public bool Put(AccountPasswordResetModel model)
{
using (DatabaseContext context = Util.CreateContext())
{
var smsConfirmationCode = (from c in context.SmsConfirmationCodes
where c.MobileNumber == model.MobileNumber
orderby c.Created descending
select c).FirstOrDefault();
if (smsConfirmationCode == null || smsConfirmationCode.ConfirmationCode != model.Code)
{
return(false);
}
string salt = PWDTK.GetRandomSaltHexString();
byte[] saltBytes = PWDTK.HashHexStringToBytes(salt);
string passwordHash = PWDTK.PasswordToHashHexString(saltBytes, model.Password);
var account = (from a in context.Accounts
where a.Email == model.MobileNumber || a.Phone == model.MobileNumber
select a).FirstOrDefault();
if (account == null)
{
return(false);
}
account.Salt = salt;
account.PasswordHash = passwordHash;
context.SmsConfirmationCodes.Remove(smsConfirmationCode);
context.SaveChanges();
return(true);
}
}
internal Guid CreateAccount(AccountCreateInfo model, bool isAdmin = false)
{
using (DatabaseContext context = Util.CreateContext())
{
string passwordHash = "";
string salt = "";
if (String.IsNullOrEmpty(model.FacebookUserId)) //if not a facebook user, hex password.
{
salt = PWDTK.GetRandomSaltHexString();
byte[] saltBytes = PWDTK.HashHexStringToBytes(salt);
passwordHash = PWDTK.PasswordToHashHexString(saltBytes, model.Password);
}
string role = isAdmin ? "Administrator" : "User";
Account account = new Account
{
Guid = Guid.NewGuid(),
Username = model.Username,
FacebookUserId = model.FacebookUserId,
Salt = salt,
PasswordHash = passwordHash,
Roles = JsonConvert.SerializeObject(new string[] { role }),
Phone = model.Phone,
LanguageCode = model.LanguageCode,
IsActive = true,
Created = DateTime.UtcNow,
LastLogin = DateTime.UtcNow
};
context.Accounts.Add(account);
context.SaveChanges();
return(account.Guid);
}
}