//-> IsValidSession
public bool IsValidSession(UserViewDTO userDTO)
{
//var session = EncryptString(userDTO.session);
var session = CryptingHelper.EncryptString(userDTO.session);
var user = db.tblUsers.FirstOrDefault(x => x.deleted == null && x.id == userDTO.id && x.session == session);
if (user == null)
{
return(false);
}
return(true);
}
//-> New
public async Task<UserViewDTO> New(UserNewDTO newDTO)
{
newDTO = StringHelper.TrimStringProperties(newDTO);
var checkRecord = await db.tblUsers.FirstOrDefaultAsync(x => x.deleted == null && x.userName == newDTO.userName);
if (checkRecord != null)
throw new HttpException((int)HttpStatusCode.BadRequest, ConstantHelper.LOGIN_NAME_EXIST);
var record = (tblUser)MappingHelper.MapDTOToDBClass<UserNewDTO, tblUser>(newDTO, new tblUser());
record.createdDate = DateTime.Now;
record.password = CryptingHelper.EncryptString("123");
db.tblUsers.Add(record);
await db.SaveChangesAsync();
db.Entry(record).Reload();
return await SelectByID(record.id);
}
//-> Change Password
public async Task<UserViewDTO> ChangePassword(UserChangePasswordDTO changePasswordDTO)
{
var user = (UserViewDTO)HttpContext.Current.Session["user"];
var password = CryptingHelper.EncryptString(changePasswordDTO.password);
var checkRecord = await db.tblUsers.FirstOrDefaultAsync(x => x.deleted == null && x.id == user.id && x.password == password);
if (checkRecord == null)
throw new HttpException((int)HttpStatusCode.BadRequest, ConstantHelper.INCORRECT_PASSWORD);
if(changePasswordDTO.newPassword != changePasswordDTO.comfirmPassword)
throw new HttpException((int)HttpStatusCode.BadRequest, ConstantHelper.PASSWORD_DOES_NOT_MATCH);
checkRecord.password = CryptingHelper.EncryptString(changePasswordDTO.newPassword);
await db.SaveChangesAsync();
return await SelectByID(checkRecord.id);
}
//-> Login
public async Task <UserViewDTO> Login(UserCredentialDTO crendential)
{
//string password = EncryptString(crendential.password);
string password = CryptingHelper.EncryptString(crendential.password);
var user = await db.tblUsers.FirstOrDefaultAsync(x => x.deleted == null && x.userName == crendential.userName && x.password == password);
//var user = await db.tblUsers.FirstOrDefaultAsync(x => x.deleted == null && x.userName == crendential.userName);
if (user == null)
{
return(null);
}
Guid token = Guid.NewGuid();
user.session = CryptingHelper.EncryptString(token.ToString());
await db.SaveChangesAsync();
var userView = MappingHelper.MapDBClassToDTO <tblUser, UserViewDTO>(user);
userView.session = token.ToString(); //***//
return(userView);
}
