public HttpResponseMessage Register(AccountUpsertRequest model)
{
_svc.Create(model);
ItemResponse <int> response = new ItemResponse <int>();
return(Request.CreateResponse(HttpStatusCode.OK, response));
}
public int RegisterUser(AccountUpsertRequest userModel)
{
int userId = 0;
string salt;
string passwordHash;
string password = userModel.Password;
salt = _cryptographyService.GenerateRandomString(RAND_LENGTH);
passwordHash = _cryptographyService.Hash(password, salt, HASH_ITERATION_COUNT);
_dataProvider.ExecuteNonQuery("dbo.Person_UpsertAccount",
inputParamMapper: delegate (SqlParameterCollection paramCollection)
{
paramCollection.AddWithValue("@Id", userModel.Id);
paramCollection.AddWithValue("@FirstName", userModel.FirstName);
paramCollection.AddWithValue("@LastName", userModel.LastName);
paramCollection.AddWithValue("@Email", userModel.Email);
paramCollection.AddWithValue("@Salt", salt);
paramCollection.AddWithValue("@PasswordHash", passwordHash);
paramCollection.AddWithValue("@RoleId", userModel.RoleId);
//SqlParameter idParameter = new SqlParameter("@Id", SqlDbType.Int);
//idParameter.Direction = ParameterDirection.Output;
//paramCollection.Add(idParameter);
}
);
SendEmailConfirmationEmail(userModel.Email);
return userId;
//DB provider call to create user and get us a user id
//be sure to store both salt and passwordHash
//DO NOT STORE the original password value that the user passed us
}
public int Create(AccountUpsertRequest userModel)
{
int userId = 0;
string salt;
string passwordHash;
string password = userModel.Password;
salt = _cryptographyService.GenerateRandomString(RAND_LENGTH);
passwordHash = _cryptographyService.Hash(password, salt, HASH_ITERATION_COUNT);
_dataProvider.ExecuteNonQuery("dbo.Person_UpsertAccount",
inputParamMapper : delegate(SqlParameterCollection paramCollection)
{
paramCollection.AddWithValue("@Id", userModel.Id);
paramCollection.AddWithValue("@FirstName", userModel.FirstName);
paramCollection.AddWithValue("@LastName", userModel.LastName);
paramCollection.AddWithValue("@Email", userModel.Email);
paramCollection.AddWithValue("@Salt", salt);
paramCollection.AddWithValue("@PasswordHash", passwordHash);
paramCollection.AddWithValue("@RoleId", userModel.RoleId);
//SqlParameter idParameter = new SqlParameter("@Id", SqlDbType.Int);
//idParameter.Direction = ParameterDirection.Output;
//paramCollection.Add(idParameter);
}
//,
//returnParameters: delegate (SqlParameterCollection param)
//{
// Int32.TryParse(param["@Id"].Value.ToString(), out userId);
//}
);
//1)creating token
SecurityTokenService sts = new SecurityTokenService(_dataProvider);
SecurityTokenAddRequest star = new SecurityTokenAddRequest()
{
TokenTypeId = 1,
UserEmail = userModel.Email
};
System.Guid tokenGuid = sts.Insert(star);
//2)emailing confirmation
var source = SiteConfig.BaseUrl;
var message =
"<body style='margin: 0; padding: 0; background:#ccc;'><table cellpadding=0 cellspacing=0 style='width: 100%;'><tr><td style='padding: 12px 2%;'><table cellpadding=0 cellspacing=0 style='margin:auto; background: #fff; width: 96%;'><tr><td style='padding: 12px 2%;'><div><h1 style='color:white;background-color:#1E90FF;'>Youth Mentoring Connection</h1></div > <div><h2 style='margin-top: 0;'>Congratulations</h2><p>You've successfully registered. Please confirm your email with Youth Mentoring Connection.To confirm your email click the link below:<br/></br> <span style='text-align:center; margin:0;'><a href="
+ source + "/confirmationPages?guid="
+ tokenGuid + ">Click Here To Confirm Email</a></p><p>...</p></div><div><h4 style='margin-top: 0;'>Sawubona!</h4><p></p></div><div style='border-top: solid 1px #ccc;'><p></p></div></td ></tr ></table ></td ></tr ></table ></body >";
ConfirmationEmailService ces = new ConfirmationEmailService();
ConfirmationEmailRequest cer = new ConfirmationEmailRequest()
{
From = "*****@*****.**",
To = userModel.Email,
Subject = "YMC Confirmation",
Body = message
};
Task <bool> email = ces.Execute(cer);
return(userId);
//DB provider call to create user and get us a user id
//be sure to store both salt and passwordHash
//DO NOT STORE the original password value that the user passed us
}
