public ActionResult Register(UserModel inModel)
{
// 2. valididate the fields have the correct data otherwise (if) send error to user and have
// them redo the input
// data annotations for validation in MVC
// valid state, validation passed
if (ModelState.IsValid)
{
// 3. send the input down to the database and check for duplicate username
// 3.a create new bll object
UserOperationsBLL _userOperationsBLL = new UserOperationsBLL(base.Connection);
// 3.b need to convert UserModel object to User object
LibraryCommon.DataEntity.User _user = Mapper.UserModelToUser(inModel);
// 3.c pass the user object down to bll layer
Result _result = _logic.RegisterUser(_user);
inModel.DialogMessage = _result.Message;
inModel.DialogMessageType = _result.Type.ToString();
return(View(inModel));
}
// validation failed, have the user redo the form
else
{
return(View(inModel));
}
}
internal static LibraryCommon.DataEntity.User LoginModelToUser(LoginModel inModel)
{
// TODO: mapping
LibraryCommon.DataEntity.User _user = new LibraryCommon.DataEntity.User();
_user.UserName = inModel.Username;
_user.Password = inModel.Password;
return(_user);
}
private LibraryCommon.DataEntity.User HashUser(LibraryCommon.DataEntity.User u)
{
LibraryCommon.DataEntity.User _returnUser = new LibraryCommon.DataEntity.User();
_returnUser = u;
string salt = Guid.NewGuid().ToString();
string saltAndPassword = salt + u.Password;
string _hashed = _hash.HashedValue(saltAndPassword);
_returnUser.Password = _hashed;
_returnUser.Salt = salt;
return(_returnUser);
}
internal static UserModel UserToUserModel(LibraryCommon.DataEntity.User inUser)
{
UserModel _userModel = new UserModel();
_userModel.FirstName = inUser.FirstName;
_userModel.LastName = inUser.LastName;
_userModel.Password = inUser.Password;
_userModel.RoleId = inUser.RoleID_FK;
_userModel.RoleName = Mapper.RoleIdToRoleName(inUser.RoleID_FK);
_userModel.UserId = inUser.UserID;
_userModel.Username = inUser.UserName;
return(_userModel);
}
public ResultUser LoginUserPassThru(LibraryCommon.DataEntity.User inUser)
{
ResultUser r = new ResultUser();
string _hashed = "", _salt = "";
Hasher _hasher = new Hasher();
// 1. get the users
List <LibraryCommon.DataEntity.User> _list = _data.GetUsers();
// 2. find this user by username , assume there's not dups
LibraryCommon.DataEntity.User _foundUser = _list.Where(u => u.UserName == inUser.UserName).
FirstOrDefault();
// 3. if user match is found, get the salt
if (_foundUser != null)
{
_salt = _foundUser.Salt;
// 4. run hash process for this password with the salt
_hashed = _hasher.HashedValue(_salt + inUser.Password);
}
else
{
// no found user, no salt
}
// 5. compare the hashes
if (_hashed == _foundUser.Password)
{
// 6. if match, we have a user with a role
r.User = _foundUser;
r.Type = ResultType.Success;
}
else
{
// 7. otherwise no match and return a error message
r.User = null;
r.Message = "Username not found or password did not match.";
r.Type = ResultType.Failure;
}
return(r);
}
public ActionResult Login(LoginModel inModel)
{
if (ModelState.IsValid)
{
// 3. send the input down to the database and check for username/password
// 3.a create new bll object
//UserOperationsBLL _logic = new UserOperationsBLL(base.Connection);
// 3.b need to convert LoginModel object to User object
LibraryCommon.DataEntity.User _user = Mapper.LoginModelToUser(inModel);
// 3.c pass the user object down to bll layer
//ResultUsers _result = _userOperationsBLL.LoginUser(_user);
ResultUser _result = _logic.LoginUserPassThru(_user);
if (_result.Type == ResultType.Success)
{
UserModel _userModel = Mapper.UserToUserModel(_result.User);
// store the userModel in Global session
Session["UserSession"] = _userModel;
// Advanced Auth LMS
// Session["AUTHUsername"] = _userModel.Username;
// Session["AUTHRoles"] = _userModel.RoleName;
return(RedirectToAction("Search", "Home"));
}
else
{
inModel.DialogMessage = _result.Message;
inModel.DialogMessageType = _result.Type.ToString();
return(View(inModel));
}
}
// validation failed, have the user redo the form
else
{
return(View(inModel));
}
}
public void CreateUserPassThru(LibraryCommon.DataEntity.User inUser)
{
LibraryCommon.DataEntity.User u = HashUser(inUser);
_data.CreateUser(u);
}
public Result RegisterUser(LibraryCommon.DataEntity.User user)
{
throw new NotImplementedException();
}
public void DeleteUserPassThru(LibraryCommon.DataEntity.User u)
{
_data.DeleteUser(u);
}
