public ActionResult Start(StartRegistrationModel startRegistrationModel) { if (_repository.GetAll<User>().Any(x => x.Username == startRegistrationModel.Username)) { ModelState.AddModelError("Username", "Username is already in use"); } if (_repository.GetAll<User>().Any(x => x.EmailAddress == startRegistrationModel.EmailAddress)) { ModelState.AddModelError("EmailAddress", "Email address is already in use"); } if (ModelState.IsValid) { var verificationCode = Cryptography.RandomString(12); var user = new Registration { Id = Guid.NewGuid(), Username = startRegistrationModel.Username, EmailAddress = startRegistrationModel.EmailAddress, Password = Cryptography.Hash(startRegistrationModel.Password), Expires = DateTime.UtcNow.AddDays(3), VerificationCode = Cryptography.Hash(verificationCode) }; var registrationConfirmation = new RegistrationConfirmation { Username = startRegistrationModel.Username, EmailAddress = startRegistrationModel.EmailAddress, VerificationCode = verificationCode }; _confirmationEmailer.Send(registrationConfirmation); _repository.SaveOrUpdate(user); return RedirectToAction( "Complete", "Registration", new { startRegistrationModel.Username, startRegistrationModel.EmailAddress }); } return View(startRegistrationModel); }
private static bool RegistrationIsValid(Registration latestRegistration, CompleteRegistrationModel completeRegistrationModel) { if (latestRegistration == null) return false; if (latestRegistration.Expires < DateTime.UtcNow) return false; if (!Cryptography.Verify(latestRegistration.Password, completeRegistrationModel.Password)) return false; if (!Cryptography.Verify(latestRegistration.VerificationCode, completeRegistrationModel.VerificationCode)) return false; return true; }