// POST api/registration
public HttpResponseMessage Post([FromBody] registrationAccount value)
{
if (value == null)
{
return(Request.CreateErrorResponse(HttpStatusCode.NoContent, "No data provided"));
}
//Checking if the email already exists
string existingAccount = UsersSecurity.ExistingAccount(value.email);
if (existingAccount == "TRUE")
{
return(Request.CreateErrorResponse(HttpStatusCode.OK, "Exists"));
}
else if (existingAccount == "FALSE")
{
string result = UsersSecurity.InsertNewAccount(value.email, value.password);
if (result == "SUCCESS")
{
return(Request.CreateErrorResponse(HttpStatusCode.OK, "Successful"));
}
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Something went wrong"));
}
else
{
//Error that was thrown during the excecution
return(Request.CreateErrorResponse(HttpStatusCode.InternalServerError, existingAccount));
}
}
public User Create(User user, string password, int permissionLevel)
{
if (string.IsNullOrWhiteSpace(password))
{
throw new AppException("Password is required");
}
if (context.User.Where(u => u.Email == user.Email).Any())
{
throw new AppException("Mail \"" + user.Email + "\" is already taken");
}
byte[] passwordHash, passwordSalt;
GenerateHashSalt(password, out passwordHash, out passwordSalt);
context.User.Add(user);
context.SaveChanges();
UsersSecurity userSecurity = new UsersSecurity();
userSecurity.UserId = user.UserId;
userSecurity.UserHash = passwordHash;
userSecurity.UserSalt = passwordSalt;
userSecurity.PermissionLevel = permissionLevel;
context.UsersSecurity.Add(userSecurity);
context.SaveChanges();
return(user);
}
public int GetUserPermissionLevel(int userId)
{
UsersSecurity userS = context.UsersSecurity.Where(us => us.UserId == userId).FirstOrDefault();
if (userS == null)
{
return(-1);
}
return(userS.PermissionLevel);
}
//_______________________________
/** Coding Login Panel **/
//________________________________
private void Connection_Click(object sender, EventArgs e)
{
int i = 0;
string Mode;
SqlCommand cmd = con.CreateCommand();
cmd.CommandType = CommandType.Text;
cmd.CommandText = "select * from registration where login='******' and motdepasse='" + PassBox.Text + "' ";
cmd.ExecuteNonQuery();
DataTable dt = new DataTable();
SqlDataAdapter da = new SqlDataAdapter(cmd);
da.Fill(dt);
i = Convert.ToInt32(dt.Rows.Count.ToString());
foreach (DataRow dr in dt.Rows)
{
Mode = dr["UserMode"].ToString();
UserMod.Text = Mode.ToString();
utilisateurname.Text = dr["nom"].ToString();
utilisateurfname.Text = dr["prenom"].ToString();
}
if (i == 0)
{
WrongFill.Visible = true;
// MessageBox.Show("This username password does not match");
}
else if (UserMod.Text == "Admin")
{
UsersSecurity.Hide();
Login.Hide();
LoginBox.Clear();
PassBox.Clear();
WelcomePage.BringToFront();
Header.Show();
Waiting.Show();
WaitingTimer.Start();
WrongFill.Visible = false;
}
else
{
// button1.Enabled = false;
// SupprimerCommande.Enabled = false;
// commander.Enabled = false;
dataGridView1.Hide();
UsersSecurity.Show();
ajoutstock.Enabled = false;
Ajouterbutton.Enabled = false;
Annulation.Enabled = false;
Moduser.Enabled = false;
Suppbutton.Enabled = false;
DelDealer.Enabled = false;
SaveDealer.Enabled = false;
SupprimerUnite.Enabled = false;
AjouterUnite.Enabled = false;
Delbutton.Enabled = false;
Modbutton.Enabled = false;
AjoutButton.Enabled = false;
UserAddPanel.Enabled = false;
Fournisseurs.Enabled = false;
pictureBox5.Visible = false;
Login.Hide();
LoginBox.Clear();
PassBox.Clear();
WelcomePage.BringToFront();
Header.Show();
Waiting.Show();
WaitingTimer.Start();
WrongFill.Visible = false;
}
}
