/// <summary>
/// user registration
/// </summary>
/// <param name="newUser"></param>
/// <returns></returns>
public SimpleAuthResult TryCreateUser(SimpleAuthUser newUser)
{
var hashedPassword = HashPassword(newUser.OriginPassword);
using (var context = new SimpleUserDbContext())
{
var userWithUserName = context.LoginUser.FirstOrDefault(x => x.UserName == newUser.UserName);
if (userWithUserName != null)
{
return(SimpleAuthResult.Fail(string.Format("user with name '{0}' already exists", newUser)));
}
var loginUser = new LoginUser()
{
UserName = newUser.UserName,
PasswordHash = hashedPassword,
Email = newUser.Email,
Phone = newUser.Phone
};
context.LoginUser.Add(loginUser);
context.SaveChanges();
return(SimpleAuthResult.Success());
}
}
public SimpleAuthResult <TokenEntity> UserCrendentialLogin(string username, string password)
{
using (var context = new SimpleUserDbContext())
{
var tryFindUser = context.LoginUser.FirstOrDefault(x => x.UserName == username);
if (tryFindUser == null)
{
return(SimpleAuthResult <TokenEntity> .Fail(string.Format("user name with '{0}' is not found .", username)));
}
var hashedPassword = HashPassword(password);
if (tryFindUser.PasswordHash != hashedPassword)
{
return(SimpleAuthResult <TokenEntity> .Fail("user password is not correct"));
}
if (_isSso)
{
_provider.RemoveTokenFor(tryFindUser.Id);
}
////issue a new token for password login
var newToken = _provider.CreateNew(tryFindUser.Id);
return(SimpleAuthResult <TokenEntity> .Success(newToken));
}
}
public SimpleAuthResult <TokenEntity> TokenLoginAndRefresh(string refreshToken)
{
var result = _provider.UpdateRefresh(refreshToken);
if (result.IsSuccess)
{
return(SimpleAuthResult <TokenEntity> .Success(result.NewToken));
}
else
{
return(SimpleAuthResult <TokenEntity> .Fail(result.Error));
}
}
public SimpleAuthResult TokenLogin(string accessToken)
{
var result = _provider.VerifyToken(accessToken);
if (result.IsSuccess)
{
return(SimpleAuthResult.Success());
}
else
{
return(SimpleAuthResult.Fail(result.Error));
}
}
public SimpleAuthResult ChangePassword(long userId, string oldpassword, string password, string confirmPassword)
{
if (string.IsNullOrWhiteSpace(oldpassword) ||
string.IsNullOrWhiteSpace(password) ||
string.IsNullOrWhiteSpace(confirmPassword))
{
return(SimpleAuthResult.Fail("password field can not be empty"));
}
using (var context = new SimpleUserDbContext())
{
var user = context.LoginUser.FirstOrDefault(x => x.Id == userId);
if (user == null)
{
return(SimpleAuthResult.Fail(string.Format("user with id '{0}' not found", userId)));
}
var hashedOldPassword = HashPassword(oldpassword);
if (hashedOldPassword != user.PasswordHash)
{
return(SimpleAuthResult.Fail("current password is incorrect."));
}
if (password != confirmPassword)
{
return(SimpleAuthResult.Fail("password does not match confirm password."));
}
//// apply more rules here
//// ...
var hashedPassword = HashPassword(password);
if (hashedPassword == user.PasswordHash)
{
return(SimpleAuthResult.Fail("password can not be same with current password."));
}
user.PasswordHash = hashedPassword;
context.SaveChanges();
return(SimpleAuthResult.Success());
}
}