public SecureHash ResetPassword(long userLoginId, string password, bool userVerified = true) { using (IDataAccessAdapter myAdapter = PersistenceLayer.GetDataAccessAdapter()) { var userLoginEntity = new UserLoginEntity(userLoginId); if (myAdapter.FetchEntity(userLoginEntity)) { userLoginEntity.IsNew = false; var securehash = _oneWayHashingService.CreateHash(password); userLoginEntity.Password = securehash.HashedText; userLoginEntity.Salt = securehash.Salt; userLoginEntity.UserVerified = userVerified; userLoginEntity.LastPasswordChangeDate = DateTime.Now; if (userVerified) { userLoginEntity.ResetPwdQueryString = null; } myAdapter.SaveEntity(userLoginEntity, true); return(securehash); } return(null); } }
public UserLoginEntity CreateUserLoginEntity(UserLogin userLogin, long userId) { if (userLogin == null) { throw new ArgumentNullException("userLogin"); } string password = string.Empty; string salt = string.Empty; if (userId == 0 && !string.IsNullOrEmpty(userLogin.Password) && string.IsNullOrEmpty(userLogin.Salt)) { var secureHash = _oneWayHashingService.CreateHash(userLogin.Password); password = secureHash.HashedText; salt = secureHash.Salt; } else { if (!string.IsNullOrEmpty(userLogin.Password) && string.IsNullOrEmpty(userLogin.Salt)) { var secureHash = _oneWayHashingService.CreateHash(userLogin.Password); password = secureHash.HashedText; salt = secureHash.Salt; } else { password = userLogin.Password; salt = userLogin.Salt; } } return(new UserLoginEntity(userLogin.Id == 0 ? userId : userLogin.Id) { UserName = userLogin.UserName, Password = password, Salt = salt, IsActive = true, DateCreated = userLogin.DateCreated != DateTime.MinValue ? userLogin.DateCreated : DateTime.Now, DateModified = DateTime.Now, IsLocked = userLogin.Locked, LoginAttempts = userLogin.FailedAttempts, UserVerified = userLogin.UserVerified, HintAnswer = !string.IsNullOrEmpty(userLogin.HintAnswer) ? _cryptographyService.Encrypt(userLogin.HintAnswer) : userLogin.HintAnswer, HintQuestion = userLogin.HintQuestion, IsSecurityQuestionVerified = userLogin.IsSecurityQuestionVerified, IsNew = userLogin.Id == 0, LastPasswordChangeDate = userLogin.LastPasswordChangeDate != DateTime.MinValue ? userLogin.LastPasswordChangeDate : DateTime.Now, IsTwoFactorAuthrequired = userLogin.IsTwoFactorAuthrequired }); }
public void SaveProfile(ProfileEditModel profileEditModel) { var user = Mapper.Map <ProfileEditModel, User>(profileEditModel); user.UserLogin.IsSecurityQuestionVerified = true; user.UserLogin.UserVerified = true; if (profileEditModel.Id > 0 && string.IsNullOrEmpty(profileEditModel.Password)) { var existingUser = _userRepository.GetUser(profileEditModel.Id); user.UserLogin.Password = existingUser.UserLogin.Password; user.UserLogin.Salt = existingUser.UserLogin.Salt; } else if (!string.IsNullOrEmpty(profileEditModel.Password)) { var secureHash = _oneWayHashingService.CreateHash(profileEditModel.Password); user.UserLogin.Password = secureHash.HashedText; user.UserLogin.Salt = secureHash.Salt; } _addressService.SaveAfterSanitizing(user.Address); _userRepository.SaveUser(user); }
public UserEditModel Save(UserEditModel userToSave) { _userModelValidator.ValidateAndThrow(userToSave); var userAddress = _addressService.SaveAfterSanitizing(Mapper.Map <AddressEditModel, Address>(userToSave.Address)); OrganizationRoleUser organizationRoleUser = Mapper.Map <OrganizationRoleUserModel, OrganizationRoleUser>(_sessionContext.UserSession.CurrentOrganizationRole); userToSave.DataRecorderMetaData = new DataRecorderMetaData(organizationRoleUser, DateTime.Now, DateTime.Now); var user = Mapper.Map <UserEditModel, User>(userToSave); var isPasswordUpdatedOrCreated = false; SecureHash secureHash = null; if (userToSave.Id > 0 && string.IsNullOrEmpty(userToSave.Password)) { var existingUser = _userRepository.GetUser(userToSave.Id); user.UserLogin.Password = existingUser.UserLogin.Password; user.UserLogin.Salt = existingUser.UserLogin.Salt; user.UserLogin.UserVerified = existingUser.UserLogin.UserVerified;//For a scenario: User is created and then immediatly updated user.UserLogin.LastPasswordChangeDate = existingUser.UserLogin.LastPasswordChangeDate; user.UserLogin.LastLogged = existingUser.UserLogin.LastLogged; } else if (!string.IsNullOrEmpty(userToSave.Password)) { secureHash = _oneWayHashingService.CreateHash(userToSave.Password); user.UserLogin.Password = secureHash.HashedText; user.UserLogin.Salt = secureHash.Salt; isPasswordUpdatedOrCreated = true; user.UserLogin.LastPasswordChangeDate = DateTime.Now; } user.Address = userAddress; if (isPasswordUpdatedOrCreated)//&& user.Id > 0 && userToSave.UsersRoles.Count() == 1 && userToSave.UsersRoles.Single().RoleId == (long)Roles.Customer) { user.UserLogin.UserVerified = false; } user.UserLogin.IsTwoFactorAuthrequired = userToSave.OverRideTwoFactorAuthrequired ? userToSave.IsTwoFactorAuthrequired : (bool?)null; user = _userRepository.SaveUser(user); if (isPasswordUpdatedOrCreated && secureHash != null && !(user.Id > 0 && userToSave.UsersRoles.Count() == 1 && userToSave.UsersRoles.Single().RoleId == (long)Roles.Customer)) { _passwordChangelogService.Update(user.Id, secureHash, _sessionContext.UserSession.CurrentOrganizationRole.OrganizationRoleUserId); } userToSave.Id = user.Id; //map & save user roles _orgRoleUserRepository.DeactivateAllOrganizationRolesForUser(user.Id); foreach (var organizationRoleModel in userToSave.UsersRoles) { organizationRoleModel.UserId = user.Id; var orgRoleUser = _orgRoleUserRepository.SaveOrganizationRoleUser(Mapper.Map <OrganizationRoleUserModel, OrganizationRoleUser>(organizationRoleModel)); var roleId = GetParentRoleIdByRoleId(orgRoleUser.RoleId); switch (roleId) { case (long)Roles.Technician: var technician = Mapper.Map <TechnicianModel, Technician>(userToSave.TechnicianProfile); technician.TechnicianId = orgRoleUser.Id; var repository = ((IRepository <Technician>)_technicianRepository); repository.Save(technician); if (!string.IsNullOrWhiteSpace(userToSave.TechnicianProfile.Pin)) { _pinChangeLogService.Update(userToSave.TechnicianProfile.Pin.Encrypt(), orgRoleUser.Id, organizationRoleUser.Id); } break; case (long)Roles.MedicalVendorUser: var physician = Mapper.Map <PhysicianModel, Physician>(userToSave.PhysicianProfile); physician.PhysicianId = orgRoleUser.Id; physician.AuthorizedStateLicenses = _physicianLicenseModelFactory.CreateMultiple(userToSave.PhysicianProfile.Licenses, orgRoleUser.Id); _physicianRepository.SavePhysician(physician); break; case (long)Roles.CorporateAccountCoordinator: var accountCoordinator = Mapper.Map <AccountCoordinatorProfileModel, AccountCoordinatorProfile>(userToSave.AccountCoordinatorProfile); accountCoordinator.AccountCoordinatorId = orgRoleUser.Id; var accountCoordinatorRepository = ((IRepository <AccountCoordinatorProfile>)_accountCoordinatorProfileRepository); accountCoordinatorRepository.Save(accountCoordinator); break; case (long)Roles.CallCenterRep: var callCenterRepProfile = new CallCenterRepProfile { CallCenterRepId = orgRoleUser.Id, CanRefund = false, CanChangeNotes = false, DialerUrl = organizationRoleModel.DialerUrl }; _callCenterRepProfileRepository.Save(callCenterRepProfile); break; } } if (userToSave.UsersRoles.Any(x => x.RoleId == (long)Roles.NursePractitioner)) { var userNpiInfo = new UserNpiInfo { UserId = userToSave.Id, Npi = !string.IsNullOrEmpty(userToSave.Npi) ? userToSave.Npi : null, Credential = !string.IsNullOrEmpty(userToSave.Credential) ? userToSave.Credential : null }; _userNpiInfoRepository.Save(userNpiInfo); } var systemUserInfo = new SystemUserInfo { EmployeeId = userToSave.UsersRoles.Count() == 1 && userToSave.UsersRoles.Any(x => x.RoleId == (long)Roles.Customer) ? string.Empty : userToSave.EmployeeId, UserId = userToSave.Id }; _systemUserInfoRepository.Save(systemUserInfo); return(userToSave); //this does not return the same object. the saved user are out of sync at this point.!! }