public IActionResult Get(string token_s)
        {
            try
            {
                Users specifiedUser = _query.APIGetByEmail(token_s, _context);

                if (specifiedUser == null || specifiedUser.AuthTokenExpiration < DateTime.Now)
                {
                    return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK,
                                                                                           String.Empty, false, 2, "Validation error", "Provided token is not valid")));
                }
                return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK,
                                                                                       String.Empty, true, 0, "Valid", "Provided token is valid")));
            }
            catch (Exception ex)
            {
                ErrInfLogger.LockInstance.ErrorLog(ex.ToString());
                return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.BadRequest,
                                                                                       String.Empty, false, 4, "Exception", "Application exception thrown")));
            }
        }
Beispiel #2
0
        public IActionResult Post(Users newUser)
        {
            if (_query.APIGetByEmail(newUser.Email, _context) != null)
            {
                return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK,
                                                                                       String.Empty, false, 5, "User exists", "User exists in database")));
            }

            if (XSS.CheckIfTooLong(newUser.Email, 30))
            {
                return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK,
                                                                                       String.Empty, false, 7, "Bad email", "The email is too long")));
            }

            if (XSS.CheckIfContains(newUser.Email, XSS.forbiddenList_s))
            {
                return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK,
                                                                                       String.Empty, false, 8, "Bad email", "The email contains forbidden signs")));
            }

            if (XSS.CheckIfTooLong(newUser.HashPassword, 50))
            {
                return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK,
                                                                                       String.Empty, false, 7, "Bad password", "The password is too long")));
            }

            if (XSS.CheckIfTooLong(newUser.Name, 20))
            {
                return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK,
                                                                                       String.Empty, false, 7, "Bad name", "The name is too long")));
            }

            if (!XSS.CheckIfAlphaNum(newUser.Name))
            {
                return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK,
                                                                                       String.Empty, false, 8, "Bad name", "The name contains forbidden signs")));
            }

            if (XSS.CheckIfTooLong(newUser.Surname, 20))
            {
                return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK,
                                                                                       String.Empty, false, 7, "Bad surname", "The surname is too long")));
            }

            if (!XSS.CheckIfAlphaNum(newUser.Surname))
            {
                return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK,
                                                                                       String.Empty, false, 8, "Bad surname", "The surname contains forbidden signs")));
            }

            try
            {
                _query.APIPost(newUser, _context);
            }
            catch (Exception ex)
            {
                ErrInfLogger.LockInstance.ErrorLog(ex.ToString());
                return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.BadRequest,
                                                                                       String.Empty, false, 4, "Exception", "Application exception thrown")));
            }
            return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK,
                                                                                   String.Empty, true, 0, "Created", "User created in database")));
        }