Example #1
0
        public HttpResponseMessage LoginUser([FromBody]InputUserDto value)
        {
            var responseMsg = this.PerformOperationAndHandleExceptions(
                () =>
                {
                    if (value == null)
                    {
                        throw new ArgumentException("Cannot login an empty user.");
                    }

                    this.ValidateUsername(value.Username);
                    this.ValidatePassword(value.Password);

                    var db = new BankContext();

                    var user = db.Users.FirstOrDefault(
                    u => u.Username == value.Username &&
                        u.Password == value.Password);

                    if (user == null)
                    {
                        throw new InvalidOperationException("Invalid username or password.");
                    }

                    if (user.SessionKey == null || user.SessionKey.Length != SessionKeyLength)
                    {
                        user.SessionKey = this.GenerateSessionKey(user.Id);
                        db.SaveChanges();
                    }

                    var loggedUser = new LoggedUserDto()
                    {
                        FirstName = user.FirstName,
                        LastName = user.LastName,
                        Role = user.Role,
                        SessionKey = user.SessionKey
                    };

                    var response = this.Request.CreateResponse(HttpStatusCode.Accepted, loggedUser);

                    return response;
                });

            return responseMsg;
        }
Example #2
0
        public HttpResponseMessage RegisterUser([FromBody]InputUserDto value)
        {
            var responseMsg = this.PerformOperationAndHandleExceptions(
                () =>
                {
                    if (value == null)
                    {
                        throw new ArgumentException("Cannot register an empty user.");
                    }

                    this.ValidateUsername(value.Username);
                    this.ValidatePassword(value.Password);
                    this.ValidateFirstOrLastName(value.FirstName);
                    this.ValidateFirstOrLastName(value.LastName);

                    var db = new BankContext();

                    var user = db.Users.FirstOrDefault(u => u.Username == value.Username);

                    if (user != null)
                    {
                        throw new InvalidOperationException("User already exists.");
                    }

                    var role = db.Roles.FirstOrDefault(r => r.Name == "Private");

                    if (role == null)
                    {
                        throw new InvalidOperationException("No such role.");
                    }

                    user = new User()
                    {
                        Username = value.Username,
                        Password = value.Password,
                        FirstName = value.FirstName,
                        LastName = value.LastName,
                        Role = role
                    };

                    db.Users.Add(user);
                    db.SaveChanges();

                    string sessionKey = this.GenerateSessionKey(user.Id);
                    user.SessionKey = sessionKey;
                    db.SaveChanges();

                    var loggedUser = new LoggedUserDto()
                    {
                        FirstName = user.FirstName,
                        LastName = user.LastName,
                        SessionKey = sessionKey
                    };

                    var response = this.Request.CreateResponse(HttpStatusCode.Created, loggedUser);

                    return response;
                });

            return responseMsg;
        }