public UserVm AddOrUpdate(UserVm userVm, ClaimsIdentity identity = null) { var message = Validation(userVm); if (message != String.Empty) { throw new Exception(message); } var user = Mapper.Map <User>(userVm); if (identity == null) { IsUserExist(user); user.RegistrationDate = DateTime.UtcNow.AddHours(2); user.IsVerifiedEmail = false; var userHash = PasswordHashService.HashPassword(userVm.password); user.PasswordHash = userHash.PasswordHash; user.Salt = userHash.Salt; _dbContext.Add(user); } else if (GetUserName(identity) == user.UserName) { User userDb = _dbContext.Users.FirstOrDefault(u => u.UserName == userVm.username); user.RegistrationDate = userDb.RegistrationDate; if (PasswordHashService.ValidatePassword(userVm.password, userDb) || userVm.password == userDb.PasswordHash) { user.PasswordHash = userDb.PasswordHash; user.Salt = userDb.Salt; } else { var userHash = PasswordHashService.HashPassword(userVm.password); user.PasswordHash = userHash.PasswordHash; user.Salt = userHash.Salt; } _dbContext.Entry(userDb).State = EntityState.Detached; _dbContext.Update(user); } else if (GetUserName(identity) != user.UserName) { throw new Exception("User is invalid."); } _dbContext.SaveChanges(); userVm = Mapper.Map <UserVm>(user); return(userVm); }
public User AuthenticateUser(User login) { User user = _dbContext.Users.FirstOrDefault(u => u.UserName == login.UserName); if (user == null) { return(null); } if (login.UserName.ToUpper() == user.UserName.ToUpper() && (PasswordHashService.ValidatePassword(login.PasswordHash, user) || login.PasswordHash == user.PasswordHash)) { return(user); } return(null); }
public async Task <bool> ForgottenPassword(string email) { var user = await _dbContext.Users .Where(u => u.Email.ToUpper() == email.ToUpper()) .FirstOrDefaultAsync(); if (user == null) { throw new Exception("Email address does not exist."); } Random random = new Random(); string newPassword = String.Empty; for (int i = 0; i < 16; i++) { newPassword += (char)(random.Next() % 43 + 48); } User userHash = PasswordHashService.HashPassword(newPassword); user.PasswordHash = userHash.PasswordHash; user.Salt = userHash.Salt; var text = @$ "Cześć, {user.FirstName}. Oto Twoje nowe hasło: {newPassword} Pozdrawiamy Super Kawiarnia XYZ"; if (await SendEmail(user, text, "Odzyskiwanie hasła Super Kawiarnia XYZ") == false) { throw new Exception("Email wasn't send. Try again."); } _dbContext.Users.Update(user); await _dbContext.SaveChangesAsync(); return(true); }