Beispiel #1
0
        public async Task<IHttpActionResult> Post(UserModel userModel)
        {
            if (userModel.Password != userModel.ConfirmPassword)
            {
                ModelState.AddModelError(string.Empty, "Password mismatch. Please try again.");
            }

            var principal = RequestContext.Principal as ClaimsPrincipal;
            if (principal != null && !principal.IsInRole("Admin"))
            {
                ModelState.AddModelError(string.Empty, "No permissions. Only admins are able to create users");
            }

            User user = _authRepository.FindUserByUserName(userModel.Login);
            if (user != null)
            {
                ModelState.AddModelError(string.Empty, "User with the same login already exist");
            }

            if (!ModelState.IsValid)
            {
                return BadRequest(ModelState);
            }

            user = _mapper.MapUserModel(userModel);

            IdentityResult result = await _authRepository.RegisterUser(user, userModel.Password);

            IHttpActionResult errorResult = GetErrorResult(result);

            if (errorResult != null)
            {
                return errorResult;
            }

            return Ok();
        }
Beispiel #2
0
        public async Task<IHttpActionResult> Put(UserModel userModel)
        {
            if (!ModelState.IsValid)
            {
                return BadRequest(ModelState);
            }

            var principal = RequestContext.Principal as ClaimsPrincipal;
            if (principal != null && !principal.IsInRole("Admin"))
            {
                return BadRequest("No permissions. Only admins are able to update users");
            }

            try
            {
                var user = _authRepository.FindUser(userModel.Id);
                user = _mapper.Map(userModel, user);

                if (!userModel.Password.IsNullOrEmpty() &&
                    !userModel.ConfirmPassword.IsNullOrEmpty())
                {
                    if (!String.Equals(userModel.Password, userModel.ConfirmPassword))
                    {
                        throw new Exception("Passwords mismatch, pleasy try again.");
                    }
                    _userService.ForceChangePassword(userModel.Id, userModel.Password);
                    user.ChangePasswordOnLogin = true;
                }
                var errorResult = GetErrorResult(_authRepository.UpdateUser(user));

                if (errorResult != null)
                {
                    return errorResult;
                }
            }
            catch (Exception ex)
            {
                _logService.Log(LoggingHelper.CreateErrorLog(HttpContext.Current, ex));
                return BadRequest(ex.Message);
            }

            return Ok();
        }