public async Task <IHttpActionResult> DeleteUser(string token, string password)
{
try
{
var userEmail = ActiveLogins.GetToken(Guid.Parse(token));
Data.User user = db.User.FirstOrDefault(usert => usert.Email == userEmail.Email);
if (user == null)
{
return(NotFound());
}
if (user.Password != password)
{
return(Unauthorized(new System.Net.Http.Headers.AuthenticationHeaderValue("Help", "this password is incorrect")));
}
if (userEmail.AcessLevel == Enums.LevelAcess.Restricted)
{
return(Unauthorized());
}
db.User.Remove(user);
await db.SaveChangesAsync();
return(Ok("This user has been deleted"));
}
catch (FormatException)
{
return(BadRequest("The token format is invalid"));
}
catch (NullReferenceException)
{
return(BadRequest("This token is invalid or has already expired"));
}
}
public async Task <IHttpActionResult> PutUser(string token, Data.User userput, string password)
{
try
{
var userEmail = ActiveLogins.GetToken(Guid.Parse(token)).Email;
Data.User user = await db.User.FirstOrDefaultAsync(usert => usert.Email == userEmail);
if (user == null)
{
return(NotFound());
}
else if (user.Password != password)
{
return(Unauthorized(new System.Net.Http.Headers.AuthenticationHeaderValue("Help", "this password is incorrect")));
}
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (user.Email != userput.Email)
{
return(BadRequest());
}
db.Entry(userput).State = EntityState.Modified;
try
{
await db.SaveChangesAsync();
}
catch (DbUpdateConcurrencyException)
{
if (!await UserExists(userput.Email))
{
return(NotFound());
}
else
{
throw;
}
}
return(StatusCode(HttpStatusCode.NoContent));
}
catch (FormatException)
{
return(BadRequest("The token format is invalid"));
}
catch (NullReferenceException)
{
return(BadRequest("This token is invalid or has already expired"));
}
}
public async Task <IHttpActionResult> GetUser(string token, string password)
{
try
{
var userEmail = ActiveLogins.GetToken(Guid.Parse(token));
Data.User userDB = await db.User.FirstOrDefaultAsync(usert => usert.Email == userEmail.Email);
if (userDB == null)
{
return(NotFound());
}
else if (userDB.Password != password)
{
return(Unauthorized(new System.Net.Http.Headers.AuthenticationHeaderValue("Help", "this password is incorrect")));
}
if (userEmail.AcessLevel == Enums.LevelAcess.Application)
{
var Role = new RoleModel(userDB.Role);
var User = new UserModel(userDB, userDB.Role);
return(Ok(User));
}
else if (userEmail.AcessLevel == Enums.LevelAcess.User)
{
return(Ok(userDB));
}
return(Unauthorized());
}
catch (FormatException)
{
return(BadRequest("The token format is invalid"));
}
catch (NullReferenceException)
{
return(BadRequest("This token is invalid or has already expired"));
}
}
