public string DoLogin(string loginname, string password)
{
var users = _db.Users.Where(u => u.Nickname.Equals(loginname) || u.Email.Equals(loginname)).ToList();
if (users.Count != 1)
{
throw new NotImplementedException();
}
User user = users.First();
string hashedpw = new DBTek.Crypto.MD5_Hsr().HashString(password);
TokenModel token = null;
if (!user.Password.Equals(hashedpw))
{
throw new NotImplementedException();
}
token = TokenGenerator.GenerateLoginToken(user.UserId);
_db.Tokens.Add(token);
user.LastLoginDate = DateTime.Now;
_db.MarkAsModified(user);
_db.SaveChanges();
return token.Token;
}
public void ResetPassword(string email) {
var user = _db.Users.Where(u => u.Email.Equals(email, StringComparison.CurrentCultureIgnoreCase)).Single();
if (user == null) { throw new UserNotFoundException(); }
string newPassword = TokenGenerator.GenerateToken(8);
string hashedPassword = new DBTek.Crypto.MD5_Hsr().HashString(newPassword);
user.Password = hashedPassword;
_db.MarkAsModified(user);
_db.SaveChanges();
Mailer.SendMail(user.Email, Resources.PasswordResetEmailSubject,
String.Format(Resources.PasswordResetEmailBody, user.Nickname, newPassword));
}
public bool Register(string email, string password, string nickname)
{
if (String.IsNullOrEmpty(email))
{
return false;
}
if (String.IsNullOrEmpty(password))
{
return false;
}
string hashedpw = new DBTek.Crypto.MD5_Hsr().HashString(password);
string token = TokenGenerator.GenerateRegistrationNumber();
_db.Users.Add(new User
{
Confirmed = false,
Email = email,
//LastLoginDate = SqlDateTime.MinValue.Value,
//LastRefreshDate = SqlDateTime.MinValue.Value,
Nickname = nickname,
Password = hashedpw,
RegistrationDate = DateTime.Now,
RegistrationNumber = token,
UserId = Guid.NewGuid().ToString()
});
try{
Mailer.SendMail(email, Resources.RegisterUserEmailSubject,
String.Format(Resources.RegisterUserEmailBody, nickname, token));
_db.SaveChanges();
}
catch(Exception ex)
{
LOGGER.Error(ex);
return false;
}
return true;
}
