public IHttpActionResult Post(BOC.Entities.User aUser) { try { BOC.Entities.Role lSystemUser = _BOCWebDBContext.Roles.Where(e => e.RoleId == "1").First(); BOCPasswordHasher lBOCPasswordHasher = new BOCPasswordHasher(); aUser.Password = lBOCPasswordHasher.HashPassword(aUser.Password); aUser.Roles = new List<BOC.Entities.Role>(); aUser.Roles.Add(lSystemUser); _BOCWebDBContext.Users.Add(aUser); _BOCWebDBContext.SaveChanges(); return Ok(); } catch (Exception e) { return BadRequest("Can't add system user!"); } }
public IHttpActionResult ModifyPassword(ModifyPassword aModifyPassword) { logger.InfoFormat("ModifyPassword {0}", aModifyPassword.ToString()); try { BOCPasswordHasher lBOCPasswordHasher = new BOCPasswordHasher(); string lOldPassword = lBOCPasswordHasher.HashPassword(aModifyPassword.OldPassword); string lNewPassword = lBOCPasswordHasher.HashPassword(aModifyPassword.NewPassword); BOC.Entities.User lUser = _BOCWebDBContext.Users.Where(e => e.UserName == aModifyPassword.UserName && e.Password == lOldPassword).FirstOrDefault(); if (lUser != null) { lUser.Password = lNewPassword; _BOCWebDBContext.Users.Attach(lUser); _BOCWebDBContext.Entry<BOC.Entities.User>(lUser).State = System.Data.Entity.EntityState.Modified; _BOCWebDBContext.SaveChanges(); return Ok(); } else { return BadRequest("_oldpasswordincorrect"); } } catch(Exception e) { return BadRequest(e.ToString()); } }
public IHttpActionResult RegisterUser(RegisterAccount aRegisterAccount) { try { BOC.Entities.User lUser = new BOC.Entities.User(); lUser.UserID = aRegisterAccount.username; lUser.UserName = aRegisterAccount.username; BOCPasswordHasher lBOCPasswordHasher = new BOCPasswordHasher(); lUser.Password = lBOCPasswordHasher.HashPassword(aRegisterAccount.password); BOC.Entities.Company lCompany = new BOC.Entities.Company(); lCompany.LoginUserName = aRegisterAccount.username; lCompany.CompanyName = aRegisterAccount.companyname; lCompany.CompanyLocalName = aRegisterAccount.companylocalname; lCompany.CompanyEmail = aRegisterAccount.companyemail; lCompany.CompanyType = aRegisterAccount.companytype; lCompany.CompanyRegTime = DateTime.Now.ToUniversalTime(); lCompany.CompanyPhoneNumber = aRegisterAccount.companyphone; lCompany.CompanyFaxNumber = aRegisterAccount.companyfax; lCompany.CompanyWebSite = aRegisterAccount.companywebsite; lCompany.CompanyCountry = aRegisterAccount.companycountry; lCompany.CompanyProvince = aRegisterAccount.companyprovince; lCompany.CompanyAddress = aRegisterAccount.companyaddress; lCompany.RegesterIpAddress = GetIP(); lCompany.ContactPersons = new List<BOC.Entities.ContactPerson>(); BOC.Entities.ContactPerson lContactPerson = new BOC.Entities.ContactPerson(); lContactPerson.ContactPersonName = aRegisterAccount.contactpersonname; lContactPerson.ContactPersonEnglishName = aRegisterAccount.contactpersonenglishname; lContactPerson.ContactPersonSex = aRegisterAccount.sex; lContactPerson.ContactPersonCellPhoneNumber = aRegisterAccount.cellphone; lCompany.ContactPersons.Add(lContactPerson); BOC.Entities.Role lNewUserRole = _BOCWebDBContext.Roles.Where(e => e.RoleId == "5").First(); lUser.Roles = new List<BOC.Entities.Role>(); lUser.Roles.Add(lNewUserRole); _BOCWebDBContext.Users.Add(lUser); _BOCWebDBContext.Companys.Add(lCompany); BOC.Entities.Log lLogCompany = new BOC.Entities.Log(); lLogCompany.LogTime = DateTime.Now; lLogCompany.LogInfo = "[ADD] Company " + lCompany.Dump(); _BOCWebDBContext.Logs.Add(lLogCompany); BOC.Entities.Log lLogUser = new BOC.Entities.Log(); lLogUser.LogTime = DateTime.Now; lLogUser.LogInfo = "[ADD] User " + lUser.Dump(); _BOCWebDBContext.Logs.Add(lLogUser); _BOCWebDBContext.SaveChanges(); return Ok(); } catch(Exception e) { return BadRequest("_cannotaddaccount"); } }
public IHttpActionResult ResetPassword(ResetPassowrdParams aResetPassowrdParams) { try { BOCPasswordHasher lBOCPasswordHasher = new BOCPasswordHasher(); string lNewPassword = lBOCPasswordHasher.HashPassword(aResetPassowrdParams.Password); DESCode lDESCode = new DESCode(); string lUserName = lDESCode.DecryptDES(aResetPassowrdParams.UserName); string[] lStringArray = lUserName.Split('|'); string lUserTrueName = lStringArray[0]; string lDateTime = lStringArray[1]; DateTime lNow = DateTime.Now; DateTime lEmailDateTime = DateTime.Parse(lDateTime); if ((lNow - lEmailDateTime).Days > 7) { return BadRequest("_resetpasswordexpired"); } BOC.Entities.User lUser = _BOCWebDBContext.Users.Where(e => e.UserName == lUserTrueName).FirstOrDefault(); if (lUser != null) { lUser.Password = lNewPassword; _BOCWebDBContext.Users.Attach(lUser); _BOCWebDBContext.Entry<BOC.Entities.User>(lUser).State = System.Data.Entity.EntityState.Modified; _BOCWebDBContext.SaveChanges(); return Ok(); } else { return BadRequest("_reseterror"); } } catch (Exception e) { return BadRequest(e.ToString()); } }