public async Task <IHttpActionResult> DeleteUser(string token, string password) { try { var userEmail = ActiveLogins.GetToken(Guid.Parse(token)); Data.User user = db.User.FirstOrDefault(usert => usert.Email == userEmail.Email); if (user == null) { return(NotFound()); } if (user.Password != password) { return(Unauthorized(new System.Net.Http.Headers.AuthenticationHeaderValue("Help", "this password is incorrect"))); } if (userEmail.AcessLevel == Enums.LevelAcess.Restricted) { return(Unauthorized()); } db.User.Remove(user); await db.SaveChangesAsync(); return(Ok("This user has been deleted")); } catch (FormatException) { return(BadRequest("The token format is invalid")); } catch (NullReferenceException) { return(BadRequest("This token is invalid or has already expired")); } }
public async Task <IHttpActionResult> PutUser(string token, Data.User userput, string password) { try { var userEmail = ActiveLogins.GetToken(Guid.Parse(token)).Email; Data.User user = await db.User.FirstOrDefaultAsync(usert => usert.Email == userEmail); if (user == null) { return(NotFound()); } else if (user.Password != password) { return(Unauthorized(new System.Net.Http.Headers.AuthenticationHeaderValue("Help", "this password is incorrect"))); } if (!ModelState.IsValid) { return(BadRequest(ModelState)); } if (user.Email != userput.Email) { return(BadRequest()); } db.Entry(userput).State = EntityState.Modified; try { await db.SaveChangesAsync(); } catch (DbUpdateConcurrencyException) { if (!await UserExists(userput.Email)) { return(NotFound()); } else { throw; } } return(StatusCode(HttpStatusCode.NoContent)); } catch (FormatException) { return(BadRequest("The token format is invalid")); } catch (NullReferenceException) { return(BadRequest("This token is invalid or has already expired")); } }
public async Task <IHttpActionResult> GetUser(string token, string password) { try { var userEmail = ActiveLogins.GetToken(Guid.Parse(token)); Data.User userDB = await db.User.FirstOrDefaultAsync(usert => usert.Email == userEmail.Email); if (userDB == null) { return(NotFound()); } else if (userDB.Password != password) { return(Unauthorized(new System.Net.Http.Headers.AuthenticationHeaderValue("Help", "this password is incorrect"))); } if (userEmail.AcessLevel == Enums.LevelAcess.Application) { var Role = new RoleModel(userDB.Role); var User = new UserModel(userDB, userDB.Role); return(Ok(User)); } else if (userEmail.AcessLevel == Enums.LevelAcess.User) { return(Ok(userDB)); } return(Unauthorized()); } catch (FormatException) { return(BadRequest("The token format is invalid")); } catch (NullReferenceException) { return(BadRequest("This token is invalid or has already expired")); } }