public async Task PostUser([FromBody] JsonDocument request) { JObject jValue = WebMessageHelpers.GetJObjectFromBody(request); User user = new User(0, jValue.GetValue("login").ToString(), jValue.GetValue("password").ToString()); user.AccessLevel = 0; Response.ContentType = "application/json"; byte[] body; user.Password = UserHelpers.HashPassword(user.Login, user.Password); if (_context.User.FirstOrDefault(row => row.Login == user.Login) != null) { Response.StatusCode = 400; body = UserHelpers.DuplicateUserResponse(); await Response.Body.WriteAsync(body, 0, body.Length); return; } _context.User.Add(user); await _context.SaveChangesAsync(); body = UserHelpers.SuccessfulUserAdding(); Response.StatusCode = 200; await Response.Body.WriteAsync(body, 0, body.Length); }
public async Task DeleteUser([FromBody] JsonDocument request) { byte[] body; JObject jValue = WebMessageHelpers.GetJObjectFromBody(request); string[] token = Request.Headers.GetCommaSeparatedValues("Authorization"); if (token.Count() == 0) { Response.StatusCode = 403; return; } var user = UserHelpers.GetUser(token[0], _context); if (user == null) { Response.StatusCode = 400; return; } var tempLogin = jValue.GetValue("login").ToString(); var tempPassword = jValue.GetValue("password").ToString(); if (user.Login != tempLogin && user.Password != UserHelpers.HashPassword(tempLogin, tempPassword)) { Response.StatusCode = 400; body = UserHelpers.DuplicateUserResponse(); await Response.Body.WriteAsync(body, 0, body.Length); } _context.User.Remove(user); await _context.SaveChangesAsync(); body = UserHelpers.SuccessDeleting(); await Response.Body.WriteAsync(body, 0, body.Length); }