public static void SetPassword(ref User user, string password)
{
// a new password hash is generated from a generated salt with the passed settings
user.Password = user.Password = CryptoService.Compute(password, SaltSize, HashIterations);
// assigning the generated salt to the user
user.Salt = CryptoService.Salt;
}
public static bool ValidatePassword(User user, string password)
{
// hash the password with the saved salt for that user
var hashed = CryptoService.Compute(password, user.Salt);
// return true if both hashes are the same
return hashed == user.Password;
}
private static List<Comment> Comments(User user, string thingId, int max, RandomGenerator randomGenerator)
{
var list = new List<Comment>();
for (var i = 0; i < max; i++)
{
list.Add(new Comment()
{
ThingId = thingId,
UserId = user.Id,
Username = user.Username,
Email = user.Email,
Description = randomGenerator.Phrase(200),
CreationDate = randomGenerator.Next(DateTime.UtcNow.AddDays(-30), DateTime.UtcNow)
});
}
return list;
}
/// <summary>
/// Stores the specified open id.
/// </summary>
/// <param name="openId">The open id.</param>
/// <param name="userName">Name of the user.</param>
/// <param name="fullName">The full name.</param>
/// <param name="email">The email.</param>
/// <param name="password">The password.</param>
/// <returns>
/// The validated user.
/// </returns>
public User Store(OpenId openId, string userName, string fullName, string email, string password)
{
// the user might not have provided an openid. This could be empty.
// conditions
Condition.Requires(userName).IsNotNullOrWhiteSpace();
Condition.Requires(fullName).IsNotNullOrWhiteSpace();
var hasOpenId = !string.IsNullOrWhiteSpace(openId.OpenIdClaim);
// triggered condition
if (hasOpenId)
{
// fix the provider if we can
GetProvider(ref openId);
// check has email! maybe this should be an absolute requirement anyway.
if (IsVerifiedEmailProvider(openId.OpenIdClaim))
{
Condition.Requires(email).IsNotNullOrWhiteSpace();
}
}
// Lets find an existing user for the provider OR the email address if the provider doesn't exist. If this was a signup without openid then just check the email.
var user = hasOpenId ?
DocumentSession.Query<User>().SingleOrDefault(
x =>
x.OpenIds.Any(
y => y.OpenIdClaim == openId.OpenIdClaim && y.OpenIdProvider == openId.OpenIdProvider))
?? DocumentSession.Query<User>().SingleOrDefault(x => x.Email == email) : DocumentSession.Query<User>().SingleOrDefault(x => x.Email == email);
// if user exists
if (user != null)
{
// User exists, so lets update the OpenId data, for this user.
if (user.OpenIds != null)
{
var existingProvider = user.OpenIds.SingleOrDefault(x => x.OpenIdProvider == openId.OpenIdProvider);
if (existingProvider != null)
{
user.OpenIds.Remove(existingProvider);
}
}
else
{
user.OpenIds = new List<OpenId>();
}
user.OpenIds.Add(openId);
}
else
{
// Ok. No user at all. We create one and store it.
user = new User
{
Username = userName,
Email = email,
Id = null,
FullName = fullName,
CreationDate = DateTimeOffset.Now,
IsActive = true,
OAuthData = new List<OAuthData>(),
OpenIds = new List<OpenId>(),
FavoriteTags = new List<string> { "ravendb", "c#", "asp.net-mvc3" } // obviously this needs to be changed....
};
if (hasOpenId)
{
// add the openid
user.OpenIds.Add(openId);
}
// set the user's password
HashPassword.SetPassword(ref user, password);
}
DocumentSession.Store(user);
DocumentSession.SaveChanges();
return user;
}
/// <summary>
/// Stores the specified user.
/// </summary>
/// <param name="oAuthData">The o auth data.</param>
/// <param name="userName">Name of the user.</param>
/// <param name="fullName">The full name.</param>
/// <param name="email">The email.</param>
/// <returns>
/// The validated user.
/// </returns>
public User Store(OAuthData oAuthData, string userName, string fullName, string email)
{
// Lets find an existing user for the provider OR the email address if the provider doesn't exist.
User user = DocumentSession.Query<User>()
.SingleOrDefault(x =>
x.OAuthData.Any(y => y.Id == oAuthData.Id && y.OAuthProvider == oAuthData.OAuthProvider)) ??
DocumentSession.Query<User>().SingleOrDefault(x => x.Email == email);
if (user != null)
{
// User exists, so lets update the OAuth data, for this user.
if (user.OAuthData != null)
{
OAuthData existingProvider =
user.OAuthData.SingleOrDefault(x => x.OAuthProvider == oAuthData.OAuthProvider);
if (existingProvider != null)
{
user.OAuthData.Remove(existingProvider);
}
}
else
{
user.OAuthData = new List<OAuthData>();
}
user.OAuthData.Add(oAuthData);
}
else
{
// Ok. No user at all. We create one and store it.
user = new User
{
Username = userName,
Email = email,
Id = null,
FullName = fullName,
CreationDate = DateTime.UtcNow,
IsActive = true,
OAuthData = new List<OAuthData>(),
FavoriteTags = new List<string> { "ravendb", "c#", "asp.net-mvc3" }
};
user.OAuthData.Add(oAuthData);
}
DocumentSession.Store(user);
DocumentSession.SaveChanges();
return user;
}