public IActionResult Change([FromBody] JObject values)
        {
            string username = (string)values["username"];
            string role     = (string)values["role"];

            try {
                using (var ctx = new UserContext())
                {
                    if (role.ToLower() != "user" && role.ToLower() != "admin")
                    {
                        return(BadRequest("NOT DONE: Role does not exist"));
                    }
                    else if (UserDatabaseAccess.CheckUser(ctx, username) == false)
                    {
                        return(BadRequest("NOT DONE: Username does not exist"));
                    }
                    else
                    {
                        UserDatabaseAccess.ChangeRole(ctx, username, role);
                        return(Ok("DONE"));
                    }
                }
            }
            catch
            {
                return(BadRequest("NOT DONE: An error occured"));
            }
        }
Beispiel #2
0
        protected override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
        {
            #region Task5
            // TODO:  Find if a header ‘ApiKey’ exists, and if it does, check the database to determine if the given API Key is valid
            //        Then authorise the principle on the current thread using a claim, claimidentity and claimsprinciple
            UserDatabaseAccess database = new UserDatabaseAccess();

            IEnumerable <string> tempkey;

            request.Headers.TryGetValues("ApiKey", out tempkey);

            if (tempkey != null)
            {
                string APIKey = tempkey.First();

                User temp = database.CheckKeyUser(APIKey);

                if (temp != null)
                {
                    Claim          name = new Claim(ClaimTypes.Name, temp.UserName);
                    Claim          type = new Claim(ClaimTypes.Role, temp.Role);
                    ClaimsIdentity key  = new ClaimsIdentity(temp.userID);
                    key.AddClaim(name);
                    key.AddClaim(type);

                    ClaimsPrincipal cPrincipal = new ClaimsPrincipal(key);

                    Thread.CurrentPrincipal = cPrincipal;
                }
            }
            #endregion
            return(base.SendAsync(request, cancellationToken));
        }
        protected override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
        {
            // Task5
            // TODO:  Find if a header ‘ApiKey’ exists, and if it does, check the database to determine if the given API Key is valid
            // Then authorise the principle on the current thread using a claim, claimidentity and claimsprinciple

            UserDatabaseAccess userDatabaseAccess = new UserDatabaseAccess();

            IEnumerable <string> values;

            request.Headers.TryGetValues("ApiKey", out values);
            if (values != null)
            {
                foreach (string v in values)
                {
                    if (userDatabaseAccess.CheckApi(v))
                    {
                        User user   = userDatabaseAccess.CheckApiForUser(v);
                        var  claims = new List <Claim>
                        {
                            new Claim(ClaimTypes.Name, user.UserName, ClaimTypes.Role, user.UserRole.ToString())
                        };
                        var id        = new ClaimsIdentity(claims, authenticationType: "ApiKey");
                        var principle = new ClaimsPrincipal(id);
                        Thread.CurrentPrincipal = principle;
                    }
                }
            }
            return(base.SendAsync(request, cancellationToken));
        }
        public HttpResponseMessage Get(HttpRequestMessage request, [FromUri] string message)
        {
            bool           userExists = false;
            string         response   = "Bad Request";
            HttpStatusCode statusCode = HttpStatusCode.BadRequest;

            string apiKey = request.Headers.GetValues("ApiKey").FirstOrDefault();

            RSACryptoServiceProvider rsa = WebApiConfig.RSA;

            using (rsa)
            {
                if (userExists = UserDatabaseAccess.checkUserKey(apiKey))
                {
                    byte[] signedMessage;

                    byte[] messageBytes = Encoding.ASCII.GetBytes(message);

                    SHA1CryptoServiceProvider sha1 = new SHA1CryptoServiceProvider();

                    signedMessage = rsa.SignData(messageBytes, sha1);

                    response = BitConverter.ToString(signedMessage);

                    statusCode = HttpStatusCode.OK;
                }
            }
            return(Request.CreateResponse <string>(statusCode, response));
        }
        protected override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
        {
            #region Task5
            // TODO:  Find if a header ‘ApiKey’ exists, and if it does, check the database to determine if the given API Key is valid
            //        Then authorise the principle on the current thread using a claim, claimidentity and claimsprinciple
            if (request.Headers.TryGetValues("ApiKey", out IEnumerable <string> headerValues))
            {
                if (UserDatabaseAccess.UserExists(new Guid(headerValues.FirstOrDefault()), out User user))
                {
                    UserDatabaseAccess.Log("User Requested " + request.RequestUri.ToString(), headerValues.First());
                    var claims = new List <Claim>();
                    claims.Add(new Claim(ClaimTypes.Name, user.UserName));
                    claims.Add(new Claim(ClaimTypes.Role, user.Role.ToString()));
                    claims.Add(new Claim(ClaimTypes.Authentication, user.ApiKey));

