public dynamic UserChangePassword(dynamic data) { var user = new User { id = data.user_id, password = data.password, email = "*****@*****.**" // always validates }; var val = new UserValidator(); var validationResult = val.Validate(user, ruleSet: "emailandpwd"); if (validationResult.IsValid) { var pwd = Crypto.EncryptStringAes(user.password, Config.encryptKey); dynamic res = GetAccountsDbConnection() .Execute( "update users set password='******',pwd=@pwd where id=@id", new { user.id, pwd }); } return(new { validationResult }); }
public dynamic UserSignInTry(dynamic data) { try { var anon_user = new User { email = data.email.ToString(), password = data.password.ToString() }; var val = new UserValidator(); var validationResult = val.Validate(anon_user, ruleSet: "emailandpwd"); if (!validationResult.IsValid) { return new { validationResult } } ; var validator = new SignInValidator(GetAccountsDbConnection()); validationResult = validator.Validate(anon_user); if (validationResult.IsValid) { dynamic account = GetAccountsDbConnection() .Query <dynamic>("select id,display_name,pwd from users where email=@email;", new { data.email }).Single(); // add ticket var ticket = Guid.NewGuid() .ToString() .Replace("{", string.Empty) .Replace("}", string.Empty) .Replace("-", string.Empty) .ToUpperInvariant() .Substring(0, 16); var clearTicket = "delete from tickets where user_id = @user_id;"; var addticket = "insert into tickets (user_id, date_expires, access_id) values (@user_id, @date_expires, @access_id);"; dynamic user_id = account.id; GetAccountsDbConnection().Execute(clearTicket + addticket, new { user_id, date_expires = DateTime.UtcNow.AddDays(30), access_id = ticket }); SetCookie("IsLoggedIn", "1"); SetCookie("UserName", account.display_name.ToString()); SetCookie("Auth", ticket); SetCookie("UserId", account.id.ToString()); // http://www.codeproject.com/Articles/408306/Understanding-and-Implementing-ASP-NET-Custom-Form var signed_in = true; return(new { validationResult, account, signed_in }); } return(new { validationResult }); } catch (Exception ex) { Debug.Print(ex.ToString()); throw ex; } }
public dynamic UserAdd(dynamic data) { var anon_user = new User { display_name = data.display_name.ToString(), email = data.email.ToString(), password = data.password.ToString() }; try { var val = new UserValidator(); var validationResult = val.Validate(anon_user, ruleSet: "emailandpwd,displayname"); if (!validationResult.IsValid) { return new { validationResult } } ; var validator = new UserAddValidator(GetAccountsDbConnection()); validationResult = validator.Validate(anon_user); if (validationResult.IsValid) { var pwd = Crypto.EncryptStringAes(anon_user.password, Config.encryptKey); data.password = "******"; dynamic res = GetAccountsDbConnection() .Query <dynamic>( "insert into users (email,display_name,date_created,pwd,password) values (@email,@display_name,UTC_TIMESTAMP(),@pwd,'v2');select last_insert_id() as newid;", new { anon_user.email, anon_user.display_name, pwd }).Single(); var stringToEncrypt = JsonConvert.SerializeObject(new { user_id = res.newid }); var encrypted = Crypto.EncryptStringAes(stringToEncrypt, Config.encryptKey); var domain = "www.tekphoria.co.uk"; if (Config.IsDevMachine) { data.email = "*****@*****.**"; domain = "localhost:1001"; } var handler = new EmailHandler(); handler.SendMailTest(new EmailArgs { To = data.email, Subject = string.Format("Account Verification for {0}", domain), Body = string.Format("Click <a href='http://{0}/account/verify?k={1}'>here</a> to verify account.", domain, encrypted), IsHtml = true }); return(new { validationResult, id = res.newid }); } return(new { validationResult }); } catch (Exception ex) { Debug.Write(ex); throw; } }