public ActionResult <AuthenticateResponseDTO> Authenticate([FromBody] AuthenticateRequestDTO model) { var dbUser = _userService.Get(u => u.Name == model.Name).FirstOrDefault(); if (null == dbUser) { return(BadRequest(new { error = "User does not exist" })); } else if (PasswordManager.GeneratePasshash(dbUser.Salt, model.Password) != dbUser.Passhash) { return(BadRequest(new { error = "Email or password is incorrect" })); } var userToken = TokenProvider.GenerateToken(dbUser); return(Ok(new AuthenticateResponseDTO(dbUser, userToken))); }
public ActionResult <UserDTO> PutUpdatePass(int id, [FromBody] AuthenticateRequestDTO user) { var updatedUser = _userService.Get(u => u.Id == id).FirstOrDefault(); if (null == updatedUser) { return(NotFound(new { error = "User not found" })); } if (updatedUser.Name != User.FindFirst(ClaimTypes.Name).Value) { return(BadRequest(new { error = "Cannot update password from another user" })); } updatedUser.Salt = PasswordManager.GenerateSalt(updatedUser.Name); updatedUser.Passhash = PasswordManager.GeneratePasshash(updatedUser.Salt, user.Password); return(Ok(_mapper.Map <UserDTO>(_userService.Update(updatedUser)))); }
public ActionResult <UserDTO> Post([FromBody] UserFormDTO userForm) { if (null != _userService.Get(u => u.Name == userForm.Name).FirstOrDefault()) { return(Conflict(new { error = "User alredy exist!" })); } var role = _roleService.Get(r => r.Name == userForm.Role.ToLower()).FirstOrDefault(); if (null == role) { return(BadRequest(new { error = "Role does not exist" })); } UserModel user = new UserModel() { Name = userForm.Name, RoleId = role.Id, CreatedAt = DateTime.UtcNow, Salt = PasswordManager.GenerateSalt(userForm.Name) }; user.Passhash = PasswordManager.GeneratePasshash(user.Salt, userForm.Password); return(Created("", _mapper.Map <UserDTO>(_userService.Create(user)))); }