public IActionResult Post([FromBody] User user)
{
if (string.IsNullOrEmpty(user.Password) || string.IsNullOrEmpty(user.Username))
{
return(StatusCode(500, "User cannot have empty password or username"));
}
if (user.Password.Length < 6)
{
return(StatusCode(500, "User password need to have min 6 signs"));
}
var salt = HashPassword.GenerateSalt();
var password = HashPassword.GeneratePassword(salt, user.Password);
user.Password = password;
user.Salt = salt;
var existingUser = Users.FirstOrDefault(x => x.Username == user.Username || x.Email == user.Email);
if (existingUser != null)
{
return(StatusCode(500, "Already exist user with that username or email"));
}
_db.Users.Add(user);
_db.SaveChanges();
return(Ok());
}
public ActionResult <User> Login([FromBody] LoginDto login)
{
var user = _db.Users.FirstOrDefault(x => x.Username == login.Username);
if (user == null)
{
return(StatusCode(500, "Invalid username/password"));
}
if (user.Password != HashPassword.GeneratePassword(user.Salt, login.Password))
{
return(StatusCode(500, "Invalid username/password"));
}
user.Token = RandomString.GenerateString(8);
_db.Users.Update(user);
_db.SaveChanges();
return(user);
}
public void RemindPass(string email, string url)
{
// Создаем данные для отправки
// Генерируем код потверждения
string code = JsonConvert.SerializeObject(new { guid = Guid.NewGuid(), login = login });
code = code.Replace('"', '\'');
url = url + "?code=" + code;
char[] newPass = HashPassword.GeneratePassword(6); // Генерируем новый пароль длиной в 6 символов
// Отправляем письмо с паролем и кодом подтверждения
MailSender.SendEmailToNewPass(email, login, newPass, url, MailSender.FromEmailServer.gmail);
logger.Warn(string.Format("Mail to recover access sended to email: '{0}'.", email));
// Сохраняем новый пароль, код подтверждения и дату устаревания в хранилище данных
string newPassHash = Convert.ToBase64String(HashPassword.HashPass(newPass, new byte[0]));
BlogSettings.Current.TurnOnPassRemind(newPassHash, code, DateTime.Now.AddDays(1));
}
public IActionResult Put([FromBody] User user)
{
var u = Users.FirstOrDefault(x => x.Id == user.Id);
byte[] salt = null;
if (string.IsNullOrEmpty(user.Password))
{
user.Password = u.Password;
salt = u.Salt;
}
else
{
salt = HashPassword.GenerateSalt();
}
if (user.Password.Length < 6)
{
return(StatusCode(500, "User password need to have min 6 signs"));
}
var newPassword = HashPassword.GeneratePassword(salt, user.Password);
user.Password = newPassword;
user.Salt = salt;
var existingUser = Users.FirstOrDefault(x => (x.Username == user.Username || x.Email == user.Email) && x.Id != user.Id);
if (existingUser != null)
{
return(StatusCode(500, "Already exist user with that username or email"));
}
u.Password = newPassword;
u.Salt = salt;
u.Email = user.Email;
u.FirstName = user.FirstName;
u.LastName = user.LastName;
u.Username = user.Username;
_db.Users.Update(u);
_db.SaveChanges();
return(Ok());
}