public IActionResult SingUp([FromBody] UserPostDTO newUser)
{
// Da de alta el registro del usuario.
new UserSC().SignUp(newUser);
return(Created("", ""));
}
public async Task <IActionResult> Register(UserPostDTO userAttemptingToRegister)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
// Check if username already exists.
User existingUser = await _db.Users.FirstOrDefaultAsync(u => u.Username == userAttemptingToRegister.Username);
if (existingUser != null)
{
return(Conflict(new { message = _errorMessageUsernameExists }));
}
try
{
User newUser = UserPostDTO.ToModel(userAttemptingToRegister);
await _db.Users.AddAsync(newUser);
await _db.SaveChangesAsync();
string locationUri = $"{_baseUrl}/api/v1/users/{newUser.UserId}";
return(Created(locationUri, UserGetDTO.FromModel(newUser)));
}
catch (DbUpdateException)
{
return(StatusCode(StatusCodes.Status500InternalServerError,
_errorMessageSavingData));
}
}
public override void OnActionExecuting(ActionExecutingContext context)
{
base.OnActionExecuting(context);
bool isValid = true;
UserPostDTO newUser = context.ActionArguments["newUser"] as UserPostDTO;
if (new UserSC().UserExists(newUser.UserName))
{
context.ModelState.AddModelError("username", "The username is not available.");
isValid = false;
}
if (new UserSC().EmailExists(newUser.Email))
{
context.ModelState.AddModelError("email", "The email has already been registered.");
isValid = false;
}
if (!isValid)
{
context.Result = new BadRequestObjectResult(context.ModelState);
}
}
public User Create(UserPostDTO user)
{
User userAdd = UserPostDTO.ToUser(user);
context.Users.Add(userAdd);
context.SaveChanges();
return(userAdd);
}
private string CreateEmailBody(UserPostDTO userPostDTO)
{
var emailHtmlBody = "<div>" +
"Clik " +
"<a href=" + '"' + _appSettings.Domain + generateEmailConfirmationToken(userPostDTO) + '"' + '>' + "CONFIRM" + "</a>" + "</div>";
return(emailHtmlBody);
}
public async Task CreateAsync(UserPostDTO userPostDTO)
{
var appUser = await _userManager.FindByEmailAsync(userPostDTO.Email);
if (appUser != null)
{
_logger.LogInformation($"Пользователь, {userPostDTO.Email}, уже существует!");
throw new ValidationException("Такой пользователь уже существует");
}
var user = new AppUser()
{
UserName = userPostDTO.Email,
Email = userPostDTO.Email,
EmailConfirmed = true,
FirstName = userPostDTO.FirstName,
LastName = userPostDTO.LastName
};
AppRole role;
if (userPostDTO.Role != null)
{
role = await _roleManager.FindByNameAsync(userPostDTO.Role);
if (role == null)
{
throw new ValidationException("Роль не найдена");
}
if (!await UserHasAccessToRole(await _userManager.GetUserAsync(User), userPostDTO.Role))
{
throw new ValidationException("Ошибка доступа");
}
}
else
{
role = await _roleManager.FindByNameAsync("User");
}
var result = await _userManager.CreateAsync(user, userPostDTO.Password);
if (!result.Succeeded)
{
throw new ValidationException("Ошибка при создании пользователя");
}
_logger.LogInformation($"Создан новый пользователь - {user.Email}, с ролью \"{role}\"");
if (role != null)
{
await _userManager.AddToRoleAsync(user, role.Name);
}
else
{
_logger.LogWarning("Роль - \"User\" не найдена!");
}
}
public static bool CompareUserDTOs(UserPostDTO userPost, UserGetDTO userGet)
{
return
(userPost.id == userGet.id &&
userPost.username == userGet.username &&
userPost.email == userGet.email &&
userPost.phone == userGet.phone &&
userPost.website == userGet.website);
}
// Da de alta a un usuario a la Base de Datos.