                    ClaimsIdentity identity = new ClaimsIdentity("ApiKey");
                    identity.AddClaims(claims);

                    ClaimsPrincipal principle = new ClaimsPrincipal();
                    principle.AddIdentity(new ClaimsIdentity(identity));

                    Thread.CurrentPrincipal = principle;
                }
            }
            return(base.SendAsync(request, cancellationToken));

            #endregion
        }
        public HttpResponseMessage Getsha256([FromUri] string message, HttpRequestMessage request)
        {
            string apiKey = request.Headers.GetValues("ApiKey").FirstOrDefault();

            HttpStatusCode statusCode = HttpStatusCode.BadRequest;

            bool userExists = false;

            byte[] messageBytes;

            string response = "Bad Request";

            byte[] responseBytes;

            if (message != null)
            {
                if (userExists = UserDatabaseAccess.checkUserKey(apiKey))
                {
                    messageBytes = Encoding.ASCII.GetBytes(message);
                    SHA256 sha = new SHA256CryptoServiceProvider();
                    responseBytes = sha.ComputeHash(messageBytes);
                    response      = BitConverter.ToString(responseBytes).Replace("-", "");
                    statusCode    = HttpStatusCode.OK;
                }
            }

            return(Request.CreateResponse <string>(statusCode, response));
        }
Beispiel #7
0
        protected override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
        {
            IEnumerable <string> key;

            request.Headers.TryGetValues("ApiKey", out key);
            if (key != null)
            {
                try
                {
                    Guid keyValid = new Guid(key.FirstOrDefault());
                }
                catch (Exception e)                                     //Can be used to log if needed
                {
                    return(base.SendAsync(request, cancellationToken)); //Don't send exception, user shouldn't get the error info.
                }
                UserDatabaseAccess dbUser = new UserDatabaseAccess();
                if (dbUser.DoesUserExist(key.First()))
                {
                    User    user      = dbUser.getUserIfExists(key.First());
                    Claim   claim     = new Claim("name", user.UserName);
                    Claim[] claimants = new Claim[1] {
                        claim
                    };
                    ClaimsIdentity  identity  = new ClaimsIdentity(claimants, "ApiKey");
                    ClaimsPrincipal principle = new ClaimsPrincipal(identity);
                    Thread.CurrentPrincipal = principle;
                }
            }
            return(base.SendAsync(request, cancellationToken));
        }
Beispiel #8
0
        public async Task <ActionResult <User> > PostUser([FromBody] string userName)
        {
            try
            {
                if (userName == "" || userName == null)
                {
                    throw new Exception("Oops. Make sure your body contains a string with your username and your Content - Type is Content - Type:application / json");
                }

                var userExists = await UserDatabaseAccess.UserExists(userName, base._context);

                if (userExists) //If the User entered Exists
                {
                    return(StatusCode(403, "Oops. This username is already in use. Please try again with a new username."));
                }

                var newUser = await UserDatabaseAccess.MakeUser(userName, base._context);

                return(StatusCode(200, newUser.ApiKey));
            }
            catch (Exception e)
            {
                return(StatusCode(400, e.Message));
            }
        }
Beispiel #9
0
        protected override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
        {
            #region Task5
            // TODO:  Find if a header ‘ApiKey’ exists, and if it does, check the database to determine if the given API Key is valid
            //        Then authorise the principle on the current thread using a claim, claimidentity and claimsprinciple
            #endregion
            if (request.Headers.Contains("ApiKey"))
            {
                string apiKeyHeaderValue = request.Headers.GetValues("ApiKey").FirstOrDefault();
                if (apiKeyHeaderValue != null && UserDatabaseAccess.checkUserKey(apiKeyHeaderValue))
                {
                    if (UserDatabaseAccess.checkUserKey(apiKeyHeaderValue))
                    {
                        User            user           = UserDatabaseAccess.checkUserRtnUsr(apiKeyHeaderValue);
                        ClaimsPrincipal claimPrincipal = new ClaimsPrincipal(new ClaimsIdentity(new Claim[]
                        {
                            new Claim(ClaimTypes.Name, user.UserName, ClaimValueTypes.String)
                        }, "ApiKey"));


