public void RegisterUser(string email, string password, string firstName, string lastName) { // check duplication var dbUser = _dbContext.Users.SingleOrDefault(u => u.Email == email); if (dbUser != null) { throw new DuplicateNameException("You can not use this email address."); } else { // encoding password for security string encodedPassword = PasswordEncryptor.ComputeHash(password); var user = new User() { Email = email, Password = encodedPassword, FirstName = firstName, LastName = lastName, RegisterDate = DateTime.Now }; _dbContext.Users.Add(user); _dbContext.SaveChanges(); } }
public void UpdatePassword(int userId, string oldPassword, string newPassword) { var user = _dbContext.Users.Single(u => u.Id == userId); if (!ValidateUser(user.Email, oldPassword)) { throw new Exception("Your old password is wrong."); } user.Password = PasswordEncryptor.ComputeHash(newPassword); _dbContext.SaveChanges(); }