public void SignUp(UserPostDTO newUser)
{
User dbUser = newUser.GetDataBaseObject();
dbUser.Userid = Guid.NewGuid();
dbUser.Salt = CryptoSC.GenerateSalt();;
dbUser.Hashpassword = CryptoSC.GetHashedPassword(newUser.Password, dbUser.Salt);
dbContext.Users.Add(dbUser);
dbContext.SaveChanges();
}
public IActionResult CreateUser(UserPostDTO userPostDTO)
{
var isCreated = _userService.AddNewUser(userPostDTO);
if (!isCreated)
{
return(StatusCode(401, "Email exist"));
}
return(Ok());
}
public IActionResult CreateUser(UserPostDTO userPostDTO)
{
if (_userService.CheckEmailExist(userPostDTO.Email))
{
return(StatusCode(401, "Email exist"));
}
else
{
_userService.AddNewUser(userPostDTO);
return(Ok());
}
}
public void AddNewUser(UserPostDTO userPostDTO)
{
userPostDTO.Password = PasswordTools.sha256(userPostDTO.Password);
UserEntity userEntity = new UserEntity();
userEntity.Email = userPostDTO.Email;
userEntity.LastName = userPostDTO.LastName;
userEntity.FirstName = userPostDTO.FirstName;
userEntity.Password = userPostDTO.Password;
userEntity.Role = Role.USER.ToString();
userEntity.UserId = Guid.NewGuid().ToString();
_userRepository.AddNewUser(userEntity);
_emailService.SendEmail(userPostDTO);
}
public void VerifyBodyOfGetRequest()
{
UserPostDTO userPostRequest = new UserPostDTO();
string userPostRequestJson = JsonConvert.SerializeObject(userPostRequest);
var response = HTTPrequests.ExecutePostRequest(_url, userPostRequestJson);
string location = HTTPrequests.GetResponseHeader(HTTPrequests.ExecutePostRequest(_url, userPostRequestJson), "location");
string body = HTTPrequests.GetResponseBody(HTTPrequests.ExecuteGetRequest(location));
UserGetDTO userGetResponse = JsonConvert.DeserializeObject <UserGetDTO>(body);
Assert.IsTrue(RestComparator.CompareUserDTOs(userPostRequest, userGetResponse));
}
public async Task <ActionResult <UserPostDTO> > PostUserPost(UserPostDTO newPost)
{
if (newPost.UserId == null)
{
newPost.UserId = UserClaimsGetters.GetUserId(User);
}
var post = await _userPost.Create(newPost);
if (post != null)
{
return(Ok());
}
return(BadRequest());
}
private string generateEmailConfirmationToken(UserPostDTO userPostDTO)
{
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_appSettings.Secret);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.Email, userPostDTO.Email.ToString()),
}),
Expires = DateTime.UtcNow.AddDays(1),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
return(tokenHandler.WriteToken(token));
}
/// <summary>
/// Create a new post and add it to the database
/// </summary>
/// <param name="post">A UserPostDTO to create the new entity</param>
/// <returns>Returns the DTO if successful</returns>
public async Task <UserPostDTO> Create(UserPostDTO post)
{
var timeNow = DateTime.UtcNow;
var newPost = new UserPost()
{
UserId = post.UserId,
Caption = post.Caption,
Created = timeNow,
Modified = timeNow
};
_context.Entry(newPost).State = EntityState.Added;
await _context.SaveChangesAsync();
return(post);
}
/// <summary>
/// Updates a post in the database
/// </summary>
/// <param name="post">The PostDTO needed to update the database</param>
/// <returns>If successful the updated DTO</returns>
public async Task <UserPostDTO> Update(UserPostDTO userPost, int postId)
{
var databasePost = await _context.UserPosts.Where(x => x.ID == postId).FirstOrDefaultAsync();
if (databasePost != null)
{
databasePost.ID = databasePost.ID;
databasePost.UserId = userPost.UserId == null ? databasePost.UserId : userPost.UserId;
databasePost.Caption = userPost.Caption == null ? databasePost.Caption : userPost.Caption;
databasePost.Modified = DateTime.UtcNow;
_context.Entry(databasePost).State = EntityState.Modified;
await _context.SaveChangesAsync();
return(await GetASpecificPost(postId));
}
throw new Exception("That Post does not exist");
}
public async Task <ActionResult <User> > PostUser(UserPostDTO userPost)
{
var user = _mapper.Map <User>(userPost);
try
{
