public bool IsUserAuthorized(string userId, string password, out UserRequest userIdentity) { var loggedInUser = _dataAccess.GetLoggedInUser(userId); userIdentity = new UserRequest() { FirstName = loggedInUser.FirstName, LastName = loggedInUser.LastName, UserId = loggedInUser.UserId, CustomerId = loggedInUser.CustomerId, UserRole = loggedInUser.userrole.UserRoleName }; if (loggedInUser == null) { return(false); } var passCrypto = new PasswordCryptography(); if (loggedInUser.PasswordHash.Equals(passCrypto.GetPasswordHash(Guid.Parse(loggedInUser.Salt), password))) { return(true); } return(false); }
public void AddNewUser(UserRequest userRequest) { //Check if User already registered with same User-Id var user = _dataAccess.GetLoggedInUser(userRequest.UserId); if (user != null) { throw new DuplicateNameException("Customer already registered with this email-id"); } var salt = Guid.NewGuid(); var userRole = _dataAccess.GetUserRole(userRequest.UserRole); var passCrypto = new PasswordCryptography(); var passwordHash = passCrypto.GetPasswordHash(salt, userRequest.Password); var newUser = new user() { UserId = userRequest.UserId, UserRoleID = userRole.UserRoleID, AddeddOn = DateTime.Now, IsActive = true, Salt = salt.ToString(), PasswordHash = passwordHash, FirstName = userRequest.FirstName, LastName = userRequest.LastName, CustomerId = userRequest.CustomerId, userrole = userRole }; _dataAccess.AddNewUser(newUser); }