                        Thread.CurrentPrincipal = claimPrincipal;
                    }
                }
            }


            return(base.SendAsync(request, cancellationToken));
        }
Beispiel #10
0
 public IActionResult PostChangeRole([FromHeader] string Apikey, [FromBody] roleParams rp)
 {
     try
     {
         if (Enum.TryParse(rp.Role, out Role r))
         {
             if (UserDatabaseAccess.UserChangeRole(_context, Apikey, rp.UserName, r))
             {
                 return(StatusCode(200, "DONE"));
             }
             else
             {
                 return(StatusCode(400, "NOT DONE: Username does not exist"));
             }
         }
         else
         {
             return(StatusCode(400, "NOT DONE: Role does not exist"));
         }
     }
     catch
     {
         return(StatusCode(400, "NOT DONE: An error occured"));
     }
 }
Beispiel #11
0
        public string POST([FromBody] User user)
        {
            string[] zoneStates = UserDatabaseAccess.getZoneState();
            int      zoneState  = Int32.Parse(zoneStates[Int32.Parse(user.Zone)]);

            if (user.Team == "Blue Team")
            {
                if (zoneState > 0)
                {
                    UserDatabaseAccess.updateDominance(Int32.Parse(user.Zone), user.Team, user.UserKey);
                }
            }
            else
            {
                if (zoneState < 100)
                {
                    UserDatabaseAccess.updateDominance(Int32.Parse(user.Zone), user.Team, user.UserKey);
                }
            }
            string[] returnArray  = UserDatabaseAccess.getZoneState();
            string   returnString = null;

            for (int i = 0; i < returnArray.Length; i++)
            {
                returnString = returnString + "," + returnArray[i];
            }
            return(returnString);
        }
        public IActionResult Delete([FromQuery] string username)
        {
            using (var pCtx = new UserContext())
            {
                this.Request.Query.TryGetValue("username", out var pUserName);
                this.Request.Headers.TryGetValue("ApiKey", out var pApiKey);

                User newUser = UserDatabaseAccess.returnUserfromApi(pApiKey, pCtx);
                try//Used for testing
                {
                    if (newUser == default)
                    {
                        return(Ok(false));//If newuser does not excist then return false
                    }
                    else if (newUser.APIKey == pApiKey && newUser.UserName == pUserName)
                    {
                        return(Ok(UserDatabaseAccess.removeUser(pApiKey, username, pCtx)));   //If both match then use method to remove the user and return ok
                    }
                    else
                    {
                        return(Ok(UserDatabaseAccess.removeUser(pApiKey, username, pCtx)));
                    }
                }
                catch (Exception e)
                {
                    return(BadRequest("NOT DONE: An error occured"));
                }
            }
        }
        public async Task <IActionResult> SignMessage([FromQuery] string Message, [FromHeader] string APIKey)
        {
            try
            {
                #region Register Log
                var user = await UserDatabaseAccess.GetUser(APIKey, base._context);

                string Method    = this.HttpContext.Request.Method;
                string Path      = this.HttpContext.Request.Path;
                var    logString = user.Role + " requested " + Method + " " + Path;

                await UserDatabaseAccess.AddLog(logString, user, base._context);

                #endregion

                if (Message == null)
                {
                    throw new Exception();
                }

                var byteMessage = Encoding.ASCII.GetBytes(Message);
                var signedData  = _RSA.SignData(byteMessage, new SHA1CryptoServiceProvider());
                var hexMessage  = EncryptionHelper.ByteArrayToHexString(signedData, true);

                return(StatusCode(200, hexMessage));
            }
            catch (Exception)
            {
                return(StatusCode(400, "Bad Request"));
            }
        }
        public async Task <IActionResult> GetSHA256([FromQuery] string message, [FromHeader] string APIKey)
        {
            try
            {
                #region Register Log
                var authUser = await UserDatabaseAccess.GetUser(APIKey, base._context);

                string Method = this.HttpContext.Request.Method;
                string Path   = this.HttpContext.Request.Path;
                var    Log    = authUser.Role + " requested " + Method + " " + Path;

                await UserDatabaseAccess.AddLog(Log, authUser, base._context);

