public IdentityResult LoginUser(ApplicationUser user)
{
var authResult = new IdentityResult();
UserIdentity uIdentity = _db.GetUserIdentity(user.Login);
if (uIdentity == null)
{
return Error(authResult, "Login or password are incorrect.");
}
bool result = _security.VerifyPassword(user.Password, uIdentity.Password, uIdentity.Salt);
if (!result)
{
return Error(authResult, "Login or password are incorrect.");
}
authResult.Token = _security.CreateToken(uIdentity.UserId.ToString(), uIdentity.Login);
var identityUser = _db.Get<User>(uIdentity.UserId);
authResult.UserName = identityUser.FirstName;
authResult.LastName = identityUser.LastName;
return authResult;
}
public IHttpActionResult Login(LoginModel model)
{
if (!ModelState.IsValid)
{
return BadRequest(ModelState);
}
ApplicationUser user = new ApplicationUser()
{
Login = model.Email,
Password = model.Password
};
var result = _accountService.LoginUser(user);
if (!result.Succeeded)
{
return BadRequest(result.ToString());
}
return Ok(result);
}
public IdentityResult CreateUser(ApplicationUser user)
{
IdentityResult result = new IdentityResult();
if (_db.DoesUserExist(user.Login))
{
return Error(result, "This login already exists in database.");
}
User _user = null;
UserIdentity _userIdentity = null;
try
{
_user = new User() { FirstName = user.FirstName, LastName = user.LastName };
_db.Add(_user);
_userIdentity = new UserIdentity() { Login = user.Login, UserId = _user.ID, Salt = _security.CreateSalt() };
_userIdentity.Password = _security.HashPassword(user.Password, _userIdentity.Salt);
_db.Add(_userIdentity);
}
catch (Exception)
{
if (_user.ID != null)
_db.Delete<User>(_user.ID);
if (_userIdentity.ID != null)
_db.Delete<UserIdentity>(_userIdentity.ID);
_logger.Info("CreateUser method - changes reverted.");
throw;
}
result.Token = _security.CreateToken(_user.IDInternal, _userIdentity.Login);
result.UserName = _user.FirstName;
result.LastName = _user.LastName;
return result;
}
public IHttpActionResult Register(RegisterModel model)
{
if (!ModelState.IsValid)
{
return BadRequest(ModelState);
}
ApplicationUser user = new ApplicationUser()
{
Login = model.Email,
Password = model.Password,
FirstName = model.FirstName,
LastName = model.LastName
};
var result = _accountService.CreateUser(user);
if (!result.Succeeded)
{
return BadRequest(result.ToString());
}
return Ok(result);
}
