public async Task <ActionResult> logIn(LogInRequestModel user)
{
if (user.username == null)
{
return(BadRequest("A username is required to login."));
}
if (user.password == null)
{
return(BadRequest("A password is required to login."));
}
SupportUsers checkUser = await adminRepository.getAdmin(user.username.Trim());
/* If null, no user with that username exists.*/
if (checkUser == null)
{
return(NotFound("Nobody with that username exists."));
}
/* Verify correct password has been entered.*/
if (verifyHash(SHA256.Create(), user.password, checkUser.Password))
{
return(Ok());
}
else
{
return(Unauthorized("Password is incorrect."));
}
}
public async Task <ActionResult> add(add user)
{
if (user.username == null)
{
return(BadRequest("A username is needed for the person adding."));
}
SupportUsers adder = await adminRepository.getAdmin(user.username);
if (adder == null)
{
return(Unauthorized("The person trying to add is not a staff member!"));
}
if (user.user.Username == null)
{
return(BadRequest("A username is needed."));
}
if (user.user.Name == null)
{
return(BadRequest("A name is needed."));
}
if (user.user.Surname == null)
{
return(BadRequest("A surname is needed."));
}
if (user.user.Email == null)
{
return(BadRequest("An email is needed."));
}
string password = getRandomString(10);
user.user.Password = getHash(SHA256.Create(), password);
user.user.Password = getHash(SHA256.Create(), user.user.Password);
SupportUsers exists = await adminRepository.getAdmin(user.user.Username);
if (exists == null)
{
string content = "Your username is " + user.user.Username + " and your temporary password you will use to sign in for the first time is " + password + ".";
await adminRepository.addAdmin(user.user);
await mailer.sendEmail("*****@*****.**", "Gym Moves", "Admin Account", content, emailReceiver);
return(Ok());
}
else
{
return(BadRequest("This username is already in use"));
}
}
public async Task <ActionResult <GymApplications[]> > getAllApplications(GetAllApplicationsRequest request)
{
if (request.Username == "")
{
return(StatusCode(StatusCodes.Status400BadRequest, "Staff username cannot be empty!"));
}
SupportUsers staff = await staffRepository.getStaff(request.Username);
if (staff == null)
{
return(StatusCode(StatusCodes.Status401Unauthorized, "Invalid staff member!"));
}
GymApplications[] applications = await applicationRepository.getAllApplications();
return(Ok(applications));
}
public async Task <ActionResult> signUp(AdminSignupRequest user)
{
SupportUsers newStaffAccount = new SupportUsers();
if (user.username == null)
{
return(BadRequest("A username is needed to make your account."));
}
if (user.tempPassword == null)
{
return(BadRequest("A given password is needed to make your account."));
}
if (user.password == null)
{
return(BadRequest("A new password is needed to create your account."));
}
SupportUsers checkUser = await adminRepository.getAdmin(user.username);
if (checkUser == null)
{
return(Unauthorized("Nobody with that username exists."));
}
if (verifyHash(SHA256.Create(), user.tempPassword, checkUser.Password))
{
if (user.tempPassword == user.password)
{
return(BadRequest("The password is the same as your given password!"));
}
else
{
await adminRepository.changePassword(user.username, getHash(SHA256.Create(), user.password));
return(Ok());
}
}
else
{
return(Unauthorized("Incorrect given password"));
}
}
public async Task <bool> addAdmin(SupportUsers user)
{
context.Add(user);
return((await context.SaveChangesAsync()) > 0);
}