public UserVm AddOrUpdate(UserVm userVm, ClaimsIdentity identity = null)
{
var message = Validation(userVm);
if (message != String.Empty)
{
throw new Exception(message);
}
var user = Mapper.Map <User>(userVm);
if (identity == null)
{
IsUserExist(user);
user.RegistrationDate = DateTime.UtcNow.AddHours(2);
user.IsVerifiedEmail = false;
var userHash = PasswordHashService.HashPassword(userVm.password);
user.PasswordHash = userHash.PasswordHash;
user.Salt = userHash.Salt;
_dbContext.Add(user);
}
else if (GetUserName(identity) == user.UserName)
{
User userDb = _dbContext.Users.FirstOrDefault(u => u.UserName == userVm.username);
user.RegistrationDate = userDb.RegistrationDate;
if (PasswordHashService.ValidatePassword(userVm.password, userDb) || userVm.password == userDb.PasswordHash)
{
user.PasswordHash = userDb.PasswordHash;
user.Salt = userDb.Salt;
}
else
{
var userHash = PasswordHashService.HashPassword(userVm.password);
user.PasswordHash = userHash.PasswordHash;
user.Salt = userHash.Salt;
}
_dbContext.Entry(userDb).State = EntityState.Detached;
_dbContext.Update(user);
}
else if (GetUserName(identity) != user.UserName)
{
throw new Exception("User is invalid.");
}
_dbContext.SaveChanges();
userVm = Mapper.Map <UserVm>(user);
return(userVm);
}
public User AuthenticateUser(User login)
{
User user = _dbContext.Users.FirstOrDefault(u => u.UserName == login.UserName);
if (user == null)
{
return(null);
}
if (login.UserName.ToUpper() == user.UserName.ToUpper() && (PasswordHashService.ValidatePassword(login.PasswordHash, user) || login.PasswordHash == user.PasswordHash))
{
return(user);
}
return(null);
}
