public void Delete(int userId)
{
DATA.User user = _context.Users.First(u => u.Id == userId);
_context.Users.Remove(user);
_context.SaveChanges();
}
private static void UnhashPassword(string password, DATA.User user, out byte[] hashBytes, out byte[] hash)
{
hashBytes = Convert.FromBase64String(user.Password);
byte[] salt = new byte[16];
Array.Copy(hashBytes, 0, salt, 0, 16);
var pbkdf2 = new Rfc2898DeriveBytes(password, salt, 10000);
hash = pbkdf2.GetBytes(20);
}
public User GetByUsername(string userName)
{
DATA.User user = _context.Users.FirstOrDefault(u => u.Username == userName);
if (user == null)
{
throw new ServiceException("User not found.");
}
return(CreateUser(user));
}
private static User CreateUser(DATA.User user)
{
return(new User()
{
Id = user.Id,
Username = user.Username,
Email = user.Email,
FirstName = user.FirstName,
LastName = user.LastName,
Role = user.Role.ToString(),
State = user.AccountState.ToString()
});
}
public LoginResult Login(string userName, string password)
{
DATA.User user = _context.Users.FirstOrDefault(u => u.Username == userName);
if (user == null)
{
throw new ServiceException("Wrong username or passowrd");
}
byte[] hashBytes, hash;
UnhashPassword(password, user, out hashBytes, out hash);
ValidatePassword(hashBytes, hash);
if (user.AccountState == DATA.AccountState.Pending)
{
throw new ServiceException("Your account is not approved yet. Please try again later.");
}
if (user.AccountState == DATA.AccountState.Denied)
{
throw new ServiceException("Your account is denied.");
}
var result = new LoginResult
{
UserId = user.Id,
Username = user.Username
};
switch (user.Role)
{
case DATA.AccountRole.Administrator:
result.IsAdministrator = true;
break;
case DATA.AccountRole.Support:
result.IsSupport = true;
break;
case DATA.AccountRole.Client:
result.IsClient = true;
break;
}
return(result);
}
public void Create(CreateUserModel model)
{
if (string.IsNullOrEmpty(model.FirstName))
{
throw new ServiceException("Your first name cannot be empty.");
}
if (string.IsNullOrEmpty(model.LastName))
{
throw new ServiceException("Your last name cannot be empty.");
}
if (string.IsNullOrEmpty(model.UserName))
{
throw new ServiceException("Your username cannot be empty.");
}
if (_context.Users.Any(u => u.Username == model.UserName))
{
throw new ServiceException("The username you have chosen already exists.");
}
if (string.IsNullOrEmpty(model.Email))
{
throw new ServiceException("The email cannot be empty");
}
var regex = new Regex(@"^([0-9a-zA-Z_]([_+-.\w]*[0-9a-zA-Z_])*@([0-9a-zA-Z][-\w]*[0-9a-zA-Z]\.)+[a-zA-Z]{2,9})$");
Match match = regex.Match(model.Email);
if (!match.Success)
{
throw new ServiceException("The email you enterted is in incorrect format");
}
if (model.UserName.Length < 3)
{
throw new ServiceException("The username should be more than 2 characters");
}
string password = HashPassword(model.Passowrd);
DATA.User user = new DATA.User();
if (model.AccountState != AccountState.Pending)
{
user = new DATA.User
{
Username = model.UserName,
Password = password,
Email = model.Email,
FirstName = model.FirstName,
LastName = model.LastName
};
if (model.AccountState == AccountState.Approved)
{
user.AccountState = DATA.AccountState.Approved;
}
else
{
user.AccountState = DATA.AccountState.Denied;
}
_context.Add(user);
_context.SaveChanges();
}
else
{
user = new DATA.User
{
Username = model.UserName,
Password = password,
Email = model.Email,
FirstName = model.FirstName,
LastName = model.LastName,
AccountState = DATA.AccountState.Pending
};
_context.Add(user);
_context.SaveChanges();
}
}
public User GetByUserId(int userId)
{
DATA.User user = _context.Users.FirstOrDefault(u => u.Id == userId);
return(CreateUser(user));
}