public object UpdateMyInfo()
{
if (Request.Method == HttpMethod.Options)
{
return Request.CreateResponse(HttpStatusCode.OK);
}
try
{
var jsonString = Request.Content.ReadAsStringAsync().Result;
var propertiesToUpdate = JsonConvert.DeserializeObject<Dictionary<string, string>>(jsonString);
if (propertiesToUpdate == null)
{
return Request.CreateResponse(HttpStatusCode.BadRequest);
}
if (propertiesToUpdate.ContainsKey("userPassword"))
{
return Request.CreateResponse(HttpStatusCode.BadRequest,
"Use ChangeMyPassword api to change your password!");
}
var tr = new TokenRepository();
var ur = new UserRepository();
var origAuthRequst = tr.GetAuthRequestFromToken(Request.Headers.GetValues("Authorization").First());
ur.ChangeUserInfo(origAuthRequst.User, origAuthRequst.Password, propertiesToUpdate);
return Request.CreateResponse(HttpStatusCode.OK);
}
catch(Exception exc)
{
return Request.CreateResponse(HttpStatusCode.InternalServerError);
}
}
public HttpResponseMessage GetToken(AuthRequest model)
{
if (Request.Method == HttpMethod.Options)
{
return Request.CreateResponse(HttpStatusCode.OK);
}
try
{
var ur = new UserRepository();
Role[] roles;
if (string.IsNullOrEmpty(model.User) || string.IsNullOrEmpty(model.Password) ||
!ur.CheckUserCredentials(model.User, model.Password, out roles))
{
return Request.CreateResponse(HttpStatusCode.BadRequest, "Invalid user or password!");
}
else
{
var tr = new TokenRepository();
var tokenModel = tr.GenerateAndRegisterTokenForUserWithRights(model.User,
model.Password, roles);
var tokenReponse = new TokenResponse()
{
UserRights = string.Join(",", roles),
ExpirationDateTime = tokenModel.ExpirationDateTime,
Token = tokenModel.Token
};
return Request.CreateResponse(HttpStatusCode.OK, tokenReponse);
}
}
catch (Exception)
{
return Request.CreateResponse(HttpStatusCode.InternalServerError);
}
}
public object GetInfo(string cnUser)
{
if (Request.Method == HttpMethod.Options)
{
return Request.CreateResponse(HttpStatusCode.OK);
}
try
{
var tr = new TokenRepository();
var ur = new UserRepository();
var origAuthRequst = tr.GetAuthRequestFromToken(Request.Headers.GetValues("Authorization").First());
var userInfo = ur.GetUserInfo(origAuthRequst.User, origAuthRequst.Password, cnUser,
new[] {"displayName", "telephoneNumber", "title", "mail"});
return Request.CreateResponse(userInfo.Count > 1 ? HttpStatusCode.OK : HttpStatusCode.NotFound, userInfo);
}
catch
{
return Request.CreateResponse(HttpStatusCode.InternalServerError);
}
}
public object ChangeMyPassword()
{
if (Request.Method == HttpMethod.Options)
{
return Request.CreateResponse(HttpStatusCode.OK);
}
var jsonString = Request.Content.ReadAsStringAsync().Result;
var dict = JsonConvert.DeserializeObject<Dictionary<string, string>>(jsonString);
if (dict == null || !dict.ContainsKey("newPassword"))
{
return Request.CreateResponse(HttpStatusCode.BadRequest);
}
var newPassword = dict["newPassword"];
try
{
var tr = new TokenRepository();
var ur = new UserRepository();
var origAuthRequst = tr.GetAuthRequestFromToken(Request.Headers.GetValues("Authorization").First());
if (ur.ChangeUserInfo(origAuthRequst.User, origAuthRequst.Password,
new Dictionary<string, string> {{"userPassword", newPassword}}))
{
tr.InvalidateTokensForUser(origAuthRequst.User,
Request.Headers.GetValues("Authorization").FirstOrDefault());
}
return Request.CreateResponse(HttpStatusCode.OK);
}
catch(Exception exc)
{
return Request.CreateResponse(HttpStatusCode.InternalServerError);
}
}