//Demander un unique email... e préremplir du provider si Oauth et disponible... (exemple Facebook).. comme il semble faire pour le username (a voir)
public IUser CreateOrUpdateUser(IUser user)
{
if (String.IsNullOrEmpty(user.Name))
{
throw new MembershipCreateUserException(MembershipCreateStatus.InvalidUserName);
}
//if (String.IsNullOrEmpty(user.Password)) throw new MembershipCreateUserException(MembershipCreateStatus.InvalidPassword);
if (String.IsNullOrEmpty(user.Email))
{
throw new MembershipCreateUserException(MembershipCreateStatus.InvalidEmail);
}
if (user.Id.IsNullOrEmpty()) // New user...
{
if (UserQueries.GetUserNameByEmail(user.Email) != null)
{
throw new MembershipCreateUserException(MembershipCreateStatus.DuplicateEmail);
}
if (UserQueries.Get(user.Name) != null)
{
throw new MembershipCreateUserException(MembershipCreateStatus.DuplicateUserName);
}
user.CreatedAt = DateTime.Now;
}
if (!user.ThirdPartyAuthenticationUserAccounts.Any() || !user.Password.IsNullOrEmpty())
{
try
{
ValidatePassword(user.Name, user.Password);
}
catch
{
// not the smoothest approach, but the best
// considering the inconsistent password failure handling.
throw new MembershipCreateUserException(MembershipCreateStatus.InvalidPassword);
}
}
var passwordInfo = new AccountPasswordInfo(user.Name, user.Password);
user.Password = PasswordStrategy.Encrypt(passwordInfo);
user.PasswordSalt = passwordInfo.PasswordSalt;
var status = UserCommands.Register(user);
if (status != MembershipCreateStatus.Success)
{
throw new MembershipCreateUserException(status);
}
return(user);
}