_context.Users.Add(user);
await _context.SaveChangesAsync();
}
catch (DbUpdateException)
{
return(BadRequest("The email address must be unique."));
}
catch (Exception ex)
{
return(BadRequest(ex.Message));
}
return(CreatedAtAction("GetUser", new { id = user.Id }, user));
}
public void UpsertShouldModifyFildsValues()
{
var options = new DbContextOptionsBuilder <TasksDbContext>()
.UseInMemoryDatabase(databaseName: nameof(UpsertShouldModifyFildsValues))
.Options;
using (var context = new TasksDbContext(options))
{
var validator = new RegisterValidator();
var validator1 = new CreateValidator();
var validatorUser = new UserRoleValidator();
var userUserRoleService = new UserUserRolesService(validatorUser, context);
var usersService = new UsersService(context, validator, validator1, userUserRoleService, config);
var added = new UserPostDTO()
{
FirstName = "Julia",
LastName = "Bush",
Username = "******",
Email = "*****@*****.**",
Password = "******"
};
var IsIn = usersService.Create(added);
var added1 = new UserPostDTO()
{
FirstName = "Maya",
LastName = "Bush",
Username = "******",
Email = "*****@*****.**",
Password = "******"
};
Assert.IsNull(IsIn);
Assert.AreNotEqual(added.FirstName, added1.FirstName);
}
}
public ErrorsCollection Validate(UserPostDTO userPostDTO, TasksDbContext context)
{
ErrorsCollection errorsCollection = new ErrorsCollection {
Entity = nameof(UserPostDTO)
};
User existing = context.Users.FirstOrDefault(u => u.Username == userPostDTO.Username);
if (existing != null)
{
errorsCollection.ErrorMessages.Add($"The username {userPostDTO.Username} is already taken !");
}
if (userPostDTO.Password.Length < 7)
{
errorsCollection.ErrorMessages.Add("The password cannot be shorter than 7 characters !");
}
if (errorsCollection.ErrorMessages.Count > 0)
{
return(errorsCollection);
}
return(null);
}
public bool AddNewUser(UserPostDTO userPostDTO)
{
userPostDTO.Password = PasswordTools.sha256(userPostDTO.Password);
UserEntity userEntity = new UserEntity();
userEntity.Email = userPostDTO.Email;
userEntity.LastName = userPostDTO.LastName;
userEntity.FirstName = userPostDTO.FirstName;
userEntity.Password = userPostDTO.Password;
userEntity.Role = Role.USER.ToString();
if (!_userRepository.EmailExist(userPostDTO.Email))
{
_userRepository.AddNewUser(userEntity);
_emailService.SendEmail(userPostDTO);
return(true);
}
else
{
return(false);
}
}
/// <summary>
/// Gets a specific post from the database
/// </summary>
/// <param name="postId">The Id of the post</param>
/// <returns>A single PostDTO</returns>
public async Task <UserPostDTO> GetASpecificPost(int postId)
{
var post = await _context.UserPosts.Where(x => x.ID == postId)
.FirstOrDefaultAsync();
var comments = new List <PostCommentDTO>();
if (post.PostComments != null)
{
foreach (var item in post.PostComments)
{
comments.Add(await _postComment.GetASpecificComment(item.CommentId));
}
}
var images = new List <PostImageDTO>();
if (post.PostImages != null)
{
foreach (var item in post.PostImages)
{
images.Add(await _postImage.GetASpecificImage(item.ImageId));
}
}
var postDTO = new UserPostDTO()
{
Id = post.ID,
UserId = post.UserId,
Caption = post.Caption,
Created = post.Created,
Modified = post.Modified,
PostComments = comments,
PostImages = images,
PostLikes = await GetPostLikes(postId, post.UserId)
};
return(postDTO);
}
public async Task <IActionResult> Login([FromBody] UserPostDTO userAttemptingToLogin)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
// Check if username even exists.
User existingUser = await _db.Users.FirstOrDefaultAsync(u => u.Username == userAttemptingToLogin.Username);
if (existingUser == null)
{
return(Unauthorized());
}
// Check if password matches.
User user = await _db.Users.FirstOrDefaultAsync(u => u.Username == userAttemptingToLogin.Username);
if (!Crypto.VerifyHashedPassword(user.Password, userAttemptingToLogin.Password))
{
return(Unauthorized());
}
try
{
// Generate JWT.
