Ejemplo n.º 1
0
        public IHttpActionResult PutUser(int id, [FromBody] User newUser)
        {
            var permission = JwtAuth.GetTokenPermission(Request.Headers.Authorization.Parameter);
            var tokenId    = JwtAuth.GetTokenId(Request.Headers.Authorization.Parameter);

            if ((permission & 1) <= 0)
            {
                return(BadRequest("權限不足"));
            }
            if (tokenId != id)
            {
                return(BadRequest("使用者錯誤"));
            }
            if (!ModelState.IsValid)
            {
                return(BadRequest(ModelState));
            }
            var user = _db.Users.Find(id);

            user.PasswordSalt     = Salt.CreateSalt();
            user.Password         = Salt.GenerateHashWithSalt(newUser.Password, user.PasswordSalt);
            user.Nickname         = newUser.Nickname ?? user.Nickname;
            user.Name             = newUser.Name ?? user.Name;
            user.Picture          = newUser.Picture ?? user.Picture;
            user.Email            = newUser.Email ?? user.Email;
            user.Phone            = newUser.Phone ?? user.Phone;
            user.Birthday         = user.Birthday;
            _db.Entry(user).State = EntityState.Modified;
            try
            {
                _db.SaveChanges();
            }
            catch (Exception e)
            {
                return(BadRequest(e.Message));
            }
            return(Ok(id));
        }
Ejemplo n.º 2
0
 public IHttpActionResult PostUser([FromBody] User user)
 {
     if (!ModelState.IsValid)
     {
         return(BadRequest(ModelState));
     }
     if (_db.Users.FirstOrDefault(data => data.Account == user.Account) != null)
     {
         return(BadRequest("帳號已存在"));
     }
     user.PasswordSalt = Salt.CreateSalt();
     user.Password     = Salt.GenerateHashWithSalt(user.Password, user.PasswordSalt);
     user.Permission   = 127;
     _db.Users.Add(user);
     try
     {
         _db.SaveChanges();
         return(Ok(user.Id));
     }
     catch (Exception e)
     {
         return(BadRequest(e.Message));
     }
 }