public IHttpActionResult DELETE(string username)
{
var identity = User.Identity as ClaimsIdentity;
string authenticatedUser = identity.FindFirst("sub").Value;
if (username == null)
{
return(BadRequest("Username may not be null"));
}
try
{
StaffModel user = _staffServices.Get(authenticatedUser);
if (user.isAdmin)
{
_staffServices.Delete(username);
AuthRepository _repo = new AuthRepository();
_repo.Delete(username);
return(Ok("User Deleted"));
}
return(BadRequest("Permission denied"));
}
catch (Exception e)
{
return(BadRequest(e.Message));
}
}
