public async Task <JsonResult> SignUp([FromBody] SignUpModel model)
{
var dbUser = await _dbContext.Users.FirstOrDefaultAsync(x => x.Login == model.Login)
.ConfigureAwait(false);
if (dbUser != null)
{
throw new Exception("Пользователь с таким логином уже существует");
}
// Хешируем пароли
var salt = PasswordHelpers.GenerateSalt();
var hash = PasswordHelpers.EncryptPassword(model.Pass, salt);
// Шифруем личные данные
var IV = PasswordHelpers.GetIV();
var firstName = PasswordHelpers.EncryptData(model.FirstName, IV);
var surName = PasswordHelpers.EncryptData(model.Surname, IV);
var email = PasswordHelpers.EncryptData(model.Email, IV);
var middleName = string.IsNullOrEmpty(model.MiddleName) ? null : PasswordHelpers.EncryptData(model.MiddleName, IV);
var birthdate = string.IsNullOrEmpty(model.BirthDate) ? null : PasswordHelpers.EncryptData(model.BirthDate, IV);
var city = string.IsNullOrEmpty(model.City) ? null : PasswordHelpers.EncryptData(model.City, IV);
var user = new User
{
Login = model.Login,
Pass = new Pass
{
Password = hash,
Salt = salt
},
IV = IV,
FirstName = firstName,
Surname = surName,
MiddleName = middleName,
City = city,
BirthDate = birthdate,
Email = email
};
await _dbContext.AddAsync(user)
.ConfigureAwait(false);
await _dbContext.SaveChangesAsync(true)
.ConfigureAwait(false);
return(new JsonResult(new OkResponse
{
message = "Регистрация пройдена успешно"
}));
}
public async Task <JsonResult> Update(MyPageModel model)
{
var dbUser = await _dbContext.GetUserAsync(User.Identity.Name, true)
.ConfigureAwait(false);
var passwordChanged = !string.IsNullOrEmpty(model.Pass);
if (passwordChanged)
{
var password = PasswordHelpers.EncryptPassword(model.CurrentPass, dbUser.Pass.Salt);
if (!PasswordHelpers.SlowEquals(password, dbUser.Pass.Password))
{
throw new Exception(TextResource.API_NoAccess);
}
var salt = PasswordHelpers.GenerateSalt();
var hash = PasswordHelpers.EncryptPassword(model.Pass, salt);
dbUser.Pass.Password = hash;
dbUser.Pass.Salt = salt;
}
var IV = dbUser.IV;
var firstName = PasswordHelpers.EncryptData(model.FirstName, IV);
var surName = PasswordHelpers.EncryptData(model.Surname, IV);
var email = PasswordHelpers.EncryptData(model.Email, IV);
var middleName = string.IsNullOrEmpty(model.MiddleName) ? null : PasswordHelpers.EncryptData(model.MiddleName, IV);
var birthdate = string.IsNullOrEmpty(model.BirthDate) ? null : PasswordHelpers.EncryptData(model.BirthDate, IV);
var city = string.IsNullOrEmpty(model.City) ? null : PasswordHelpers.EncryptData(model.City, IV);
dbUser.FirstName = firstName;
dbUser.Surname = surName;
dbUser.MiddleName = middleName;
dbUser.City = city;
dbUser.Email = email;
dbUser.BirthDate = birthdate;
_dbContext.Update(dbUser);
await _dbContext.SaveChangesAsync()
.ConfigureAwait(false);
var user = new
{
dbUser.Login,
FirstName = model.FirstName,
Surname = model.Surname,
MiddleName = model.MiddleName,
City = model.City,
Email = model.Email,
BirthDate = model.BirthDate
};
await _dbContext.GetUserAsync(User.Identity.Name, true)
.ConfigureAwait(false);
return(new JsonResult(new
{
status = HttpStatusCode.OK,
newUser = user,
passwordChanged = passwordChanged
}, _jsonOptions));
}