public static TutorType TutorLogin(string email = "", string password = "", int tzOs = 0, string conStr = "")
{
TutorType tutor = null;
using (SqlConnection con = new SqlConnection(conStr))
{
SqlCommand cmd = new SqlCommand("sp_ManageUsers", con);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add(new SqlParameter()
{
ParameterName = "@Mode", Value = "CheckLogin"
});
cmd.Parameters.Add(new SqlParameter()
{
ParameterName = "@Email", Value = email
});
cmd.Parameters.Add(new SqlParameter()
{
ParameterName = "@Password", Value = password
});
cmd.Parameters.Add(new SqlParameter()
{
ParameterName = "@TimeZoneOffset", Value = tzOs
});
con.Open();
SqlDataReader rdr = cmd.ExecuteReader();
if (rdr.HasRows)
{
while (rdr.Read())
{
tutor = new TutorType(rdr);
}
}
con.Close();
}
return(tutor);
}
//To be discussed !! (What to return)
public static TutorType UserSignUp(User user, string actUrl, string conStr = "")
{
TutorType tutor = null;
const int MAXIMUM_PASSWORD_ATTEMPTS = 10000;
bool includeLowercase = true;
bool includeUppercase = true;
bool includeNumeric = true;
bool includeSpecial = false;
int lengthOfPassword = 16;
PasswordGeneratorSettings settings = new PasswordGeneratorSettings(includeLowercase, includeUppercase, includeNumeric, includeSpecial, lengthOfPassword);
string password;
if (!settings.IsValidLength())
{
password = settings.LengthErrorMessage();
}
else
{
int passwordAttempts = 0;
do
{
password = PasswordGenerator.GeneratePassword(settings);
passwordAttempts++;
}while (passwordAttempts < MAXIMUM_PASSWORD_ATTEMPTS && !PasswordGenerator.PasswordIsValid(settings, password));
password = PasswordGenerator.PasswordIsValid(settings, password) ? password : "******";
}
user.ActivationCode = password;
using (SqlConnection con = new SqlConnection(conStr))
{
using (SqlCommand cmd = new SqlCommand("sp_ManageUsers", con))
{
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add(new SqlParameter()
{
ParameterName = "@Mode",
Value = "Insert"
});
cmd.Parameters.Add("@FirstName", SqlDbType.VarChar).Value = user.FirstName;
cmd.Parameters.Add("@LastName", SqlDbType.VarChar).Value = user.LastName;
cmd.Parameters.Add("@Email", SqlDbType.VarChar).Value = user.Email;
cmd.Parameters.Add("@Password", SqlDbType.VarChar).Value = user.Password;
cmd.Parameters.Add("@ActivationCode", SqlDbType.VarChar).Value = user.ActivationCode;
cmd.Parameters.Add("@CountryId", SqlDbType.Int).Value = user.LocationSettings.Country.Id;
cmd.Parameters.Add("@ObjEntityId", SqlDbType.Int).Value = (Byte)user.Type;
cmd.Parameters.Add("@TimeZoneOffset", SqlDbType.Int).Value = user.TimezoneOffset;
con.Open();
int rows = cmd.ExecuteNonQuery();
bool success = false;
if (rows > 0)
{
//TODO: Notify SecondaryEmail first if any.
string htmlString = "<html><body><h1>Dear " + user.FirstName + ",</h1><br/>" +
"<h6>Please click on the link below to activate your account:</h6><br/><br/>" +
"<a href=\"" + actUrl + "/" + user.UserId + "/" + user.ActivationCode + "\">Activate</a></body></html>";
success = new EmailNotifier
{
From = "*****@*****.**", //TODO: Read from DB
Password = "******", //TODO: Read from DB
To = new string[] { user.Email },
Subject = "INTO Account",
Body = htmlString,
IsBodyHtml = true,
SmtpServer = "smtp.gmail.com",
SmtpPort = 587,
IsSSL = true
}.Notify();
}
if (success)
{
tutor = new TutorType {
FirstName = user.FirstName, LastName = user.LastName, Active = false, LocationSettings = user.LocationSettings, Phone = user.Phone, Email = user.Email, Password = user.Password
};
}
}
return(tutor);
}
}
//To be discussed !! (What to return)
public static TutorType UserSignUp_(string firstName = "", string lastName = "", string email = "", string password = "", int tzOs = 0, int countryId = 0, string conStr = "")
{
TutorType us = new TutorType();
us = null;
using (SqlConnection con = new SqlConnection(conStr))
{
SqlCommand cmd = new SqlCommand("sp_ManageUsers", con);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add(new SqlParameter()
{
ParameterName = "@Mode",
Value = "Insert"
});
cmd.Parameters.Add(new SqlParameter()
{
ParameterName = "@FirstName",
Value = firstName
});
cmd.Parameters.Add(new SqlParameter()
{
ParameterName = "@LastName",
Value = lastName
});
cmd.Parameters.Add(new SqlParameter()
{
ParameterName = "@Email",
Value = email
});
cmd.Parameters.Add(new SqlParameter()
{
ParameterName = "@Password",
Value = password
});
cmd.Parameters.Add(new SqlParameter()
{
ParameterName = "@CountryId",
Value = countryId
});
//@ObjName
cmd.Parameters.Add(new SqlParameter()
{
ParameterName = "@ObjName",
Value = "Tutor"
});
cmd.Parameters.Add(new SqlParameter()
{
ParameterName = "@LanguageId",
Value = 1
});
cmd.Parameters.Add(new SqlParameter()
{
ParameterName = "@Active",
Value = 0
});
try
{
con.Open();
cmd.ExecuteNonQuery();
con.Close();
us = TutorLogin(email, password, tzOs, conStr);
return(us);
}
catch (Exception)
{
return(us);
}
}
}
public static User Login(EntityType type, string email = "", string password = "", int tzOs = 0, string conStr = "")
{
User user = null;
switch (type)
{
case EntityType.Tutor:
user = TutorLogin(email, password, tzOs, conStr);
break;
case EntityType.Student:
user = StudentLogin(email, password, tzOs, conStr);
break;
case EntityType.Parent:
user = ParentLogin(email, password, tzOs, conStr);
break;
case EntityType.School:
user = SchoolLogin(email, password, tzOs, conStr);
break;
}
using (SqlConnection con = new SqlConnection(conStr))
{
SqlCommand cmd = new SqlCommand("sp_ManageUsers", con);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add(new SqlParameter()
{
ParameterName = "@Mode", Value = "CheckLogin"
});
cmd.Parameters.Add(new SqlParameter()
{
ParameterName = "@Email", Value = email
});
cmd.Parameters.Add(new SqlParameter()
{
ParameterName = "@Password", Value = password
});
cmd.Parameters.Add(new SqlParameter()
{
ParameterName = "@TimeZoneOffset", Value = tzOs
});
con.Open();
SqlDataReader rdr = cmd.ExecuteReader();
if (rdr.HasRows)
{
//jinan
rdr.Read();
if (rdr["EntityType"] != DBNull.Value)
{
byte entityType = Convert.ToByte(rdr["EntityType"]);
type = (EntityType)entityType;
switch (type)
{
case EntityType.Tutor:
user = new TutorType(rdr);
break;
case EntityType.Student:
user = new StudentType(rdr);
break;
case EntityType.Parent:
//user = ParentLogin(email, password, conStr);
break;
case EntityType.School:
//user = SchoolLogin(email, password, conStr);
break;
}
}
}
}
return(user);
}