                #endregion

                if (message == null)
                {
                    throw new Exception();
                }

                SHA256 SHA1Provider = new SHA256CryptoServiceProvider();

                byte[] ASCIIByteMessage = Encoding.ASCII.GetBytes(message);
                byte[] SHA1ByteMessage  = SHA1Provider.ComputeHash(ASCIIByteMessage);
                string Encrypted        = EncryptionHelper.ByteArrayToHexString(SHA1ByteMessage, false);

                return(StatusCode(200, Encrypted.ToUpper()));
            }
            catch (Exception)
            {
                return(StatusCode(400, "Bad Rquest"));
            }
        }
Beispiel #15
0
 public ActionResult RemoveUser(string uname, [FromHeader] string key)
 {
     if (UserDatabaseAccess.userCheck(uname))
     {
         if (UserDatabaseAccess.userApi(key, uname))
         {
             if (UserDatabaseAccess.deleteUser(uname))
             {
                 return(Ok(true));
             }
             else
             {
                 return(Ok(false));
             }
         }
         else
         {
             return(Ok("You cannot delete a user that is not yourself."));
         }
     }
     else
     {
         return(Ok("There is no user with that username."));
     }
 }
Beispiel #16
0
        public async Task InvokeAsync(HttpContext context, Models.UserContext dbContext)
        {
            #region Task5
            // TODO:  Find if a header ‘ApiKey’ exists, and if it does, check the database to determine if the given API Key is valid
            //        Then set the correct roles for the User, using claims

            var AuthAPIKey = context.Request.Headers["APIKey"].ToString();
            var verifyKey  = await UserDatabaseAccess.APIKeyExists(AuthAPIKey, dbContext);

            if (verifyKey)
            {
                var user = await UserDatabaseAccess.GetUser(AuthAPIKey, dbContext);

                if (user != null)
                {
                    var claimArray = new Claim[]
                    {
                        new Claim(ClaimTypes.Name, user.UserName),
                        new Claim(ClaimTypes.Role, user.Role)
                    };

                    context.User.AddIdentity(new ClaimsIdentity(claimArray, "APIKey"));
                }
            }
            #endregion

            // Call the next delegate/middleware in the pipeline

            await _next(context);
        }
Beispiel #17
0
        public async Task InvokeAsync(HttpContext context, Models.UserContext dbContext)
        {
            #region Task5
            // TODO:  Find if a header ‘ApiKey’ exists, and if it does, check the database to determine if the given API Key is valid
            //        Then set the correct roles for the User, using claims

            //string apiKey = context.Request.Headers["ApiKey"].FirstOrDefault(); //fix this statement (auth works, just need to grab apikey correctly)
            string apiKey = context.Request.Headers.FirstOrDefault(a => a.Key == "ApiKey").Value.ToString();

            var currentUser = UserDatabaseAccess.UserCheck_rObj(dbContext, apiKey);
            if (currentUser != null) //if user exists
            {
                var claimList = new List <Claim>()
                {
                    new Claim(ClaimTypes.Name, currentUser.UserName),
                    new Claim(ClaimTypes.Role, currentUser.Role.ToString())
                };
                var userId = new ClaimsIdentity(claimList, apiKey);
                context.User.AddIdentity(userId);
            }
            #endregion

            // Call the next delegate/middleware in the pipeline
            await _next(context);
        }
Beispiel #18
0
        public async Task <ActionResult <User> > DeleteUser([FromHeader] string APIKey, [FromQuery] string userName)
        {
            try
            {
                if (await UserDatabaseAccess.APIKeyExists(APIKey, base._context))
                {
                    var user = await UserDatabaseAccess.GetUser(APIKey, base._context);

