internal Guid CreateAccount(AccountCreateInfo model, bool isAdmin = false)
{
using (DatabaseContext context = Util.CreateContext())
{
string passwordHash = "";
string salt = "";
if (String.IsNullOrEmpty(model.FacebookUserId)) //if not a facebook user, hex password.
{
salt = PWDTK.GetRandomSaltHexString();
byte[] saltBytes = PWDTK.HashHexStringToBytes(salt);
passwordHash = PWDTK.PasswordToHashHexString(saltBytes, model.Password);
}
string role = isAdmin ? "Administrator" : "User";
Account account = new Account
{
Guid = Guid.NewGuid(),
Username = model.Username,
FacebookUserId = model.FacebookUserId,
Salt = salt,
PasswordHash = passwordHash,
Roles = JsonConvert.SerializeObject(new string[] { role }),
Phone = model.Phone,
LanguageCode = model.LanguageCode,
IsActive = true,
Created = DateTime.UtcNow,
LastLogin = DateTime.UtcNow
};
context.Accounts.Add(account);
context.SaveChanges();
return(account.Guid);
}
}
public Guid Post(AccountCreateInfo model)
{
string[] languageCodes = new string[] { "en-US", "zh-TW" };
if (!languageCodes.Contains(model.LanguageCode))
{
throw new HttpResponseException(HttpStatusCode.BadRequest);
}
if (String.IsNullOrEmpty(model.Username) || String.IsNullOrEmpty(model.Phone))
{
throw new HttpResponseException(HttpStatusCode.BadRequest);
}
if (String.IsNullOrEmpty(model.Password) && String.IsNullOrEmpty(model.FacebookUserId)) //needs to have username password, or facebook userId
{
throw new HttpResponseException(HttpStatusCode.BadRequest);
}
//confirm mobile
if (!new SmsConfirmController().Verify(new VerifyMobileRequest {
MobileNumber = model.Phone, Code = model.SmsCode
}))
{
throw new HttpResponseException(HttpStatusCode.BadRequest);
}
if (UserNameExists(new UserNameExistsRequest {
UserName = model.Username
}))
{
throw new HttpResponseException(HttpStatusCode.BadRequest);
}
return(CreateAccount(model));
}