public async Task <ActionResult <string> > Register(Common.Api.Request.UserRegister newUser)
{
// Check if there is an administrator first. Can't allow user to register before Administrator.
var adminUser = await context.Users.Where(u => u.Role == Common.User.UserRole.Admin).ToListAsync();
if (adminUser.Count == 0)
{
return(Conflict("There is no administrator. System needs administrator in order to work."));
}
// Check if user exists.
var usersFound = await context.Users.Where(u => u.Email == newUser.Email || u.Nickname == newUser.Nickname).ToListAsync();
if (usersFound.Count == 0)
{
var newUserDb = new Dal.Model.User()
{
Email = newUser.Email,
Password = EncryptPassword(newUser.Password),
Nickname = newUser.Nickname,
Created = DateTime.Now,
Role = Common.User.UserRole.User,
Logged = true
};
context.Users.Add(newUserDb);
await context.SaveChangesAsync();
return(Ok(token.Generate(newUserDb.UserId, newUserDb.Email, Common.User.UserRole.User)));
}
else
{
return(Conflict($"There is already user with email {newUser.Email}, or with nickname {newUser.Nickname}."));
}
}
public async Task <ActionResult <bool> > Update(Common.Api.Request.UserRegister updateUser)
{
// Validate password.
if (string.IsNullOrWhiteSpace(updateUser.Password))
{
return(Conflict("Password can not be empty."));
}
// Always check at beginning!
var loggedAdmin = await GetLoggedAdminAsync();
if (loggedAdmin != null)
{
var newPassword = EncryptPassword(updateUser.Password);
if (loggedAdmin.Password != newPassword)
{
loggedAdmin.Password = newPassword;
await context.SaveChangesAsync();
return(Ok(true));
}
else
{
return(Ok(false)); // Return false, because there is no point updating same value.
}
}
else
{
return(GetUnauthorizedLoginResponse());
}
}
public async Task <bool> RegisterAsync(Common.Api.Request.UserRegister userRegister, string confirmPassword)
{
// Validations
if (string.IsNullOrWhiteSpace(userRegister.Email) || string.IsNullOrWhiteSpace(userRegister.Password) || string.IsNullOrWhiteSpace(confirmPassword))
{
throw new Exception("Please fill all fields.");
}
#if RELEASE
// I'll only need minimum password length in release mode (for production). To increase security.
if (userRegister.Password.Length < passwordMinimumLength)
{
throw new Exception("Password must be at least {passwordMinimumLength} characters.");
}
#endif
if (userRegister.Password != confirmPassword)
{
throw new Exception("Silly, you must retype same password in Confirm password field. :)");
}
var response = await HttpClient.PostAsJsonAsync(Common.ApiRoutes.Admin.Register, userRegister);
if (response.StatusCode == System.Net.HttpStatusCode.OK)
{
SetToken(await response.Content.ReadAsStringAsync());
return(true);
}
else
{
return(false);
}
}
public async Task <bool> RegisterAsync(Common.Api.Request.UserRegister userRegister, string confirmPassword)
{
if (userRegister.Password != confirmPassword)
{
throw new Exception("Confirmed password is not same.");
}
var response = await HttpClient.PostAsJsonAsync(Common.ApiRoutes.User.Register, userRegister);
if (response.StatusCode == System.Net.HttpStatusCode.OK)
{
SetToken(await response.Content.ReadAsStringAsync());
return(true);
}
else
{
return(false);
}
}
public async Task <ActionResult <string> > Register(Common.Api.Request.UserRegister newUser)
{
//Validate new user data.
if (newUser == null)
{
return(BadRequest("Please send data for a new user."));
}
if (string.IsNullOrWhiteSpace(newUser.Email))
{
return(BadRequest("Please send email."));
}
if (string.IsNullOrWhiteSpace(newUser.Password))
{
return(BadRequest("Please send password."));
}
// Check if administrator exists. At this point it can be only one administrator.
var adminsFound = await context.Users.Where(u => u.Role == Common.User.UserRole.Admin).ToListAsync();
if (adminsFound.Count == 0)
{
var newAdminDb = new Dal.Model.User()
{
Email = newUser.Email,
Password = EncryptPassword(newUser.Password),
Nickname = adminNickname, // Administrator has fixed nickname.
Created = DateTime.Now,
Role = Common.User.UserRole.Admin,
Logged = true
};
context.Users.Add(newAdminDb);
await context.SaveChangesAsync();
return(Ok(token.Generate(newAdminDb.UserId, newAdminDb.Email, Common.User.UserRole.Admin)));
}
else
{
return(Conflict($"There is already administrator with email {adminsFound.FirstOrDefault()?.Email}."));
}
}
public async Task <ActionResult <bool> > Update(Common.Api.Request.UserRegister updateUser)
{
// Always check at beginning!
var loggedUser = await GetLoggedUserAsync();
if (loggedUser != null)
{
// Validate nickname.
if (string.IsNullOrWhiteSpace(updateUser.Nickname))
{
return(Conflict("Nickname is empty."));
}
// Validate password.
if (string.IsNullOrWhiteSpace(updateUser.Password))
{
return(Conflict("Password can not be empty."));
}
var newPassword = EncryptPassword(updateUser.Password);
if (loggedUser.Nickname != updateUser.Nickname || loggedUser.Password != newPassword)
{
loggedUser.Nickname = updateUser.Nickname;
loggedUser.Password = newPassword;
await context.SaveChangesAsync();
return(Ok(true));
}
else
{
return(Ok(false));
}
}
else
{
return(GetUnauthorizedLoginResponse());
}
}
