public async Task <IActionResult> SignUp(string username, string password, string email)
{
// 1. Ensure email isn't used
if (!_authService.emailAvailable(email))
{
return(BadRequest("Account with username already exists."));
}
// 2. Ensure password meets guidelines
if (!_authService.validPassword(password))
{
return(BadRequest("Passwords must be atleast 6 characters."));
}
// 3. Generate password salt.
var salt = _authService.generateSalt();
// 4. Hash salt+password
var hashedPassword = _authService.hashPassword(salt, password);
// 5. Store both in the database
var newUser = new User()
{
username = username,
email = email,
passwordSalt = salt,
passwordHash = hashedPassword,
};
_context.Add(newUser);
await _context.SaveChangesAsync();
// 6. Return new valid JWT within a User object
return(new ObjectResult(new Models.Public.Response.AuthedUser
{
id = newUser.userID,
username = newUser.username,
token = _authService.GenerateToken(newUser.userID.ToString()),
}));
}
