public IResult ChangePassword(int userId, string currentPassword, string newPassword)
{
var errorResult = BusinessEngine.Run(
CheckIfPasswordDoesNotContainVarietyOfCharacters(newPassword)
);
if (errorResult != null)
{
return(new ErrorResult(errorResult.Message));
}
var user = _userService.GetById(userId).Data;
//if (user == null) {
// return new ErrorResult(Messages.UserNotFound);
//}
if (!HashingTool.VerifyPasswordHash(currentPassword, user.PasswordHash, user.PasswordSalt))
{
return(new ErrorResult(Messages.WrongPassword));
}
byte[] passwordHash, passwordSalt;
HashingTool.HashPassword(newPassword, out passwordHash, out passwordSalt);
user.PasswordHash = passwordHash;
user.PasswordSalt = passwordSalt;
_userService.Update(user);
return(new SuccessResult(Messages.PasswordChanged));
}
// TODO Password constraints (min length etc.)
public IDataResult <User> Register(UserRegisterDto userRegisterDto)
{
byte[] passwordHash, passwordSalt;
HashingTool.HashPassword(userRegisterDto.Password, out passwordHash, out passwordSalt);
var user = new User {
FirstName = userRegisterDto.FirstName,
LastName = userRegisterDto.LastName,
Email = userRegisterDto.Email,
PasswordHash = passwordHash,
PasswordSalt = passwordSalt,
Status = true
};
_userManager.Add(user);
return(new SuccessDataResult <User>(user, Messages.RegisterSuccessful));
}
public IDataResult <User> Register(UserRegisterDto userRegisterDto)
{
var errorResult = BusinessEngine.Run(
CheckIfPasswordDoesNotContainVarietyOfCharacters(userRegisterDto.Password),
CheckIfCustomerWithCompanyNameAlreadyExists(userRegisterDto.CompanyName)
);
if (errorResult != null)
{
return(new ErrorDataResult <User>(errorResult.Message));
}
byte[] passwordHash, passwordSalt;
HashingTool.HashPassword(userRegisterDto.Password, out passwordHash, out passwordSalt);
var user = new User {
FirstName = userRegisterDto.FirstName,
LastName = userRegisterDto.LastName,
Email = userRegisterDto.Email,
PasswordHash = passwordHash,
PasswordSalt = passwordSalt,
Status = true
};
_userService.Add(user);
var customer = new Customer {
UserId = user.Id,
CompanyName = userRegisterDto.CompanyName
};
_customerService.Add(customer);
_userService.AddOperationClaim(user, "user");
return(new SuccessDataResult <User>(user, Messages.RegisterSuccessful));
}