public HttpResponseMessage Register(AccountUpsertRequest model) { _svc.Create(model); ItemResponse <int> response = new ItemResponse <int>(); return(Request.CreateResponse(HttpStatusCode.OK, response)); }
public int RegisterUser(AccountUpsertRequest userModel) { int userId = 0; string salt; string passwordHash; string password = userModel.Password; salt = _cryptographyService.GenerateRandomString(RAND_LENGTH); passwordHash = _cryptographyService.Hash(password, salt, HASH_ITERATION_COUNT); _dataProvider.ExecuteNonQuery("dbo.Person_UpsertAccount", inputParamMapper: delegate (SqlParameterCollection paramCollection) { paramCollection.AddWithValue("@Id", userModel.Id); paramCollection.AddWithValue("@FirstName", userModel.FirstName); paramCollection.AddWithValue("@LastName", userModel.LastName); paramCollection.AddWithValue("@Email", userModel.Email); paramCollection.AddWithValue("@Salt", salt); paramCollection.AddWithValue("@PasswordHash", passwordHash); paramCollection.AddWithValue("@RoleId", userModel.RoleId); //SqlParameter idParameter = new SqlParameter("@Id", SqlDbType.Int); //idParameter.Direction = ParameterDirection.Output; //paramCollection.Add(idParameter); } ); SendEmailConfirmationEmail(userModel.Email); return userId; //DB provider call to create user and get us a user id //be sure to store both salt and passwordHash //DO NOT STORE the original password value that the user passed us }
public int Create(AccountUpsertRequest userModel) { int userId = 0; string salt; string passwordHash; string password = userModel.Password; salt = _cryptographyService.GenerateRandomString(RAND_LENGTH); passwordHash = _cryptographyService.Hash(password, salt, HASH_ITERATION_COUNT); _dataProvider.ExecuteNonQuery("dbo.Person_UpsertAccount", inputParamMapper : delegate(SqlParameterCollection paramCollection) { paramCollection.AddWithValue("@Id", userModel.Id); paramCollection.AddWithValue("@FirstName", userModel.FirstName); paramCollection.AddWithValue("@LastName", userModel.LastName); paramCollection.AddWithValue("@Email", userModel.Email); paramCollection.AddWithValue("@Salt", salt); paramCollection.AddWithValue("@PasswordHash", passwordHash); paramCollection.AddWithValue("@RoleId", userModel.RoleId); //SqlParameter idParameter = new SqlParameter("@Id", SqlDbType.Int); //idParameter.Direction = ParameterDirection.Output; //paramCollection.Add(idParameter); } //, //returnParameters: delegate (SqlParameterCollection param) //{ // Int32.TryParse(param["@Id"].Value.ToString(), out userId); //} ); //1)creating token SecurityTokenService sts = new SecurityTokenService(_dataProvider); SecurityTokenAddRequest star = new SecurityTokenAddRequest() { TokenTypeId = 1, UserEmail = userModel.Email }; System.Guid tokenGuid = sts.Insert(star); //2)emailing confirmation var source = SiteConfig.BaseUrl; var message = "<body style='margin: 0; padding: 0; background:#ccc;'><table cellpadding=0 cellspacing=0 style='width: 100%;'><tr><td style='padding: 12px 2%;'><table cellpadding=0 cellspacing=0 style='margin:auto; background: #fff; width: 96%;'><tr><td style='padding: 12px 2%;'><div><h1 style='color:white;background-color:#1E90FF;'>Youth Mentoring Connection</h1></div > <div><h2 style='margin-top: 0;'>Congratulations</h2><p>You've successfully registered. Please confirm your email with Youth Mentoring Connection.To confirm your email click the link below:<br/></br> <span style='text-align:center; margin:0;'><a href=" + source + "/confirmationPages?guid=" + tokenGuid + ">Click Here To Confirm Email</a></p><p>...</p></div><div><h4 style='margin-top: 0;'>Sawubona!</h4><p></p></div><div style='border-top: solid 1px #ccc;'><p></p></div></td ></tr ></table ></td ></tr ></table ></body >"; ConfirmationEmailService ces = new ConfirmationEmailService(); ConfirmationEmailRequest cer = new ConfirmationEmailRequest() { From = "*****@*****.**", To = userModel.Email, Subject = "YMC Confirmation", Body = message }; Task <bool> email = ces.Execute(cer); return(userId); //DB provider call to create user and get us a user id //be sure to store both salt and passwordHash //DO NOT STORE the original password value that the user passed us }