public UserVm AddOrUpdate(UserVm userVm, ClaimsIdentity identity = null) { var message = Validation(userVm); if (message != String.Empty) { throw new Exception(message); } var user = Mapper.Map <User>(userVm); if (identity == null) { IsUserExist(user); user.RegistrationDate = DateTime.UtcNow.AddHours(2); user.IsVerifiedEmail = false; var userHash = PasswordHashService.HashPassword(userVm.password); user.PasswordHash = userHash.PasswordHash; user.Salt = userHash.Salt; _dbContext.Add(user); } else if (GetUserName(identity) == user.UserName) { User userDb = _dbContext.Users.FirstOrDefault(u => u.UserName == userVm.username); user.RegistrationDate = userDb.RegistrationDate; if (PasswordHashService.ValidatePassword(userVm.password, userDb) || userVm.password == userDb.PasswordHash) { user.PasswordHash = userDb.PasswordHash; user.Salt = userDb.Salt; } else { var userHash = PasswordHashService.HashPassword(userVm.password); user.PasswordHash = userHash.PasswordHash; user.Salt = userHash.Salt; } _dbContext.Entry(userDb).State = EntityState.Detached; _dbContext.Update(user); } else if (GetUserName(identity) != user.UserName) { throw new Exception("User is invalid."); } _dbContext.SaveChanges(); userVm = Mapper.Map <UserVm>(user); return(userVm); }
public User AuthenticateUser(User login) { User user = _dbContext.Users.FirstOrDefault(u => u.UserName == login.UserName); if (user == null) { return(null); } if (login.UserName.ToUpper() == user.UserName.ToUpper() && (PasswordHashService.ValidatePassword(login.PasswordHash, user) || login.PasswordHash == user.PasswordHash)) { return(user); } return(null); }