//-> IsValidSession public bool IsValidSession(UserViewDTO userDTO) { //var session = EncryptString(userDTO.session); var session = CryptingHelper.EncryptString(userDTO.session); var user = db.tblUsers.FirstOrDefault(x => x.deleted == null && x.id == userDTO.id && x.session == session); if (user == null) { return(false); } return(true); }
//-> New public async Task<UserViewDTO> New(UserNewDTO newDTO) { newDTO = StringHelper.TrimStringProperties(newDTO); var checkRecord = await db.tblUsers.FirstOrDefaultAsync(x => x.deleted == null && x.userName == newDTO.userName); if (checkRecord != null) throw new HttpException((int)HttpStatusCode.BadRequest, ConstantHelper.LOGIN_NAME_EXIST); var record = (tblUser)MappingHelper.MapDTOToDBClass<UserNewDTO, tblUser>(newDTO, new tblUser()); record.createdDate = DateTime.Now; record.password = CryptingHelper.EncryptString("123"); db.tblUsers.Add(record); await db.SaveChangesAsync(); db.Entry(record).Reload(); return await SelectByID(record.id); }
//-> Change Password public async Task<UserViewDTO> ChangePassword(UserChangePasswordDTO changePasswordDTO) { var user = (UserViewDTO)HttpContext.Current.Session["user"]; var password = CryptingHelper.EncryptString(changePasswordDTO.password); var checkRecord = await db.tblUsers.FirstOrDefaultAsync(x => x.deleted == null && x.id == user.id && x.password == password); if (checkRecord == null) throw new HttpException((int)HttpStatusCode.BadRequest, ConstantHelper.INCORRECT_PASSWORD); if(changePasswordDTO.newPassword != changePasswordDTO.comfirmPassword) throw new HttpException((int)HttpStatusCode.BadRequest, ConstantHelper.PASSWORD_DOES_NOT_MATCH); checkRecord.password = CryptingHelper.EncryptString(changePasswordDTO.newPassword); await db.SaveChangesAsync(); return await SelectByID(checkRecord.id); }
//-> Login public async Task <UserViewDTO> Login(UserCredentialDTO crendential) { //string password = EncryptString(crendential.password); string password = CryptingHelper.EncryptString(crendential.password); var user = await db.tblUsers.FirstOrDefaultAsync(x => x.deleted == null && x.userName == crendential.userName && x.password == password); //var user = await db.tblUsers.FirstOrDefaultAsync(x => x.deleted == null && x.userName == crendential.userName); if (user == null) { return(null); } Guid token = Guid.NewGuid(); user.session = CryptingHelper.EncryptString(token.ToString()); await db.SaveChangesAsync(); var userView = MappingHelper.MapDBClassToDTO <tblUser, UserViewDTO>(user); userView.session = token.ToString(); //***// return(userView); }