTrueName = lStringArray[0];
string lDateTime = lStringArray[1];
DateTime lNow = DateTime.Now;
DateTime lEmailDateTime = DateTime.Parse(lDateTime);
if ((lNow - lEmailDateTime).Days > 7)
{
return BadRequest("_resetpasswordexpired");
}
BOC.Entities.User lUser = _BOCWebDBContext.Users.Where(e => e.UserName == lUserTrueName).FirstOrDefault();
if (lUser != null)
{
lUser.Password = lNewPassword;
_BOCWebDBContext.Users.Attach(lUser);
_BOCWebDBContext.Entry<BOC.Entities.User>(lUser).State = System.Data.Entity.EntityState.Modified;
_BOCWebDBContext.SaveChanges();
return Ok();
}
else
{
return BadRequest("_reseterror");
}
}
catch (Exception e)
{
return BadRequest(e.ToString());
}
}
