public new ActionResult Profile(Patient patient)
{
if (ModelState.IsValid)
{
var isExist = SecurityUtilities.IsEmailExists(patient.Email);
if (isExist)
{
if (db.Patients.Where(p => p.ID == patient.ID).Select(p => p.Email).FirstOrDefault() != patient.Email)
{
//username is registered before
ModelState.AddModelError("EmailExist", "Email already exists .");
ViewBag.BloodGroupID = new SelectList(db.BloodGroups, "ID", "Name", patient.BloodGroupID);
return(View(patient));
}
}
// saving data
patient.PW = SecurityUtilities.Hash(patient.PW);
db.Entry(patient).State = EntityState.Modified;
db.SaveChanges();
return(RedirectToAction("Index", "Home"));
}
//if we reach here something went wrong
ModelState.AddModelError("ProfileError", "An error occured while editing profile");
ViewBag.BloodGroupID = new SelectList(db.BloodGroups, "ID", "Name", patient.BloodGroupID);
return(View(patient));
}
public ActionResult Login(LoginViewModel LoginVM)
{
if (ModelState.IsValid)
{
var patient = db.Patients.Where(u => u.Email == LoginVM.Email).FirstOrDefault();
if (patient != null)
{
//valid email address
if (string.Compare(SecurityUtilities.Hash(LoginVM.PW), patient.PW) == 0)
{
//valid login password, reset access faild counter and create FormAuthentication Cookie
Response.Cookies.Add(SecurityUtilities.CreateAuthenticationCookie(patient.FName, patient.ID.ToString()));
//redirect to home page
return(RedirectToAction("Index", "Home"));
}
else
{
//invalid password
ModelState.AddModelError("InvalidPassword", "Invalid Password. ");
}
}
else
{
//wrong email address
ModelState.AddModelError("InvalidEmail", "Invalid Email Address. ");
}
}
else
{
ModelState.AddModelError("loginerror", "An error occured while sign in .");
}
// If we got this far, something failed, redisplay form
return(View(LoginVM));
}
public ActionResult Register(Patient patient, HttpPostedFileBase uploaded)
{
if (ModelState.IsValid)
{
var isExist = SecurityUtilities.IsEmailExists(patient.Email);
if (isExist)
{
//username is registered before
ModelState.AddModelError("EmailExist", "Email already exists .");
ViewBag.BloodGroupID = new SelectList(db.BloodGroups, "ID", "Name", patient.BloodGroupID);
return(View(patient));
}
//Completing user model data
patient.PW = SecurityUtilities.Hash(patient.PW);
if (uploaded != null && uploaded.ContentLength > 0)
{
string extension = Path.GetExtension(uploaded.FileName);
string pattern = @".(jpg|JPG|jpeg|JPEG|png|PNG)$";
if (Regex.IsMatch(extension, pattern))
{
// convert image to array of binary
patient.Img = new byte[uploaded.ContentLength];
uploaded.InputStream.Read(patient.Img, 0, uploaded.ContentLength);
}
else
{
ModelState.AddModelError("ImgError", "Only Images allowed .");
ViewBag.BloodGroupID = new SelectList(db.BloodGroups, "ID", "Name", patient.BloodGroupID);
return(View(patient));
}
}
// insert user data in User and UserRoles tables in one transaction
db.Patients.Add(patient);
db.SaveChanges();
//Registeration succeeded, Sign in this account
Response.Cookies.Add(SecurityUtilities.CreateAuthenticationCookie(patient.FName, patient.ID.ToString()));
// Redirect to Dashboard
return(RedirectToAction("Index", "Home"));
}
else
{
ModelState.AddModelError("RegisterError", "An error occured while registeration .");
}
// If we got this far, something failed, redisplay form
ViewBag.BloodGroupID = new SelectList(db.BloodGroups, "ID", "Name", patient.BloodGroupID);
return(View(patient));
}
public User CreateNew(string credentials, string email, string password, DateTime birthday, string about)
{
if (string.IsNullOrWhiteSpace(credentials))
{
throw new ArgumentException($"Invalid credentials: '{credentials}'.");
}
if (string.IsNullOrWhiteSpace(email))
{
throw new ArgumentException($"Invalid email: '{email}'.");
}
if (string.IsNullOrWhiteSpace(password))
{
throw new ArgumentException($"Invalid passwordhash: '{password}'.");
}
if (birthday > DateTime.Now)
{
throw new ArgumentException($"Birthday cannot be in the future: '{birthday}'.");
}
var existingEncryptedUser = this.GetByEmail(email);
if (existingEncryptedUser != null)
{
throw new Exception($"User with email {email} already exists.");
}
User newEncryptedUser = new User()
{
Credentials = credentials,
Email = email,
PasswordHash = SecurityUtilities.Hash(password),
Birthday = birthday.ToShortDateString(),
Comment = about,
UserRole_Id = (int)UserRoleType.User
}
.Encrypt(_encryptor);
_usersRepository.Create(newEncryptedUser);
return(_usersRepository.GetByEmail(newEncryptedUser.Email)?.Decrypt(_encryptor));
}
