public Result Update(AdministratorEntity entity)
{
var con = new DapperConnectionManager();
var query = new QueryEntity();
var result = new Result();
if (!string.IsNullOrEmpty(entity.Password))
{
if (entity.Password.Length < 6)
{
result = new Result(false);
result.Message = "Password length invalid";
return(result);
}
var credentials = new CredentialsManager();
var hash = credentials.GenerateSalt();
entity.Password = credentials.EncodePassword(entity.Password, hash);
entity.Hash = hash;
query.Query = @"UPDATE Administrators set Name = @Name, Password = @Password, Hash = @Hash where AdministratorId = @AdministratorId";
}
else
{
query.Query = @"UPDATE Administrators set Name = @Name where AdministratorId = @AdministratorId";
}
query.Entity = entity;
result = con.ExecuteQuery(query);
result.Message = result.Success ? "The Adminsitrator has been updated" : "An error occurred";
result.Entity = entity.AdministratorId;
return(result);
}
public Result Insert(AdministratorEntity entity, bool seal = false)
{
var result = new Result();
if (entity.Password.Length < 6)
{
result = new Result(false);
result.Message = "Password length invalid";
return(result);
}
var con = new DapperConnectionManager();
var query = new QueryEntity();
var credentials = new CredentialsManager();
var hash = credentials.GenerateSalt();
entity.Password = credentials.EncodePassword(entity.Password, hash);
entity.Hash = hash;
entity.Username = entity.Username.Trim().ToLower();
entity.Sealed = seal;
query.Entity = entity;
query.Query = @"INSERT INTO Administrators (Username, Password, Hash, Sealed, Name) VALUES(@Username, @Password, @Hash, @Sealed, @Name)";
result = con.InsertQuery(query);
result.Message = result.Success ? "The administrator has been created" : "An error occurred";
result.Entity = entity;
return(result);
}
public Result Login(UserEntity entity)
{
var result = new Result();
try
{
var con = new DapperConnectionManager();
var query = new QueryEntity();
var credentials = new CredentialsManager();
entity.Email = entity.Email.Trim().ToLower();
query.Query = @"SELECT * FROM Users
where Email = @Email and Active = 1 and ApnaUser = 0";
query.Entity = entity;
result = con.ExecuteQuery <UserEntity>(query);
if (!result.Success)
{
result.Message = "Login error";
return(result);
}
var r = (IEnumerable <UserEntity>)result.Entity;
var user = r.FirstOrDefault();
if (user == null)
{
result.Message = "Invalid password or user";
result.Success = false;
result.Entity = null;
return(result);
}
var password = credentials.EncodePassword(entity.Password, user.Hash);
if (password == user.Password)
{
user.Hash = null;
user.Password = null;
user.Token = credentials.GenerateUserToken(user);
result.Entity = user;
return(result);
}
result.Entity = null;
result.Message = "User not found";
result.Success = false;
}
catch (Exception ex)
{
Logger.Log(ex);
result.Entity = null;
result = result ?? new Result(false);
result.Message = "An error occurred";
}
return(result);
}
public Result LogIn(AdministratorEntity entity)
{
var con = new DapperConnectionManager();
var query = new QueryEntity();
var credentials = new CredentialsManager();
entity.Username = entity.Username.Trim().ToLower();
query.Query = @"SELECT * FROM Administrators
where Username = @Username";
query.Entity = entity;
var result = con.ExecuteQuery <AdministratorEntity>(query);
if (!result.Success)
{
result.Message = "Login error";
return(result);
}
var r = (IEnumerable <AdministratorEntity>)result.Entity;
var admin = r.FirstOrDefault();
if (admin == null)
{
result.Message = "User not found";
result.Success = false;
return(result);
}
var password = credentials.EncodePassword(entity.Password, admin.Hash);
if (password == admin.Password)
{
admin.Hash = null;
admin.Password = null;
admin.Token = credentials.GenerateAdminToken(admin);
result.Entity = admin;
return(result);
}
result.Message = "Incorrect password";
result.Success = false;
return(result);
}
private Result RegisterUserApna(UserEntity entity, DapperConnectionManager con)
{
var query = new QueryEntity();
entity.CreateDate = DateTime.Now;
entity.ModifyDate = DateTime.Now;
var credentials = new CredentialsManager();
var hash = credentials.GenerateSalt();
var hash2 = credentials.GenerateSalt();
var password = credentials.EncodePassword(hash2, hash);
entity.Hash = hash;
entity.Password = password;
entity.ApnaUser = true;
query.Entity = entity;
query.Query = @"INSERT INTO Users (Email, Name, Password, Hash, CreateDate, ModifyDate, ApnaMemberId, Country, Suburb, State, PostalCode, ApnaUser)
VALUES(@Email, @Name, @Password, @Hash, @CreateDate, @ModifyDate, @ApnaMemberId, @Country, @Suburb, @State, @PostalCode, @ApnaUser )";
var result = con.InsertQuery(query);
if (result.Success)
{
entity.UserId = (int)result.Entity;
entity.Password = "";
entity.Hash = "";
entity.Token = credentials.GenerateUserToken(entity);
result.Entity = entity;
Task.Run(() => new EmailManager().SendEmail(entity.Email, DL.Models.EmailType.Welcome, new
{
CurrentUserName = entity.Name,
CurrentUserEmail = entity.Email
}));
}
return(result);
}
public Result ChangePassword(UserEntity entity)