string accessToken = GenerateJWT(user);
user.LastLoginDate = DateTime.Now;
await _db.SaveChangesAsync();
return(Ok(new { access_token = accessToken }));
}
catch (DbUpdateException)
{
return(StatusCode(StatusCodes.Status500InternalServerError,
_errorMessageSavingData));
}
}
public async Task <UserPostDTO> PostUser(UserPostDTO userPostDTO)
{
if (userPostDTO == null)
{
throw new ArgumentNullException(nameof(userPostDTO));
}
User user = new User
{
Role = getRole(userPostDTO.Role),
Name = userPostDTO.Name,
LastName = userPostDTO.LastName,
Email = userPostDTO.Email,
UserName = userPostDTO.Username,
Joined = DateTime.Now.ToString("dd\\/MM\\/yyyy")
};
await _userManager.CreateAsync(user, userPostDTO.Password).ConfigureAwait(false);
userPostDTO.Id = user.Id;
return(userPostDTO);
}
public ErrorsCollection Create(UserPostDTO createInfo)
{
var errors = createValidator.Validate(createInfo, context);
if (errors != null)
{
return(errors);
}
User toAdd = new User
{
FirstName = createInfo.FirstName,
LastName = createInfo.LastName,
Email = createInfo.Email,
Username = createInfo.Username,
Password = ComputeSha256Hash(createInfo.Password),
UserUserRoles = new List <UserUserRole>()
};
var defaultRole = context
.UserRoles
.FirstOrDefault(urole => urole.Name == UserRoles.Regular);
context.Users.Add(toAdd);
context.UserUserRoles.Add(new UserUserRole
{
User = toAdd,
UserRole = defaultRole,
StartTime = DateTime.Now,
EndTime = null
});
context.SaveChanges();
return(null);
}
public async Task <ActionResult <UserDTO> > AddUser(UserPostDTO user)
{
try
{
var userExists = await _context.UserTable.FindAsync(user.UserId);
if (userExists != null)
{
return(StatusCode(409, "The UserId already exists"));
}
var roleExists = await _context.RoleTable.FindAsync(user.RoleId);
if (roleExists == null)
{
return(StatusCode(400, "The RoleId does not exist"));
}
_context.UserTable.Add(
new UserTable
{
UserId = user.UserId,
UserFullName = user.UserFullName,
RoleId = user.RoleId
}
);
await _context.SaveChangesAsync();
}
catch (Exception ex)
{
_logger.LogDebug(ex.ToString());
return(StatusCode(500));
}
return(CreatedAtAction(nameof(GetUser), new { id = user.UserId }, user));
}
public IHttpActionResult Add(UserPostDTO user)
{
int id = 0;
if (ModelState.IsValid)
{
try
{
UserEntity userDomain = _DTOAssempler.CreateUserEntity(user);
IUserServices userService = ServiceFactory.getUserServices();
id = userService.Register(userDomain);
}
catch (Exception e)
{
return(BadRequest(e.Message));
}
}
else
{
return(BadRequest("Neispravni podaci"));
}
return(Ok(id));
}
public async Task <UserPostDTO> PostUser(UserPostDTO userPostDTO)
{
if (userPostDTO == null)
{
throw new ArgumentNullException(nameof(userPostDTO));
}
User user = new User
{
FirstName = userPostDTO.FirstName,
LastName = userPostDTO.LastName,
UserName = userPostDTO.Username,
Email = userPostDTO.Email
};
_ = await _userManager.CreateAsync(user, userPostDTO.Password).ConfigureAwait(false);
userPostDTO.Id = user.Id;
// Assign default user role to user
await AssignRole(user).ConfigureAwait(false);
return(userPostDTO);
}
public async Task <ActionResult <UserPostDTO> > PutUserPost(UserPostDTO updatePost, int postId)
{
// Test to see if claim == post.UserId or policy is admin
// if so allow the update
// if not don't allow it
//if (postId != updatePost.Id)
//{
// return BadRequest();
//}
var post = await _userPost.GetASpecificPost(postId);
var usersRoles = UserClaimsGetters.GetUserRoles(User, _userManager);
if (UserClaimsGetters.GetUserId(User) == post.UserId || usersRoles.Contains("Admin") || usersRoles.Contains("Owner"))
{
try
{
var postUpdate = await _userPost.Update(updatePost, postId);
if (postUpdate != null)
{
return(postUpdate);
}
return(BadRequest());
}
catch (Exception e)
{
throw new Exception($"Update error message: {e.Message}");
}
}
throw new Exception("You are not authorized to Update that Post.");
}
public void SendEmail(UserPostDTO userPostDTO)
{
var message = new MimeMessage();
message.From.Add(new MailboxAddress("", _appSettings.SendingEmail));
message.To.Add(new MailboxAddress("", userPostDTO.Email));
message.Subject = "Sport app net";
var builder = new BodyBuilder();
builder.HtmlBody = CreateEmailBody(userPostDTO);
message.Body = builder.ToMessageBody();
using (var client = new SmtpClient())
{
client.Connect("smtp.gmail.com", 587, false);
client.Authenticate(_appSettings.SendingEmail, _appSettings.EmailPassword);
client.Send(message);
client.Disconnect(true);
}
}
public void Post([FromBody] UserPostDTO user)
{
_userService.Create(user);
}
