public async Task <IHttpActionResult> UpdateUser([FromBody] UserCredentials cred) { object userId; Request.Properties.TryGetValue("user_id", out userId); try { User user = await db.Users.FindAsync(Convert.ToInt32(userId)); if (user == null) { return(NotFound()); } if (!string.IsNullOrEmpty(cred.Name)) { user.Name = cred.Name; } if (!string.IsNullOrEmpty(cred.Email)) { user.Email = cred.Email; } if (!string.IsNullOrEmpty(cred.Password)) { if (cred.Password == cred.Password_Confirmation) { // TODO: encrypt password user.Password = cred.Password; } else { throw new Exception("password error"); } } db.Entry(user).State = EntityState.Modified; await db.SaveChangesAsync(); return(Ok(new { id = user.UserId, name = user.Name, email = user.Email })); } catch (Exception e) { // log } return(BadRequest()); }
public async Task <Chat> UpdateChat(int chatId, int userId, string name) { Chat chat = _db.Chats.Find(chatId); // only allow original creator to update chat if (userId != chat.CreatedBy) { throw new UnauthorizedAccessException(); } chat.Name = name; _db.Entry(chat).State = EntityState.Modified; await _db.SaveChangesAsync(); return(chat); }