{
var result = new Result();
try
{
var credentials = new CredentialsManager();
var con = new DapperConnectionManager();
var query = new QueryEntity();
//GET the user to check password
query.Query = @"SELECT * FROM Users
where UserId = @UserId and Active = 1";
query.Entity = entity;
result = con.ExecuteQuery <UserEntity>(query);
if (!result.Success)
{
result.Entity = null;
result.Message = "Validation error";
return(result);
}
var r = (IEnumerable <UserEntity>)result.Entity;
var user = r.FirstOrDefault();
if (user == null)
{
result.Entity = null;
result.Message = "Validation error";
result.Success = false;
return(result);
}
var password = credentials.EncodePassword(entity.Password, user.Hash);
if (password != user.Password)
{
result.Entity = null;
result.Message = "Invalid password";
result.Success = false;
return(result);
}
var newHash = credentials.GenerateSalt();
entity.Hash = newHash;
entity.Password = credentials.EncodePassword(entity.NewPassword, newHash);
query.Query = @"Update Users Set Password = @Password, Hash = @Hash
where UserId = @UserId";
query.Entity = new { UserId = entity.UserId, Hash = entity.Hash, Password = entity.Password };
result = con.ExecuteQuery <UserEntity>(query);
result.Message = result.Success ? "The user password has been updated" : "An error has occurred";
}
catch (Exception ex)
{
Logger.Log(ex);
result = result ?? new Result(false);
result.Message = "An error occurred";
throw;
}
return(result);
}
public Result Register(UserEntity entity)
{
var result = new Result();
try
{
if (entity.Password.Length < 6)
{
result = new Result(false);
result.Message = "Password length invalid";
return(result);
}
var con = new DapperConnectionManager();
var query = new QueryEntity();
var credentials = new CredentialsManager();
var hash = credentials.GenerateSalt();
entity.Password = credentials.EncodePassword(entity.Password, hash);
entity.Hash = hash;
if (!entity.Email.Contains("@") || entity.Email.Length < 3)
{
result = new Result(false);
result.Message = "Email invalid";
return(result);
}
entity.Email = entity.Email.Trim().ToLower();
var queryCheckEmail = new QueryEntity()
{
Entity = new { Email = entity.Email },
Query = @"SELECT Email from Users where Email = @Email and Active = 1"
};
var resultCheckEmail = con.ExecuteQuery <UserEntity>(queryCheckEmail);
if (!resultCheckEmail.Success)
{
resultCheckEmail.Entity = null;
resultCheckEmail.Success = false;
resultCheckEmail.Message = "An error occurred";
return(resultCheckEmail);
}
var checkEmail = (IEnumerable <UserEntity>)resultCheckEmail.Entity;
if (checkEmail.Any())
{
resultCheckEmail.Entity = null;
resultCheckEmail.Success = false;
resultCheckEmail.Message = "The email is currently in use";
return(resultCheckEmail);
}
entity.CreateDate = DateTime.Now;
entity.ModifyDate = DateTime.Now;
query.Entity = entity;
query.Query = @"INSERT INTO Users (Email, Name, Password, Hash, CreateDate, ModifyDate) VALUES(@Email, @Name, @Password, @Hash, @CreateDate, @ModifyDate)";
result = con.InsertQuery(query);
if (result.Success)
{
entity.UserId = (int)result.Entity;
entity.Password = "";
entity.Hash = "";
entity.Token = credentials.GenerateUserToken(entity);
result.Entity = entity;
Task.Run(() => new EmailManager().SendEmail(entity.Email, DL.Models.EmailType.Welcome, new {
CurrentUserName = entity.Name,
CurrentUserEmail = entity.Email
}));
}
result.Message = result.Success ? "The user has been created" : "An error occurred";
}
catch (Exception ex)
{
if (result == null)
{
result = new Result();
}
Logger.Log(ex);
result.Entity = null;
result.Success = false;
result.Message = "An error occurred";
}
return(result);
}
public Result ResetPassword(EmployerEntity entity)
{
var result = new Result();
try
{
//Double validation
var credentials = new CredentialsManager();
result = credentials.ValidateUserToken(entity.Token, true);
if (!result.Success)
{
return(result);
}
var employer = (EmployerEntity)result.Entity;
var con = new DapperConnectionManager();
var query = new QueryEntity();
//GET the user to check password
query.Query = @"SELECT * FROM Employers
where EmployerID = @EmployerID and Active = 1";
query.Entity = employer;
result = con.ExecuteQuery <EmployerEntity>(query);
if (!result.Success)
{
result.Message = "Validation error";
return(result);
}
var r = (IEnumerable <EmployerEntity>)result.Entity;
employer = r.FirstOrDefault();
if (employer == null)
{
result.Message = "Validation error";
result.Success = false;
return(result);
}
var newHash = credentials.GenerateSalt();
entity.Hash = newHash;
entity.Password = credentials.EncodePassword(entity.Password, newHash);
query.Query = @"Update Employers Set Password = @Password, Hash = @Hash
where EmployerID = @EmployerID";
query.Entity = new { EmployerID = employer.EmployerId, Hash = entity.Hash, Password = entity.Password };
result = con.ExecuteQuery(query);
result.Message = result.Success ? "The user password has been updated" : "An error has occurred";
}
catch (Exception ex)
{
Logger.Log(ex);
result = result ?? new Result(false);
result.Message = "An error occurred";
throw;
}
return(result);
}