                    #region Registering UserLog
                    string Method    = this.HttpContext.Request.Method;
                    string Path      = this.HttpContext.Request.Path;
                    var    logString = user.Role + " requested " + Method + " " + Path;

                    await UserDatabaseAccess.AddLog(logString, user, base._context);

                    #endregion

                    if (user.ApiKey == APIKey && user.UserName == userName)
                    {
                        await UserDatabaseAccess.BackupLog(APIKey, base._context);

                        await UserDatabaseAccess.RemoveUser(user, base._context);

                        return(StatusCode(200, true));
                    }
                }
                throw new Exception();
            }
            catch (Exception)
            {
                return(StatusCode(200, false));
            }
        }
        protected override async Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
        {
            //Task5
            // TODO:  Find if a header ‘ApiKey’ exists, and if it does, check the database to determine if the given API Key is valid
            //        Then authorise the principle on the current thread using a claim, claimidentity and claimsprinciple
            if (request.Headers.Contains("ApiKey"))
            {
                string Key      = request.Headers.GetValues("ApiKey").First();
                var    dbaccess = new UserDatabaseAccess();
                if (dbaccess.CheckUserKey(Key))
                {
                    User user = dbaccess.UserCheckKey(Key);

                    ClaimsIdentity identity = new ClaimsIdentity(new Claim[]
                    {
                        new Claim(ClaimTypes.Name, user.UserName),
                        new Claim(ClaimTypes.Role, user.Role)
                    }, Key);

                    Thread.CurrentPrincipal = new ClaimsPrincipal(identity);

                    return(await base.SendAsync(request, cancellationToken));
                }
            }

            return(await base.SendAsync(request, cancellationToken));
        }
 public ActionResult protectedSHA256([FromHeader] string key, string message)
 {
     try
     {
         if (String.IsNullOrEmpty(message))
         {
             if (UserDatabaseAccess.keyCheck(key))
             {
                 byte[] buffer = Encoding.ASCII.GetBytes(message);
                 var    sha    = SHA256.Create();
                 var    hash   = sha.ComputeHash(buffer);
                 return(Ok(hash));
             }
             else
             {
                 return(Ok());
             }
         }
         else
         {
             return(new StatusCodeResult(StatusCodes.Status400BadRequest));
         }
     }
     catch
     {
         return(new StatusCodeResult(StatusCodes.Status400BadRequest));
     }
 }
        public ActionResult publicKey([FromHeader] string key)
        {
            if (String.IsNullOrEmpty(key))
            {
                throw new ArgumentNullException("Couldn't get the public key");
            }
            if (UserDatabaseAccess.keyCheck(key))
            {
                byte[]        dataToChange = Encoding.ASCII.GetBytes(key);
                byte[]        encrpyt;
                byte[]        decryptData;
                RSAParameters publicKey;
                RSAParameters privateKey;
                string        str;
                using (RSACryptoServiceProvider rsa = new RSACryptoServiceProvider())
                {
                    rsa.PersistKeyInCsp = true;
                    publicKey           = rsa.ExportParameters(false);
                    privateKey          = rsa.ExportParameters(true);

                    encrpyt     = RSAInternal.RSAEncrypt(dataToChange, publicKey);
                    str         = RSACryptoExtensions.ToXmlStringCore22(rsa, false);
                    decryptData = RSAInternal.RSADecrypt(encrpyt, privateKey);
                    RSACryptoExtensions.FromXmlStringCore22(rsa, str);
                }
                return(Ok(str));
            }
            else
            {
                return(Ok("ApiKey invalid"));
            }
        }
        protected override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
        {
            #region Task5
            // TODO:  Find if a header ‘ApiKey’ exists, and if it does, check the database to determine if the given API Key is valid
            //        Then authorise the principle on the current thread using a claim, claimidentity and claimsprinciple

            IEnumerable <string> headerValues;
            string headerKey = "";

            if (request.Headers.TryGetValues("ApiKey", out headerValues))
            {
                headerKey = headerValues.First();
                UserDatabaseAccess accessor = new UserDatabaseAccess();
                User existingUser           = accessor.CheckandGetUserExists(headerKey);

