public User CreateUser(string username, string email, string password, int[] roles)
{
var existingUser = _userRepository.GetSingleByUsername(username);
if (existingUser != null)
{
throw new Exception("Username is already in use");
}
var passwordSalt = _encryptionService.CreateSalt();
var user = new User()
{
Username = username,
Salt = passwordSalt,
Email = email,
IsLocked = false,
HashedPassword = _encryptionService.EncryptPassword(password, passwordSalt),
DateCreated = DateTime.Now
};
_userRepository.Add(user);
_unitOfWork.Commit();
if (roles != null && roles.Length > 0)
{
foreach (var role in roles)
{
AddUserToRole(user, role);
}
}
_unitOfWork.Commit();
return user;
}
private bool IsUserValid(User user, string password)
{
if (IsPasswordValid(user, password))
{
return !user.IsLocked;
}
return false;
}
private bool IsPasswordValid(User user, string password) => string.Equals(_encryptionService.EncryptPassword(password, user.Salt), user.HashedPassword);
private void AddUserToRole(User user, int roleId)
{
var role = _roleRepository.GetSingle(roleId); if (role == null) throw new ApplicationException("Role doesn't exist.");
var userRole = new UserRole() { RoleId = role.Id, UserId = user.Id }; _userRoleRepository.Add(userRole);
}