public DTO.Tokens.SignedIn OnSignedIn(DTO.Databases.User User, bool AdminMode = false)
{
// genrate new token here
var SignInData = new DTO.Tokens.SignedIn
{
UserId = User.Id,
Email = User.Email,
FullName = User.Fullname
};
var Token = new DTO.Tokens.JWT(Sekrit.Value.TTL)
{
sub = User.Id,
aud = (AdminMode) ? "Administrator" : "Default"
};
SignInData.Token = Sekrit.Value.Encode(Token);
var Session = new DTO.Databases.Token
{
TokenId = Token.jti,
UserId = User.Id,
Owner = User.Id
};
TokenRepo.Save(Session);
return(SignInData);
}
public DTO.Messages.Wrapper SignIn([FromBody] DTO.Messages.SigningInUser Login)
{
var Result = new DTO.Messages.Wrapper();
if (Login == null)
{
Result.Messages.Add("PostBody", "can't be empty");
}
else
{
if (string.IsNullOrWhiteSpace(Login.Email) || !DTO.Generator.IsEmail(Login.Email))
{
Result.Messages.Add("Email", "must be a valid Email address");
}
if (string.IsNullOrWhiteSpace(Login.Password) || Login.Password.Length < 12)
{
Result.Messages.Add("Password", "must be at least 12 characters");
}
}
DTO.Databases.User User = null;
if (Result.Messages.Count == 0)
{
var Count = UserRepo.QueryableCollection.Where(x => x.Email == Login.Email).Count();
if (Count == 0)
{
Result.Messages.Add("Account", "Email is not registered");
}
User = UserRepo.QueryableCollection.Where(x => x.Email == Login.Email).First();
if (!Configs.Hashing.Compare(Login.Password, User.Id, User.Password))
{
Result.Messages.Add("Account", "Password mismatched");
}
if (Login.AdminMode && !User.Roles.Contains("Administrator"))
{
Result.Messages.Add("Roles", "can't enter Admin Mode");
}
}
if (Result.Messages.Count > 0)
{
Result.Status = "Bad Request";
Result.Code = 400;
}
else
{
Result.Data = OnSignedIn(User, Login.AdminMode);
}
return(Result);
}
public DTO.Messages.Wrapper Register([FromBody] DTO.Messages.RegisteringUser Registry)
{
var Result = new DTO.Messages.Wrapper();
if (Registry == null)
{
Result.Messages.Add("PostBody", "can't be empty");
}
else
{
if (string.IsNullOrWhiteSpace(Registry.Email))
{
Result.Messages.Add("Email", "can't be empty");
}
else if (!DTO.Generator.IsEmail(Registry.Email))
{
Result.Messages.Add("Email", "must be a valid Email");
}
if (string.IsNullOrWhiteSpace(Registry.Password) || Registry.Password.Length < 12)
{
Result.Messages.Add("Password", "can't be less than 12 characters");
}
if (string.IsNullOrWhiteSpace(Registry.Fullname))
{
Result.Messages.Add("Fullname", "can't be empty");
}
if (Registry.Gender < 0 || Registry.Gender > 1)
{
Result.Messages.Add("Gender", "can't be lower than 0 or higher than 1");
}
try
{
Convert.ToDateTime(Registry.Birthday, new System.Globalization.CultureInfo("en-US"));
}
catch (FormatException)
{
Result.Messages.Add("Birthday", "must be formated as 'M/d/YYYY'");
}
var Count = UserRepo.QueryableCollection.Where(x => x.Email == Registry.Email).Count();
if (Count > 0)
{
Result.Messages.Add("Account", "Email is registered");
}
}
if (Result.Messages.Count > 0)
{
Result.Status = "Bad Request";
Result.Code = 400;
return(Result);
}
// do registering user here
var NewUser = new DTO.Databases.User
{
Email = Registry.Email,
Fullname = Registry.Fullname,
Birthday = Registry.Birthday,
Gender = Registry.Gender
};
NewUser.Password = Configs.Hashing.Hash(Registry.Password, NewUser.Id);
UserRepo.Save(NewUser);
Result.Data = OnSignedIn(NewUser);
return(Result);
}