                //Will check for user even if nothing exists as header key is "".
                //Maybe not the best idea for efficiency but it's ok for now.
                if (existingUser != null)
                {
                    //Then the key is valid.
                    Claim           claim     = new Claim(ClaimTypes.Name, existingUser.m_UserName);
                    ClaimsIdentity  identity  = new ClaimsIdentity(new[] { claim }, "ApiKey");
                    ClaimsPrincipal principal = new ClaimsPrincipal(identity);
                    Thread.CurrentPrincipal = principal;
                }
            }
            #endregion
            return(base.SendAsync(request, cancellationToken));
        }
Beispiel #23
0
        public HttpResponseMessage Post([FromBody] JObject username)
        {
            string user = username.GetValue("username").ToString();
            string role = username.GetValue("role").ToString();

            if (role == "User" || role == "Admin")
            {
                var dbaccess = new UserDatabaseAccess();
                if (!dbaccess.CheckUserName(user))
                {
                    return(Request.CreateResponse(HttpStatusCode.BadRequest, "NOT DONE: Username does not exist"));
                }
                else if (dbaccess.ChangeRole(user, role))
                {
                    return(Request.CreateResponse(HttpStatusCode.OK, "DONE"));
                }
                else
                {
                    return(Request.CreateResponse(HttpStatusCode.BadRequest, "NOT DONE: An error occured"));
                }
            }
            else
            {
                return(Request.CreateResponse(HttpStatusCode.BadRequest, "NOT DONE: Role does not exist"));
            }
        }
        public async Task <IActionResult> GetPublicKey([FromHeader] string APIKey)
        {
            try
            {
                #region Register Log
                var user = await UserDatabaseAccess.GetUser(APIKey, base._context);

                string Method    = this.HttpContext.Request.Method;
                string Path      = this.HttpContext.Request.Path;
                var    logString = user.Role + " requested " + Method + " " + Path;

                await UserDatabaseAccess.AddLog(logString, user, base._context);

                #endregion

                _RSA.ExportParameters(false);
                string xmlKey = _RSA.ToXmlStringCore22(false);

                return(StatusCode(200, xmlKey));
            }
            catch (Exception)
            {
                return(StatusCode(400, "Bad Request"));
            }
        }
 public string New([FromQuery] string username)
 {
     using (var ctx = new UserContext())
     {
         return(UserDatabaseAccess.CheckUser(ctx, username) == true
         ? "True - User Does Exist! Did you mean to do a POST to create a new user?"
         : "False - User Does Not Exist! Did you mean to do a POST to create a new user?");
     }
 }
        public HttpResponseMessage Get()
        {
            string key      = Request.Headers.GetValues("ApiKey").First();
            var    dbaccess = new UserDatabaseAccess();

            dbaccess.KeyReturnUsername(key);
            {
                return(Request.CreateResponse(HttpStatusCode.OK, "Hello " + dbaccess.KeyReturnUsername(key)));
            }
        }
        public HttpResponseMessage GET()
        {
            String[] resultArray = UserDatabaseAccess.getTopScores();
            string   result      = null;

            for (int i = 0; i < resultArray.Length; i++)
            {
                result = result + "," + resultArray[i];
            }
            return(Request.CreateResponse(HttpStatusCode.Accepted, result));
        }
        public IActionResult changeRole([FromBody] User user)
        {
            int    code    = 400;
            string message = UserDatabaseAccess.changeRole(user);

            if (message == "DONE")
            {
                code = 200;
            }
            return(StatusCode(code, message));
        }
Beispiel #29
0
 public IActionResult DeleteRemoveUser([FromHeader] string ApiKey, [FromQuery] string username)
 {
     if (UserDatabaseAccess.UserRemove(_context, ApiKey, username))
     {
         return(StatusCode(200, "User deleted"));
     }
     else
     {
         return(StatusCode(200, "User not found"));
     }
 }
 public HttpResponseMessage Get([FromUri] string username)
 {
     try
     {
         if (UserDatabaseAccess.UserExists(username))
         {
             return(Request.CreateResponse(HttpStatusCode.OK, "True - User Does Exist! Did you mean to do a POST to create a new user?"));
         }
         return(Request.CreateResponse(HttpStatusCode.OK, "False - User Does Not Exist! Did you mean to do a POST to create a new user?"));
     }
     catch (Exception e) { return(Request.CreateResponse(HttpStatusCode.BadRequest, e.Message)); }
 }