// POST api/registration public HttpResponseMessage Post([FromBody] registrationAccount value) { if (value == null) { return(Request.CreateErrorResponse(HttpStatusCode.NoContent, "No data provided")); } //Checking if the email already exists string existingAccount = UsersSecurity.ExistingAccount(value.email); if (existingAccount == "TRUE") { return(Request.CreateErrorResponse(HttpStatusCode.OK, "Exists")); } else if (existingAccount == "FALSE") { string result = UsersSecurity.InsertNewAccount(value.email, value.password); if (result == "SUCCESS") { return(Request.CreateErrorResponse(HttpStatusCode.OK, "Successful")); } return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Something went wrong")); } else { //Error that was thrown during the excecution return(Request.CreateErrorResponse(HttpStatusCode.InternalServerError, existingAccount)); } }
public User Create(User user, string password, int permissionLevel) { if (string.IsNullOrWhiteSpace(password)) { throw new AppException("Password is required"); } if (context.User.Where(u => u.Email == user.Email).Any()) { throw new AppException("Mail \"" + user.Email + "\" is already taken"); } byte[] passwordHash, passwordSalt; GenerateHashSalt(password, out passwordHash, out passwordSalt); context.User.Add(user); context.SaveChanges(); UsersSecurity userSecurity = new UsersSecurity(); userSecurity.UserId = user.UserId; userSecurity.UserHash = passwordHash; userSecurity.UserSalt = passwordSalt; userSecurity.PermissionLevel = permissionLevel; context.UsersSecurity.Add(userSecurity); context.SaveChanges(); return(user); }
public int GetUserPermissionLevel(int userId) { UsersSecurity userS = context.UsersSecurity.Where(us => us.UserId == userId).FirstOrDefault(); if (userS == null) { return(-1); } return(userS.PermissionLevel); }
//_______________________________ /** Coding Login Panel **/ //________________________________ private void Connection_Click(object sender, EventArgs e) { int i = 0; string Mode; SqlCommand cmd = con.CreateCommand(); cmd.CommandType = CommandType.Text; cmd.CommandText = "select * from registration where login='******' and motdepasse='" + PassBox.Text + "' "; cmd.ExecuteNonQuery(); DataTable dt = new DataTable(); SqlDataAdapter da = new SqlDataAdapter(cmd); da.Fill(dt); i = Convert.ToInt32(dt.Rows.Count.ToString()); foreach (DataRow dr in dt.Rows) { Mode = dr["UserMode"].ToString(); UserMod.Text = Mode.ToString(); utilisateurname.Text = dr["nom"].ToString(); utilisateurfname.Text = dr["prenom"].ToString(); } if (i == 0) { WrongFill.Visible = true; // MessageBox.Show("This username password does not match"); } else if (UserMod.Text == "Admin") { UsersSecurity.Hide(); Login.Hide(); LoginBox.Clear(); PassBox.Clear(); WelcomePage.BringToFront(); Header.Show(); Waiting.Show(); WaitingTimer.Start(); WrongFill.Visible = false; } else { // button1.Enabled = false; // SupprimerCommande.Enabled = false; // commander.Enabled = false; dataGridView1.Hide(); UsersSecurity.Show(); ajoutstock.Enabled = false; Ajouterbutton.Enabled = false; Annulation.Enabled = false; Moduser.Enabled = false; Suppbutton.Enabled = false; DelDealer.Enabled = false; SaveDealer.Enabled = false; SupprimerUnite.Enabled = false; AjouterUnite.Enabled = false; Delbutton.Enabled = false; Modbutton.Enabled = false; AjoutButton.Enabled = false; UserAddPanel.Enabled = false; Fournisseurs.Enabled = false; pictureBox5.Visible = false; Login.Hide(); LoginBox.Clear(); PassBox.Clear(); WelcomePage.BringToFront(); Header.Show(); Waiting.Show(); WaitingTimer.Start(); WrongFill.Visible = false; } }