private HttpCookie SetRegistrationCookie(RegisterUserResponse response) { var customPrincipalViewModel = new CustomPrincipalViewModel { Id = response.UserLogin.Id, FirstName = response.FirstName, LastName = response.LastName, AuthorizationRoles = response.AuthorizationRoles }; var userData = new JavaScriptSerializer().Serialize(customPrincipalViewModel); var authTicket = new FormsAuthenticationTicket(1, response.CustomerId.ToString(), DateTime.Now, DateTime.Now.AddMinutes(60), false, userData); var encryptedTicket = _formsAuthentication.Encrypt(authTicket); return new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket) { HttpOnly = true, Expires = authTicket.Expiration }; }
public RegisterUserResponse RegisterUserLogin(RegisterUserRequest request) { var response = new RegisterUserResponse { HasIssues = false, ErrorMessage = string.Empty }; string errorMessage; if (!_membershipValidator.IsValid(request.EmailAddress, request.Password, out errorMessage)) { response.UserLogin.IsAuthenticated = false; response.HasIssues = true; response.ErrorMessage = errorMessage; return response; } var userLoginQuery = new Query(); userLoginQuery.Add(Criterion.Create<UserLogin>(u => u.Username, request.EmailAddress, CriteriaOperator.Equal)); if (_userLoginRepository.Exists(userLoginQuery)) { response.UserLogin = null; response.HasIssues = true; response.ErrorMessage = "A user with that email address already exists."; return response; } var userLogin = new UserLogin { Username = request.EmailAddress, Password = _encryptor.HashPassword(request.Password, 8) }; ThrowExceptionIfUserLoginIsInvalid(userLogin); _userLoginRepository.Add(userLogin); // Create the customer if (_customerRepository.Exists(request.FirstName, request.LastName, request.EmailAddress)) { throw new CustomerExistsException(string.Format("Customer already exists: {0} ,{1} ,{2}.", request.FirstName, request.LastName, request.EmailAddress)); } var customer = new Customer { FirstName = request.FirstName, LastName = request.LastName, EmailAddress = request.EmailAddress, UserLogin = userLogin }; ThrowExceptionIfCustomerIsInvalid(customer); _customerRepository.Save(customer); _uow.Commit(); userLogin.IsAuthenticated = true; response.CustomerId = customer.Id; response.FirstName = customer.FirstName; response.LastName = customer.LastName; response.UserLogin = userLogin.ConvertToUserLoginView(); return response; }