/// <summary> /// Creates the user in the system and returns the system generated username /// </summary> /// <param name="useModelUserName">If true then try to use <see cref="UserModel"/> instance Username if it exists. Otherwise fall back to building a user name. </param> public string CreateUser(UserModel userModel, string storeName, string password, bool active, bool useModelUserName) { var authorizationManager = new AuthorizationManager(storeName); string username = CreateUniqueUserName(userModel.FirstName, userModel.MiddleInitial, userModel.LastName); username = (useModelUserName && !string.IsNullOrWhiteSpace(userModel.Username)) ? userModel.Username : username; //register the user //try to get the dbuser, and if they arlready exists, just create the account, otherwise create the user and account. if (!authorizationManager.InAuthorizationSystem(username)) { WebSecurity.CreateUserAndAccount(username, password, new { FirstName = userModel.FirstName, MiddleName = userModel.MiddleInitial, LastName = userModel.LastName, Phone = userModel.PhoneNumber, Email = userModel.EmailAddress, CreatedDate = DateTime.Now, RequirePasswordReset = true }); } else { //only create them if they dont already exist if (!WebSecurity.UserExists(username)) { //create them WebSecurity.CreateAccount(username, password); } } //update their profile //set the models username now that we have it userModel.Username = username; UpdateUserProfile(userModel, active); //now force them to change their pw on next login UpdateUserPasswordReset(username, true); //add the password to the password history so they cant set it back ot the default var pwMGr = new PasswordManager(username); pwMGr.AddPasswordToHistory(password); //now add them to the default group for this store they will have access to authorizationManager.AddGroupMember(Constants.Security.DefaultStoreGroupName, username); //update the caching table to include this person int userID = GetUserId(userModel.Username); authorizationManager.AddCustomerAccess(userID); //have to check to see if groupname is null - otherwise we throw an error if (!string.IsNullOrEmpty(userModel.Role)) { // now add them to the specific group for this store they will have access to authorizationManager.AddGroupMember(userModel.Role, username); } return(username); }