public static void UpateModel(ref UsersDataStore target, UserNewRequest source)
{
target.CompanyId = source.CompanyId;
target.Email = source.Email;
target.FirebaseToken = source.FirebaseToken;
target.Password = source.Password;
target.Username = source.Username;
target.Role = source.Role;
}
public static UsersDataStore ToModel(this UserNewRequest source)
{
var target = new UsersDataStore();
target.CompanyId = source.CompanyId;
target.Email = source.Email;
target.FirebaseToken = source.FirebaseToken;
target.Password = EncryptionUtil.Encrypt(source.Password);
target.Username = source.Username;
target.Role = source.Role;
return(target);
}
public virtual Task <int> RegisterUserAsync(UserNewRequest source)
{
var targetRecord = GetUserByName(source.Username);
if (targetRecord == null)
{
this._thermoDataContext.Users.Add(source.ToModel());
return(this._thermoDataContext.SaveChangesAsync());
}
else
{
return(Task.FromResult(-1));
}
}
public async Task <IActionResult> Register([FromBody] UserNewRequest model)
{
try
{
var result = await _personDataService.RegisterUserAsync(model);
if (result > 0)
{
return(Ok(result));
}
}
catch (Exception ex)
{
return(BadRequest(new { message = ex.Message }));
}
return(BadRequest());
}
public ActionResult NewUserRequest(UserNewRequest model)
{
try
{
if (ModelState.IsValid)
{
ViewBag.Area = new SelectList(context.Area, "AreaId", "AreaName");
context.UserNewRequest.Add(model);
context.SaveChanges();
return(RedirectToAction("Index", "Home"));
}
else
{
ViewBag.Area = new SelectList(context.Area, "AreaId", "AreaName");
return(View());
}
}
catch
{
return(View());
}
}
public static void Start(CaveDb db, Func <bool> isCommandLine, List <RegisterDelegate> endPoints, out Func <HttpContext, Action <UserSession>, Task> handleSession)
{
RandomNumberGenerator rng = RandomNumberGenerator.Create();
Func <int, byte[]> getRng = cnt =>
{
byte[] data = new byte[cnt];
rng.GetBytes(data);
return(data);
};
Func <HttpContext, Action <UserSession>, Task> innerHandleSession = BuildHandleSession(db, isCommandLine);
handleSession = innerHandleSession;
Task handleResponse <T>(HttpContext ctx, Func <UserSession, T, Task> action) where T : Response, new()
{
return(innerHandleSession(ctx, async session =>
{
T response = new T();
response.SetSuccess();
try
{
await action(session, response);
}
catch (Exception ex)
{
response.SetFail(HttpStatusCode.InternalServerError, $"Exception thrown: {ex.Message} \r\n {ex.StackTrace}");
}
ctx.WriteHeader(Mimes.Json, HttpStatusCode.OK);
await ctx.WriteBodyObject(response);
}));
}
// define endpoints
endPoints.Post("/login", async ctx =>
{
// read body
var login = await ctx.ReadBody <LoginRequest>();
// get login
var loginResponse = Login(db, isCommandLine, getRng, login);
// return body
ctx.WriteHeader(Mimes.Json, HttpStatusCode.OK);
await ctx.WriteBodyObject(loginResponse);
});
endPoints.Get("/user/profile", async ctx =>
{
await innerHandleSession(ctx, async session =>
{
ctx.WriteHeader(Mimes.Json, HttpStatusCode.OK);
await ctx.WriteBodyObject(new
{
session.UserId,
session.User.Email,
session.User.Profile,
session.User.Permissions,
Status = 200
});
});
});
endPoints.Get("/user", async ctx =>
{
await handleResponse <ItemsResponse <User> >(ctx, async(session, response) =>
{
if (!session.User.Permissions.Contains('A'))
{
ctx.Unauthorized();
return;
}
var users = db.Users.Find(u => true).ToList().ToArray();
response.Items = users;
});
});
endPoints.Put("/user", async ctx =>
{
await handleResponse <Response>(ctx, async(session, response) =>
{
if (!session.User.Permissions.Contains('A'))
{
ctx.Unauthorized();
return;
}
var request = await ctx.ReadBody <UserUpdateRequest>();
var user = db.Users.Find(u => u.Id == request.Id).FirstOrDefault();
if (user == null)
{
user = new User();
user.Id = Guid.NewGuid().ToString("n");
db.Users.InsertOne(user);
}
user.Name = request.Name;
user.Email = request.Email;
user.Profile = request.Profile;
user.Permissions = request.Permissions;
db.Users.ReplaceOne(u => u.Id == user.Id, user);
});
});
endPoints.Put("/user/new", async ctx =>
{
await handleResponse <ItemResponse <NewUser> >(ctx, async(session, response) =>
{
UserNewRequest request = await ctx.ReadBody <UserNewRequest>();
if (string.IsNullOrWhiteSpace(request.Email))
{
response.SetFail("No email address specified");
return;
}
if (db.Users.Find(u => u.Email == request.Email).Any())
{
response.SetFail("Email already exists.");
return;
}
if (string.IsNullOrWhiteSpace(request.Password))
{
request.Password = GenerateUserPassword();
}
User user = new User()
{
Name = request.Name,
Email = request.Email,
IsActive = true,
Created = DateTime.UtcNow,
Profile = request.Profile,
Permissions = request.Permissions,
PasswordSalt = Convert.ToBase64String(getRng(16)),
};
user.PasswordHash = HashPassword(request.Password, user.PasswordSalt);
db.Users.InsertOne(user);
response.Item = new NewUser()
{
Email = user.Email,
Id = user.Id,
Name = user.Name,
Password = request.Password,
Permissions = user.Permissions,
Profile = user.Profile
};
});
});
endPoints.Delete("/user/{id}", async ctx =>
{
await handleResponse <Response>(ctx, async(session, response) =>
{
string id = ctx.Request.RouteValues["id"].ToString();
if (db.Users.DeleteOne(u => u.Id == id).DeletedCount == 0)
{
response.SetFail("$No user with id {id}");
return;
}
db.History.InsertOne(HistoryEntry(id, null, null, null, "User Deleted"));
});
});
endPoints.Get("/user/password/reset/{id}", async ctx =>
{
await handleResponse <UserResetPasswordResponse>(ctx, async(session, response) =>
{
string id = ctx.Request.RouteValues["id"].ToString();
User user = db.Users.Find(u => u.Id == id).FirstOrDefault();
if (user == null)
{
response.SetFail($"User {id} not found.");
return;
}
response.NewPassword = GenerateUserPassword();
byte[] salt = getRng(16);
user.PasswordSalt = Convert.ToBase64String(salt);
user.PasswordHash = HashPassword(response.NewPassword, user.PasswordSalt);
db.Users.ReplaceOne(u => u.Id == user.Id, user);
});
});
}
