//Demander un unique email... e préremplir du provider si Oauth et disponible... (exemple Facebook).. comme il semble faire pour le username (a voir) public IUser CreateOrUpdateUser(IUser user) { if (String.IsNullOrEmpty(user.Name)) { throw new MembershipCreateUserException(MembershipCreateStatus.InvalidUserName); } //if (String.IsNullOrEmpty(user.Password)) throw new MembershipCreateUserException(MembershipCreateStatus.InvalidPassword); if (String.IsNullOrEmpty(user.Email)) { throw new MembershipCreateUserException(MembershipCreateStatus.InvalidEmail); } if (user.Id.IsNullOrEmpty()) // New user... { if (UserQueries.GetUserNameByEmail(user.Email) != null) { throw new MembershipCreateUserException(MembershipCreateStatus.DuplicateEmail); } if (UserQueries.Get(user.Name) != null) { throw new MembershipCreateUserException(MembershipCreateStatus.DuplicateUserName); } user.CreatedAt = DateTime.Now; } if (!user.ThirdPartyAuthenticationUserAccounts.Any() || !user.Password.IsNullOrEmpty()) { try { ValidatePassword(user.Name, user.Password); } catch { // not the smoothest approach, but the best // considering the inconsistent password failure handling. throw new MembershipCreateUserException(MembershipCreateStatus.InvalidPassword); } } var passwordInfo = new AccountPasswordInfo(user.Name, user.Password); user.Password = PasswordStrategy.Encrypt(passwordInfo); user.PasswordSalt = passwordInfo.PasswordSalt; var status = UserCommands.Register(user); if (status != MembershipCreateStatus.Success) { throw new MembershipCreateUserException(status); } return(user); }