public async Task <IActionResult> Delete(int id)
{
try
{
var currentUser = _securityHelper.GetCurrentUser(HttpContext);
if (currentUser.ID == id)
{
return(ReturnUserFriendlyError(Errors.CurrentUserDeletionForbidden));
}
var user = _repo.Get(id);
if (user != null)
{
if (IsSuperAdmin(user))
{
return(ReturnUserFriendlyError(Errors.SuperUserModificationForbidden));
}
else
{
_repo.Delete(user.ID);
await _fireRepo.DeleteUserByEmail(user.Email);
return(NoContent());
}
}
return(NotFound());
}
catch
{
return(ReturnUserFriendlyError(Errors.Unknown));
}
}
public async Task <IActionResult> Login(LoginParameters parameters)
{
try
{
var user = _userRepo.Get(parameters.Email);
if (user == null)
{
try
{
await _repo.DeleteUserByEmail(parameters.Email);
}
catch { }
return(ReturnUserFriendlyError(Errors.InvalidCredentials));
}
var token = await _repo.GenerateUserToken(parameters.Email, parameters.Password);
return(Ok(new LoginResponse(user.ID, user.Email, user.IsAdmin, token)));
}
catch (FirebaseAuthException ex)
{
if (ex.Reason == AuthErrorReason.WrongPassword || ex.Reason == AuthErrorReason.UnknownEmailAddress)
{
return(ReturnUserFriendlyError(Errors.InvalidCredentials));
}
if (ex.Reason == AuthErrorReason.TooManyAttemptsTryLater)
{
return(ReturnUserFriendlyError(Errors.AttemptLimitExceeded));
}
return(ReturnUserFriendlyError(Errors.Unknown));
}
catch
{
return(ReturnUserFriendlyError(Errors.Unknown));
}
}