public HttpResponseMessage PostLoginUser(UserModel model) { var responseMsg = this.PerformOperationAndHandleExceptions(() => { var dbContext = new RecipesContext(); using (dbContext) { this.ValidateUsername(model.Username); this.ValidateAuthCode(model.AuthCode); var usernameToLower = model.Username.ToLower(); var user = dbContext.Users.FirstOrDefault( usr => usr.Username == usernameToLower && usr.AuthCode == model.AuthCode); if (user == null) { throw new InvalidOperationException("Invalid username or password"); } if (user.SessionKey == null) { user.SessionKey = this.GenerateSessionKey(user.UserId); dbContext.SaveChanges(); } var loggedModel = new LoggedUserModel() { Username = user.Username, SessionKey = user.SessionKey }; var response = this.Request.CreateResponse(HttpStatusCode.Created, loggedModel); return response; } }); return responseMsg; }
public HttpResponseMessage UpdateUser(int id, UserModel model) { var dbContext = new RecipesContext(); using (dbContext) { var user = GetCurrentUser(dbContext); if (user == null || user.Role != Role.Admin) { throw new InvalidOperationException("Only an authorized admin can delete users."); } var userToUpdate = dbContext.Users.FirstOrDefault(u => u.UserId == id); if (userToUpdate != null) { if (model.AuthCode != null) { ValidateAuthCode(model.AuthCode); userToUpdate.AuthCode = model.AuthCode; dbContext.SaveChanges(); } } var response = this.Request.CreateResponse(HttpStatusCode.OK, string.Empty); return response; } }
public HttpResponseMessage PostRegisterUser(UserModel model) { var responseMsg = this.PerformOperationAndHandleExceptions(() => { var dbContext = new RecipesContext(); using (dbContext) { this.ValidateUsername(model.Username); this.ValidateAuthCode(model.AuthCode); var usernameToLower = model.Username.ToLower(); var user = dbContext.Users.FirstOrDefault( usr => usr.Username == usernameToLower); if (user != null) { throw new InvalidOperationException("User exists"); } user = new User() { Username = model.Username.ToLower(), AuthCode = model.AuthCode, Role = Role.Client }; dbContext.Users.Add(user); dbContext.SaveChanges(); user.SessionKey = this.GenerateSessionKey(user.UserId); dbContext.SaveChanges(); var loggedModel = new LoggedUserModel() { Username = user.Username, SessionKey = user.SessionKey }; var response = this.Request.CreateResponse(HttpStatusCode.Created, loggedModel); return response; } }); return responseMsg; }