public async Task <Web_AuthResponse <bool> > LogoutUser(string token)
{
return(await AuthHelper.WithUser(token, async (user, db) => {
var fullUser = await db.Users.FirstAsync(x => x.Id == user.Id);
fullUser.SessionToken = Util.GetCryptoGuid().ToString() + Util.GetCryptoGuid().ToString();
await db.SaveChangesAsync();
return true;
}));
}
public async Task <Web_AuthResponse <Web_User> > UserGet(string token, int id)
{
return(await AuthHelper.WithUser(token, async (user, db) => {
if (!user.IsAdmin || user.Id != id)
{
throw new AuthException("User must be an administrator.");
}
var dbUser = await db.Users.FirstAsync(x => x.Id == id);
var userSummary = new Web_User();
userSummary.PullData(dbUser);
return userSummary;
}));
}
public async Task <Web_AuthResponse <List <Web_User> > > UserList(string token)
{
return(await AuthHelper.WithUser(token, async (user, db) => {
if (!user.IsAdmin)
{
throw new AuthException("User must be an administrator.");
}
var allUsersDb = await db.Users.OrderBy(x => x.Name).ToListAsync();
return allUsersDb.Select(x => {
var userSummary = new Web_User();
userSummary.PullData(x);
return userSummary;
}).ToList();
}));
}
public async Task <Web_AuthResponse <bool> > SetPassword(string token, int id, string password)
{
return(await AuthHelper.WithUser(token, async (user, db) => {
if (id != user.Id && !user.IsAdmin)
{
throw new AuthException("User does not have permission to reset this password.");
}
var dbUser = await db.Users.FirstAsync(x => x.Id == id);
password = AuthHelper.GetDoubleHashedPassword(password);
dbUser.PasswordHash = password;
await db.SaveChangesAsync();
return true;
}));
}
public async Task <Web_AuthResponse <Web_User> > UserEdit(string token, int id, [FromBody] Web_User user)
{
return(await AuthHelper.WithUser(token, async (currentUser, db) => {
var self = this;
if (!currentUser.IsAdmin || user.id != id)
{
throw new AuthException("User must be an administrator.");
}
if (!currentUser.IsAdmin)
{
//We could do this with a reflection attribute, it would put this in the web model
user.isAdmin = null;
user.email = null;
user.enabled = null;
}
user.email = user.email?.Trim().ToLower();
if (user.email == "")
{
throw new ArgumentException("Empty email set.");
}
var existingUser = await db.Users.FirstAsync(x => x.Id == id);
if (existingUser.Id == 1)
{
user.enabled = true;
user.isAdmin = true;
}
else
{
var isDuplicateEmail = await db.Users
.AnyAsync(x => x.Id != id && x.Email != null && x.Email == user.email);
if (isDuplicateEmail)
{
throw new ArgumentException("Email is already in use.");
}
}
user.PushData(existingUser);
await db.SaveChangesAsync();
user.PullData(existingUser);
return user;
}));
}
public async Task <Web_AuthResponse <Web_User> > UserCreate(string token)
{
return(await AuthHelper.WithUser(token, async (currentUser, db) => {
if (!currentUser.IsAdmin)
{
throw new AuthException("User must be an administrator.");
}
var newUser = new User()
{
Name = "_New User_",
SessionToken = (Util.GetCryptoGuid().ToString() + Util.GetCryptoGuid().ToString()).Replace("-", "").ToLower(),
PasswordHash = Util.GetCryptoGuid().ToString().Replace("-", ""),
PasswordSalt = Util.GetCryptoGuid(),
};
db.Users.Add(newUser);
await db.SaveChangesAsync();
var ret = new Web_User();
ret.PullData(newUser);
return ret;
}));
}