public async Task <IActionResult> CreateUserAccount(
[HttpTrigger(AuthorizationLevel.Anonymous, "post", Route = "UserAccount/CreateUserAccount")] HttpRequest req, ILogger log)
{
log.LogInformation("C# HTTP trigger function(CreateUserAccount) processed a request.");
try
{
string requestBody = await new StreamReader(req.Body).ReadToEndAsync();
var userAccountCreateModel = JsonConvert.DeserializeObject <UserAccountCreateModel>(requestBody);
// first check if username already exists
var loginManager = new LoginManager();
if (loginManager.AccountExists(userAccountCreateModel.EmailAddress))
{
return(new BadRequestObjectResult("An account with this email address already exists."));
}
// get salt and hash the password
var salt = PasswordManager.GenerateSalt();
var hash = PasswordManager.HashPassword(userAccountCreateModel.Password, salt);
// instantiate new UserAccount with salt and hashed password
var userAccount = new UserAccount()
{
Name = userAccountCreateModel.Name,
EmailAddress = userAccountCreateModel.EmailAddress,
Salt = salt,
Hash = hash
};
// save useraccount to database
var userAccountRepo = new UserAccountRepository();
var newId = userAccountRepo.CreateUserAccount(userAccount);
// return JWT with UserAccountId
var jwt = _tokenCreator.CreateToken(newId);
return(new OkObjectResult(jwt));
}
catch (Exception exception)
{
return(new BadRequestObjectResult(exception.Message));
}
}
public async Task <IActionResult> ChangeEmailAddress(
[HttpTrigger(AuthorizationLevel.Anonymous, "post", Route = "UserAccount/ChangeEmailAddress")] HttpRequest req, ILogger log)
{
log.LogInformation("C# HTTP trigger function(ChangeEmailAddress) processed a request.");
try
{
string requestBody = await new StreamReader(req.Body).ReadToEndAsync();
var userAccountUpdateModel = JsonConvert.DeserializeObject <UserAccountUpdateModel>(requestBody);
var loginManager = new LoginManager();
var loginResult = loginManager.AttemptLogin(userAccountUpdateModel.EmailAddress, userAccountUpdateModel.Password);
if (loginResult.Status == LoginStatus.Success)
{
// Make sure the email address is not already in use
if (loginManager.AccountExists(userAccountUpdateModel.NewEmailAddress))
{
return(new BadRequestObjectResult("Email Address is already in use."));
}
else
{
loginResult.UserAccount.EmailAddress = userAccountUpdateModel.NewEmailAddress;
}
// Update the UserAccount with the new value
var userAccountRepo = new UserAccountRepository();
userAccountRepo.UpdateUserAccount(loginResult.UserAccount);
return(new OkObjectResult($"Email Address updated to {userAccountUpdateModel.NewEmailAddress})."));
}
else
{
// maybe change this so there's only 1 fail condition instead of having Error & Failure
return(new BadRequestObjectResult(loginResult.FailureReason));
}
}
catch (Exception exception)
{
return(new BadRequestObjectResult(exception.Message));
}
}