public ActionResult UpdateUser([FromBody] Tuple <User, User> users)
{
var oldUser = users.Item1;
var newUser = users.Item2;
var userFromDb = _db.Users.
FirstOrDefault(u => u.Login == oldUser.Login);
if (userFromDb == null)
{
return(NotFound("There is no such a user"));
}
if (userFromDb.Password != SecurityController.GetHash(oldUser.Password + userFromDb.PasswordSalt))
{
return(new ForbidResult("Password is incorrect"));
}
if (newUser.Login != null)
{
userFromDb.Login = newUser.Login;
}
if (newUser.Password != null)
{
userFromDb.Password = newUser.Password;
}
_db.SaveChanges();
return(new ObjectResult(userFromDb));
}
public ActionResult DeleteUser([FromBody] User user)
{
var userFromDb = _db.Users.
FirstOrDefault(u => u.Login == user.Login);
if (userFromDb == null)
{
return(NotFound("There is no such a user"));
}
if (userFromDb.Password != SecurityController.GetHash(user.Password + userFromDb.PasswordSalt))
{
return(new ForbidResult("Password is incorrect"));
}
_db.Users.Remove(userFromDb);
_db.SaveChanges();
return(Ok());
}
public ActionResult CreateUser([FromBody] User user)
{
var userFromDb = _db.Users.FirstOrDefault(u => u.Login == user.Login);
if (userFromDb != null)
{
return(BadRequest("The user with such a login currently exists"));
}
user.PasswordSalt = SecurityController.GetSalt();
user.Password = SecurityController.GetHash(user.Password + user.PasswordSalt);
user.Role = (int)Roles.User;
user.Id = Guid.NewGuid();
_db.Users.Add(user);
_logger.LogInformation("User have been registered");
_db.SaveChanges();
return(new ObjectResult(user));
}
public ActionResult AuthentificateUser([FromBody] User user)
{
var userFromDb = _db.Users.
FirstOrDefault(u => u.Login == user.Login);
if (userFromDb == null)
{
return(NotFound("There is no such a user"));
}
if (userFromDb.Password != SecurityController.GetHash(user.Password + userFromDb.PasswordSalt))
{
return(new ForbidResult("Password is incorrect"));
}
//удаляем старую jwt, еслі она есть
var oldJWT = _db.JWTs.FirstOrDefault(j => j.UserLogin == userFromDb.Login);
if (oldJWT != null)
{
_db.JWTs.Remove(oldJWT);
}
//добавляем новую
var id = Guid.NewGuid();
var datetime = DateTime.Now;
var jwt = new JWT
{
ID = id,
UserLogin = userFromDb.Login,
Datetime = DateTime.Now,
Value = SecurityController.GetHash(id.ToString() + datetime.ToString() + userFromDb.Login) + userFromDb.Role.ToString()
};
_db.JWTs.Add(jwt);
userFromDb.JWT = jwt;
_db.SaveChanges();
return(Ok(jwt.Value));
}