// POST api/CustomRegistration public HttpResponseMessage Post(RegistrationRequest registrationRequest) { if (!Regex.IsMatch(registrationRequest.StudentId, "^[0-9]{8}$")) { return(this.Request.CreateResponse(HttpStatusCode.BadRequest, "Invalid Student Id")); } //else if (!Regex.IsMatch(registrationRequest.Email, "^[A-Za-z0-9._%+-]+@+(.*?.)?uts.edu.au$")) //{ // return this.Request.CreateResponse(HttpStatusCode.BadRequest, "Email must be a UTS email address"); //} else if (registrationRequest.Password.Length < 8) { return(this.Request.CreateResponse(HttpStatusCode.BadRequest, "Invalid Password (at least 8 chars required)")); } helpsDbContext context = new helpsDbContext(); User account = context.Users.Where(a => a.StudentId == registrationRequest.StudentId).SingleOrDefault(); if (account != null) { return(this.Request.CreateResponse(HttpStatusCode.BadRequest, "That user already exists, please log in.")); } else { byte[] salt = LoginProviderUtil.generateSalt(); User newUser = new User { Id = Guid.NewGuid().ToString(), FirstName = registrationRequest.FirstName, LastName = registrationRequest.LastName, StudentId = registrationRequest.StudentId, Salt = salt, Email = registrationRequest.StudentId + "@student.uts.edu.au", Confirmed = false, ConfirmToken = Guid.NewGuid().ToString(), ForgotPasswordToken = Guid.NewGuid().ToString(), ResetTokenSentAt = DateTime.Now, SaltedAndHashedPassword = LoginProviderUtil.hash(registrationRequest.Password, salt) }; var url = Request.RequestUri.GetLeftPart(UriPartial.Authority) + Url.Route("DefaultApi", new { controller = "ConfirmEmail", Token = newUser.ConfirmToken }); EmailProviderUtil.SendConfirmationEmail(newUser, url); context.Users.Add(newUser); context.SaveChanges(); return(this.Request.CreateResponse(HttpStatusCode.Created)); } }
public HttpResponseMessage Get(string StudentId, string Resend) { helpsDbContext context = new helpsDbContext(); // Find the User with the token which was emailed to them User user = context.Users.Where(a => a.StudentId == StudentId).SingleOrDefault(); if (user != null) { if (user.Confirmed) { return(this.Request.CreateResponse(HttpStatusCode.InternalServerError, "Email already confirmed")); } var url = Request.RequestUri.GetLeftPart(UriPartial.Authority) + Url.Route("DefaultApi", new { controller = "ConfirmEmail", Token = user.ConfirmToken }); EmailProviderUtil.SendConfirmationEmail(user, url); //Return success return(this.Request.CreateResponse(HttpStatusCode.OK, "Email confirmation sent")); } return(this.Request.CreateResponse(HttpStatusCode.NotFound, "User not found")); }