public HttpResponseMessage VerifyAccount(string id)
{
using (Notestash_DatabaseEntities db = new Notestash_DatabaseEntities())
{
var activate = db.tblUsers.Where(e => e.ActivationCode == new Guid(id)).FirstOrDefault();
if (activate == null)
{
return(Request.CreateErrorResponse(HttpStatusCode.Unauthorized, "Account deleted! Create Again!"));
}
else
{
DateTime expire = activate.Created_at.Value.AddDays(1);
DateTime present = DateTime.Now;
if (present >= expire)
{
return(Request.CreateErrorResponse(HttpStatusCode.Unauthorized, "Link Expired! Register Again!"));
}
else
{
activate.IsEmailVerified = 1;
db.SaveChanges();
return(Request.CreateResponse(HttpStatusCode.OK, "Your Notestash account is activated!"));
}
}
}
}
public HttpResponseMessage changePassword(string id, changePassword pass)
{
try
{
using (Notestash_DatabaseEntities db = new Notestash_DatabaseEntities())
{
var passwordChanged = db.tblUsers.Where(e => e.forgotPasswordCode == new Guid(id)).FirstOrDefault();
string newPass = pass.newPassword;
var sha384Factory = HmacFactory;
var random = new CryptoRandom();
byte[] derivedKey;
string hashedPassword = null;
string passwordText = newPass;
byte[] passwordBytes = SafeUTF8.GetBytes(passwordText);
var salt = random.NextBytes(384 / 8);
using (var pbkdf2 = new PBKDF2(sha384Factory, passwordBytes, salt, 256 * 1000))
derivedKey = pbkdf2.GetBytes(384 / 8);
using (var hmac = sha384Factory())
{
hmac.Key = derivedKey;
hashedPassword = hmac.ComputeHash(passwordBytes).ToBase16();
}
passwordChanged.Password = hashedPassword;
passwordChanged.Salt = salt;
passwordChanged.forgotPasswordCode = null;
db.SaveChanges();
return(Request.CreateResponse(HttpStatusCode.OK, "Password changed successfully!"));
}
}
catch (Exception ex)
{
string s = ex.Message;
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Error occurred, please try again!"));
}
}
public HttpResponseMessage forgotPassword(forgotPassword User)
{
if (!ModelState.IsValid)
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Model State Invalid"));
}
try
{
using (Notestash_DatabaseEntities db = new Notestash_DatabaseEntities())
{
var emailId = db.tblUsers.FirstOrDefault(e => e.Email == User.Email);
emailId.forgotPasswordCode = Guid.NewGuid();
db.SaveChanges();
changePasswordEmail(emailId.Email, emailId.forgotPasswordCode.ToString());
return(Request.CreateResponse(HttpStatusCode.OK, "Link to change password has been sent to your email id."));
}
}
catch (Exception ex)
{
string s = ex.Message;
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Error occurred, please try again!"));
}
}
public string Create(UserModel objUser)
{
var sha384Factory = HmacFactory;
var random = new CryptoRandom();
byte[] derivedKey;
string hashedPassword = null;
string passwordText = objUser.Password;
byte[] passwordBytes = SafeUTF8.GetBytes(passwordText);
var salt = random.NextBytes(384 / 8);
using (var pbkdf2 = new PBKDF2(sha384Factory, passwordBytes, salt, 256 * 1000))
derivedKey = pbkdf2.GetBytes(384 / 8);
using (var hmac = sha384Factory())
{
hmac.Key = derivedKey;
hashedPassword = hmac.ComputeHash(passwordBytes).ToBase16();
}
try
{
tblUser objTblUser = new tblUser();
objTblUser.Id = objUser.Id;
objTblUser.FullName = objUser.FullName;
objTblUser.Password = hashedPassword;
objTblUser.Email = objUser.Email;
objTblUser.Salt = salt;
objTblUser.ProfilePicture = null;
objTblUser.IsEmailVerified = 0;
objTblUser.ActivationCode = Guid.NewGuid();
objTblUser.Created_at = DateTime.Now;
objTblUser.AdminOrUser = 1;
using (Notestash_DatabaseEntities db = new Notestash_DatabaseEntities())
{
DateTime present = DateTime.Now;
var userList = db.tblUsers.Where(a => a.IsEmailVerified == 0).ToList();
foreach (tblUser user in userList)
{
DateTime expire = user.Created_at.Value.AddDays(1);
if (present >= expire)
{
db.tblUsers.Remove(user);
}
}
db.SaveChanges();
var existingUser = db.tblUsers.FirstOrDefault(e => e.Email.Equals(objUser.Email));
if (existingUser == null)
{
db.tblUsers.Add(objTblUser);
db.SaveChanges();
return(objUser.Email + " " + objTblUser.ActivationCode.ToString());
}
else
{
return("exists");
}
}
}
catch (Exception ex)
{
string message = ex.ToString();
return("error");
}
}
public string Check(LoginModel objUser)
{
try
{
using (Notestash_DatabaseEntities db = new Notestash_DatabaseEntities())
{
var user = db.tblUsers.FirstOrDefault(e => e.Email.Equals(objUser.Email));
if (user == null)
{
return("invalid");
}
else
{
var sha384Factory = HmacFactory;
byte[] derivedKey;
string hashedPassword = null;
string suppliedPassword = objUser.Password;
byte[] passwordBytes = SafeUTF8.GetBytes(suppliedPassword);
using (var pbkdf2 = new PBKDF2(sha384Factory, passwordBytes, user.Salt, 256 * 1000))
derivedKey = pbkdf2.GetBytes(384 / 8);
using (var hmac = sha384Factory())
{
hmac.Key = derivedKey;
hashedPassword = hmac.ComputeHash(passwordBytes).ToBase16();
}
var userCredentials =
db.tblUsers.FirstOrDefault(e => e.Email.Equals(objUser.Email) && e.Password.Equals(hashedPassword) && e.AdminOrUser == 1);
if (userCredentials != null)
{
if (userCredentials.IsEmailVerified == 0)
{
return("inactive");
}
else
{
string token = createToken(objUser.Email);
return(token);
}
}
else
{
return("invalid");
}
}
}
}
catch (Exception ex)
{
string message = ex.ToString();
return("error");
}
}
