public void RegisterUser(string email, string password, string firstName, string lastName)
{
// check duplication
var dbUser = _dbContext.Users.SingleOrDefault(u => u.Email == email);
if (dbUser != null)
{
throw new DuplicateNameException("You can not use this email address.");
}
else
{
// encoding password for security
string encodedPassword = PasswordEncryptor.ComputeHash(password);
var user = new User()
{
Email = email,
Password = encodedPassword,
FirstName = firstName,
LastName = lastName,
RegisterDate = DateTime.Now
};
_dbContext.Users.Add(user);
_dbContext.SaveChanges();
}
}
public void UpdatePassword(int userId, string oldPassword, string newPassword)
{
var user = _dbContext.Users.Single(u => u.Id == userId);
if (!ValidateUser(user.Email, oldPassword))
{
throw new Exception("Your old password is wrong.");
}
user.Password = PasswordEncryptor.ComputeHash(newPassword);
_dbContext.SaveChanges();
}
