public async Task <AppUser> Handle(Command request, CancellationToken cancellationToken)
{
var user = new User
{
UserName = request.Username,
Email = request.Email,
Password = DaedalusPasswordHasher.HashPassword(request.Password),
FirstName = request.FirstName,
LastName = request.LastName,
Role = request.Role
};
int?result = null;
MySqlConnection connection = new MySqlConnection("Database=daedalusdb; Data Source=projectdaedalus.mysql.database.azure.com; User Id=daedalus@projectdaedalus; Password=xDEvk7Cr");
////// Check Email
bool foundExistingEmail = false;
string sqlCheckEmailQuery = $"SELECT * FROM appuser WHERE email = '" + request.Email + "'";
MySqlCommand commandCheckEmail = new MySqlCommand(sqlCheckEmailQuery, connection);
try
{
connection.Open();
commandCheckEmail.Prepare();
MySqlDataReader reader = commandCheckEmail.ExecuteReader();
while (reader.Read())
{
foundExistingEmail = request.Email == reader["Email"].ToString();
}
reader.Close();
}
catch (Exception e)
{
Console.WriteLine(e.ToString());
connection.Close();
}
connection.Close();
//////
if (foundExistingEmail)
{
throw new RestException(HttpStatusCode.BadRequest, new { Email = "Email already exists" });
}
// if (await _context.Users.Where(x => x.UserName == request.Username).AnyAsync())
// throw new RestException(HttpStatusCode.BadRequest, new { Username = "******" });
using (connection)
{
string sqlQuery = $"INSERT INTO appuser (id,email,firstname,lastname,password,role) VALUES (@id,@Email,@FirstName,@LastName,@Password,@Role)";
try
{
MySqlCommand command = new MySqlCommand(sqlQuery, connection);
connection.Open();
command.Prepare();
command.Parameters.AddWithValue("@Id", user.Id);
command.Parameters.AddWithValue("@Email", user.Email);
command.Parameters.AddWithValue("@FirstName", user.FirstName);
command.Parameters.AddWithValue("@LastName", user.LastName);
command.Parameters.AddWithValue("@Password", user.Password);
command.Parameters.AddWithValue("@Role", user.Role);
result = command.ExecuteNonQuery();
}
catch (Exception e)
{
Console.WriteLine(e.ToString());
connection.Close();
}
connection.Close();
}
if (result > 0)
{
return(new AppUser
{
Token = _jwtGenerator.CreateToken(user),
Id = user.Id,
Email = user.Email,
FirstName = user.FirstName,
LastName = user.LastName,
Role = user.Role,
Image = null
});
}
throw new Exception("Problem creating user");
}
public async Task <User> Handle(Query request, CancellationToken cancellationToken)
{
User user = new User();
bool result = false;
MySqlConnection connection = new MySqlConnection("Database=daedalusdb; Data Source=projectdaedalus.mysql.database.azure.com; User Id=daedalus@projectdaedalus; Password=xDEvk7Cr");
using (connection)
{
string sqlQuery = $"SELECT * FROM appuser WHERE email = '" + request.Email + "'";
MySqlCommand command = new MySqlCommand(sqlQuery, connection);
try
{
connection.Open();
command.Prepare();
MySqlDataReader reader = command.ExecuteReader();
while (reader.Read())
{
user.Email = reader["Email"].ToString();
user.Id = reader["Id"].ToString();
user.FirstName = reader["FirstName"].ToString();
user.LastName = reader["LastName"].ToString();
user.Role = Convert.ToInt32(reader["Role"]);
user.Password = reader["Password"].ToString();
}
reader.Close();
}
catch (Exception e)
{
Console.WriteLine(e.ToString());
connection.Close();
}
connection.Close();
}
if (user.Email == null)
{
throw new RestException(HttpStatusCode.Unauthorized);
}
result = DaedalusPasswordHasher.VerifyHashedPassword(user.Password, request.Password);
// uncomment for å vise hash til passordet ditt som du kan bytte i databasen
// Console.WriteLine(request.Password + " bytt til hash som passord på brukeren din i databasen: " + DaedalusPasswordHasher.HashPassword(request.Password));
// sett tredje parameter til true for lockout on failure login senere !##!
//var result = await _signInManager.CheckPasswordSignInAsync(user, request.Password, false);
//if (result.Succeeded)
if (result)
{
return(new User
{
Token = _jwtGenerator.CreateToken(user),
Id = user.Id,
Email = user.Email,
FirstName = user.FirstName,
LastName = user.LastName,
Role = user.Role,
// Username = user.UserName,
Image = null
});
}
throw new RestException(HttpStatusCode.Unauthorized);
}
