public IActionResult AddUser([FromBody] UserForCreationDto newUser)
{
if (newUser == null)
{
return(BadRequest("unserializable"));
}
var validator = new UserForCreationDtoValidator();
ValidationResult results = validator.Validate(newUser);
if (!results.IsValid)
{
return(BadRequest(results));
}
if (_immersiveRepo.UsernameExists(newUser.Username))
{
return(BadRequest("this username already exists"));
}
newUser.Salt = _passHasher.GenerateSalt();
newUser.PassHash = _passHasher.HashPassword(newUser.Password, newUser.Salt);
User toWriteUser = Mapper.Map <User>(newUser);
_immersiveRepo.AddUser(toWriteUser);
return(NoContent());
}
public async Task <IActionResult> Login([FromBody] UserForLoginDto user)
{
if (user == null)
{
return(BadRequest("the data was unreadable"));
}
if (!_imersiveRepo.UsernameExists(user.Username))
{
return(BadRequest("this user does not exist in the database"));
}
var userFromDb = _imersiveRepo.GetUser(user.Username);
var passHash = _passHasher.HashPassword(user.Password, userFromDb.Salt);
if (userFromDb.PassHash.Equals(passHash))
{
var claims = new List <Claim>
{
new Claim(ClaimTypes.Name, user.Username)
};
var userIdentity = new ClaimsIdentity(claims, "login");
ClaimsPrincipal principal = new ClaimsPrincipal(userIdentity);
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, principal);
return(Ok(Mapper.Map <UserDto>(userFromDb)));
}
return(Unauthorized());
}
