private static User GetUser(string email, string username, int id, string apitoken) { email = StringSanitization.Sanitize(email); username = StringSanitization.Sanitize(username); apitoken = StringSanitization.Sanitize(apitoken); var command = new NpgsqlCommand("SELECT * FROM \"Users\" WHERE \"email\"=@email OR \"username\"=@usr OR \"ID\"=@id OR \"api_token\"=@apitoken", database); command.Parameters.AddWithValue("email", email); command.Parameters.AddWithValue("usr", username); command.Parameters.AddWithValue("id", id); command.Parameters.AddWithValue("apitoken", apitoken); var dr = command.ExecuteReader(); dr.Read(); if (!dr.HasRows) { dr.Close(); return(null); } User user = new User { ID = dr.GetInt32("ID"), username = dr.GetString("username"), email = dr.GetString("email"), password = dr.GetString("password"), registration_timestamp = dr.GetDateTime("registration_timestamp"), date_of_birth = dr.GetDateTime("date_of_birth"), role = dr.GetString("role"), plan = Plans.GetPlanByName(dr.GetString("plan")) ?? throw new Exception("Unknown plan type"), confirmed = dr.GetBoolean("confirmed") }; dr.Close(); return(user); }
public async Task <IActionResult> SetValue(string key, [FromForm] string value) { IActionResult authenticated = ValidateToken(out int userId); if (authenticated != null) { return(authenticated); } (RedisDB db, int entries) = await GetDb(userId); var plan = Plans.GetPlanByName(HttpContext.User.FindFirst(claim => claim.Type == ClaimTypes.UserData).Value) ?? throw new Exception("Unknown plan type"); if (plan.MaxEntries <= entries && await db.Exists(key) == 0) { return(Conflict("Too many entries for current plan")); } await db.Set(key, value); return(Ok()); }
public void TestPlanModel() { Assert.IsTrue(Plans.GetPlanByName("plan.premium").Equals(Plans.Premium), "Does the function return the proper object?"); Assert.IsTrue(Plans.GetPlanByName("plan.basic").Equals(Plans.Basic), "Does the function return the proper object?"); Assert.IsNull(Plans.GetPlanByName("random name"), "Does a random name return a null object?"); }