public async Task <IActionResult> Delete(int id) { try { var currentUser = _securityHelper.GetCurrentUser(HttpContext); if (currentUser.ID == id) { return(ReturnUserFriendlyError(Errors.CurrentUserDeletionForbidden)); } var user = _repo.Get(id); if (user != null) { if (IsSuperAdmin(user)) { return(ReturnUserFriendlyError(Errors.SuperUserModificationForbidden)); } else { _repo.Delete(user.ID); await _fireRepo.DeleteUserByEmail(user.Email); return(NoContent()); } } return(NotFound()); } catch { return(ReturnUserFriendlyError(Errors.Unknown)); } }
public async Task <IActionResult> Login(LoginParameters parameters) { try { var user = _userRepo.Get(parameters.Email); if (user == null) { try { await _repo.DeleteUserByEmail(parameters.Email); } catch { } return(ReturnUserFriendlyError(Errors.InvalidCredentials)); } var token = await _repo.GenerateUserToken(parameters.Email, parameters.Password); return(Ok(new LoginResponse(user.ID, user.Email, user.IsAdmin, token))); } catch (FirebaseAuthException ex) { if (ex.Reason == AuthErrorReason.WrongPassword || ex.Reason == AuthErrorReason.UnknownEmailAddress) { return(ReturnUserFriendlyError(Errors.InvalidCredentials)); } if (ex.Reason == AuthErrorReason.TooManyAttemptsTryLater) { return(ReturnUserFriendlyError(Errors.AttemptLimitExceeded)); } return(ReturnUserFriendlyError(Errors.Unknown)); } catch { return(ReturnUserFriendlyError(Errors.Unknown)); } }