public Task <Response> Handle(RegisterInputModel message)
{
var response = new Response();
if (_db.Users.Any(x => x.Username == message.Username))
{
response.AddError("username", $"Username {message.Username} already in use");
}
if (!response.HasErrors)
{
var salt = Guid.NewGuid().ToString();
var user = new User
{
Username = message.Username,
FirstName = message.Firstname,
LastName = message.Lastname,
Registered = DateTime.UtcNow,
Credential = new Credential
{
Username = message.Username,
PasswordHash = StringHelpers.ComputeHash(message.Password, salt),
Salt = salt,
IsActive = true
},
Roles = new List <Role> {
new Visitor()
}
};
try
{
_unitOfWork.AddOrAttach(user);
_unitOfWork.Commit();
}
catch (Exception e)
{
response.AddError("", e.Message);
}
}
return(Task.FromResult(response));
}
public async Task <Response> Handle(LoginInputModel message)
{
var response = Response.Empty();
var user = _db.Users.FirstOrDefault(x => x.Credential.Username == message.Username);
if (user != null && user.Credential.PasswordHash == StringHelpers.ComputeHash(message.Password, user.Credential.Salt))
{
var claims = new List <Claim> {
new Claim(ClaimTypes.Name, user.Username)
};
foreach (var role in user.Roles)
{
claims.Add(new Claim(ClaimTypes.Role, role.Name));
}
await _httpContext.HttpContext.Authentication.SignInAsync(Application.AuthScheme,
new ClaimsPrincipal(new ClaimsIdentity(claims, "form")));
try
{
user.LastLogin = DateTime.UtcNow;
_unitOfWork.AddOrAttach(user);
await _unitOfWork.Commit();
}
catch (Exception e)
{
// log
// we will allow user to login and just log why last login date couldn't be saved
}
}
else
{
response.AddMessage("", "User doesn't exists or wrong password", ResponseMessageType.Error);
}
return(response);
}
