public async Task <UserRegistrationResult> RegisterAsync(UserRegistrationObject registrationData) { if (await _userRepository.SelectUserAsync(registrationData.Email) != null) { return(UserRegistrationResult.UserExists); } if (!CredentialsValidator.IsValidEmail(registrationData.Email)) { return(UserRegistrationResult.BadEmail); } if (!CredentialsValidator.IsValidPassword(registrationData.Password)) { return(UserRegistrationResult.BadPassword); } if (!CredentialsValidator.IsValidName(registrationData.Name)) { return(UserRegistrationResult.BadName); } var salt = PasswordHashHelper.GenerateSalt(); var passwordHash = PasswordHashHelper.GenerateHash(registrationData.Password, salt); var userObject = new InsertUserObject { Email = registrationData.Email, PasswordHash = passwordHash, Salt = salt, Name = registrationData.Name, Address = registrationData.Address, PhoneNumber = registrationData.PhoneNumber, IsAdmin = false, }; return(await _userRepository.InsertUserAsync(userObject) ? UserRegistrationResult.Success : UserRegistrationResult.DatabaseError); }
public async Task <bool> InsertUserAsync(InsertUserObject userObject) { bool result; try { _logger.LogInformation("Preparing sql command to insert user"); var sqlCmd = _sqlConn.CreateCommand(); sqlCmd.CommandType = CommandType.StoredProcedure; sqlCmd.CommandText = DbProcedures.InsertUser.ProcedureName; sqlCmd.Parameters.AddRange(new[] { new MySqlParameter { ParameterName = DbProcedures.InsertUser.Parameters.Email, DbType = DbType.String, Value = userObject.Email }, new MySqlParameter { ParameterName = DbProcedures.InsertUser.Parameters.Name, DbType = DbType.String, Value = userObject.Name }, new MySqlParameter { ParameterName = DbProcedures.InsertUser.Parameters.PasswordHash, DbType = DbType.String, Value = userObject.PasswordHash }, new MySqlParameter { ParameterName = DbProcedures.InsertUser.Parameters.Salt, DbType = DbType.String, Value = userObject.Salt }, new MySqlParameter { ParameterName = DbProcedures.InsertUser.Parameters.Address, DbType = DbType.String, Value = userObject.Address }, new MySqlParameter { ParameterName = DbProcedures.InsertUser.Parameters.PhoneNumber, DbType = DbType.String, Value = userObject.PhoneNumber }, new MySqlParameter { ParameterName = DbProcedures.InsertUser.Parameters.Admin, DbType = DbType.Boolean, Value = userObject.IsAdmin } }); _logger.LogInformation("Inserting user into database"); await _sqlConn.OpenAsync(); await sqlCmd.ExecuteNonQueryAsync(); result = true; } catch (Exception ex) { _logger.LogError($"Exception while inserting user: {ex.Message}"); result = false; } finally { if (_sqlConn.State == ConnectionState.Open) { await _sqlConn.CloseAsync(); } } return(result); }