public async Task <ActionResult <User> > PostUser([FromBody] string userName) { try { if (userName == "" || userName == null) { throw new Exception("Oops. Make sure your body contains a string with your username and your Content - Type is Content - Type:application / json"); } var userExists = await UserDatabaseAccess.UserExists(userName, base._context); if (userExists) //If the User entered Exists { return(StatusCode(403, "Oops. This username is already in use. Please try again with a new username.")); } var newUser = await UserDatabaseAccess.MakeUser(userName, base._context); return(StatusCode(200, newUser.ApiKey)); } catch (Exception e) { return(StatusCode(400, e.Message)); } }
protected override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) { #region Task5 // TODO: Find if a header ‘ApiKey’ exists, and if it does, check the database to determine if the given API Key is valid // Then authorise the principle on the current thread using a claim, claimidentity and claimsprinciple if (request.Headers.TryGetValues("ApiKey", out IEnumerable <string> headerValues)) { if (UserDatabaseAccess.UserExists(new Guid(headerValues.FirstOrDefault()), out User user)) { UserDatabaseAccess.Log("User Requested " + request.RequestUri.ToString(), headerValues.First()); var claims = new List <Claim>(); claims.Add(new Claim(ClaimTypes.Name, user.UserName)); claims.Add(new Claim(ClaimTypes.Role, user.Role.ToString())); claims.Add(new Claim(ClaimTypes.Authentication, user.ApiKey)); ClaimsIdentity identity = new ClaimsIdentity("ApiKey"); identity.AddClaims(claims); ClaimsPrincipal principle = new ClaimsPrincipal(); principle.AddIdentity(new ClaimsIdentity(identity)); Thread.CurrentPrincipal = principle; } } return(base.SendAsync(request, cancellationToken)); #endregion }
public HttpResponseMessage Get([FromUri] string username) { try { if (UserDatabaseAccess.UserExists(username)) { return(Request.CreateResponse(HttpStatusCode.OK, "True - User Does Exist! Did you mean to do a POST to create a new user?")); } return(Request.CreateResponse(HttpStatusCode.OK, "False - User Does Not Exist! Did you mean to do a POST to create a new user?")); } catch (Exception e) { return(Request.CreateResponse(HttpStatusCode.BadRequest, e.Message)); } }
public HttpResponseMessage Get(HttpRequestMessage httpRequest) { try { if (httpRequest.Headers.TryGetValues("ApiKey", out IEnumerable <string> headerValue)) { if (UserDatabaseAccess.UserExists(new Guid(headerValue.FirstOrDefault()), out User user)) { return(Request.CreateResponse(HttpStatusCode.OK, "Hello " + user.UserName)); } } return(Request.CreateResponse(HttpStatusCode.BadRequest, "Bad Request")); } catch (Exception e) { return(Request.CreateResponse(HttpStatusCode.BadRequest, e.Message)); } }
public HttpResponseMessage Delete([FromUri] string username, HttpRequestMessage httpRequest) { try { if (httpRequest.Headers.TryGetValues("ApiKey", out IEnumerable <string> headerValues)) { if (UserDatabaseAccess.UserExists(new Guid(headerValues.FirstOrDefault()).ToString(), username)) { UserDatabaseAccess.DeleteUser(new Guid(headerValues.FirstOrDefault()).ToString()); return(Request.CreateResponse(HttpStatusCode.OK, true)); } } return(Request.CreateResponse(HttpStatusCode.OK, false)); } catch (Exception e) { return(Request.CreateResponse(HttpStatusCode.BadRequest, e.Message)); } }
public async Task <IActionResult> UpdateRole([FromBody] User updateUser, [FromHeader] string APIKey) { try { //if (updateUser.UserName == "" || updateUser.Role == "") // throw new Exception("NOT DONE: An error occured"); var userExists = await UserDatabaseAccess.UserExists(updateUser.UserName, base._context); if (!userExists) { throw new Exception("NOT DONE: Username does not exist"); } var user = await UserDatabaseAccess.GetUserWithName(updateUser.UserName, base._context); string[] allowedRoles = { "Admin", "User" }; if (!allowedRoles.Contains(updateUser.Role)) { throw new Exception("NOT DONE: Role does not exist"); } else if (allowedRoles.Contains(updateUser.Role)) { await UserDatabaseAccess.ChangeRole(updateUser, user, _context); var authUser = await UserDatabaseAccess.GetUser(APIKey, base._context); string Method = this.HttpContext.Request.Method; string Path = this.HttpContext.Request.Path; var Log = authUser.Role + " requested " + Method + " " + Path; await UserDatabaseAccess.AddLog(Log, authUser, base._context); return(StatusCode(200, "DONE")); } throw new Exception("NOT DONE: An error occured"); } catch (Exception e) { return(StatusCode(400, e.Message)); } }
public HttpResponseMessage Post([FromBody] string username) { try { if (UserDatabaseAccess.UserExists(username)) { return(Request.CreateResponse(HttpStatusCode.Forbidden, "Oops. This username is already in use. Please try again with a new username.")); } else if (string.IsNullOrEmpty(username)) { return(Request.CreateResponse(HttpStatusCode.BadRequest, "Oops. Make sure your body contains a string with your username and your Content-Type is Content-Type:application/json")); } else { return(Request.CreateResponse(HttpStatusCode.OK, UserDatabaseAccess.CreateUser(username).ApiKey)); } } catch (Exception e) { return(Request.CreateResponse(HttpStatusCode.BadRequest, e.Message)); } }
public HttpResponseMessage ChangeRole([FromBody] JObject jObject, HttpRequestMessage httpRequest) { try { string username = jObject["username"].ToString(); Roles newRole; try { newRole = (Roles)Enum.Parse(typeof(Roles), jObject["role"].ToString()); } catch (Exception) { return(Request.CreateResponse(HttpStatusCode.BadRequest, "NOT DONE: Role does not exist")); } if (!UserDatabaseAccess.UserExists(username)) { return(Request.CreateResponse(HttpStatusCode.BadRequest, "NOT DONE: Username does not exist")); } if (!UserDatabaseAccess.ChangeRole(username, newRole)) { return(Request.CreateResponse(HttpStatusCode.BadRequest, "NOT DONE: An error occurred")); } return(Request.CreateResponse(HttpStatusCode.OK, "DONE")); } catch (Exception e) { return(Request.CreateResponse(HttpStatusCode.BadRequest, e.Message)); } }
public async Task <ActionResult <User> > GetUser([FromQuery] string userName) { try { bool userExists = await UserDatabaseAccess.UserExists(userName, _context); if (userExists) { return(StatusCode(200, "True - User Does Exist! Did you mean to do a POST to create a new user?")); } else if (!userExists || userName == null) { throw new Exception(); } throw new Exception(); } catch (Exception) { return(StatusCode(200, "False - User Does Not Exist! Did you mean to do a POST to create a new user?")); } }