public IEnumerable <string> Get()
{
using (var context = new DataAccess.UserDBContext())
{
int count = context.users.ToArray().Length;
List <string> results = new List <string>();
results.Add(count.ToString());
return(results.ToArray());
}
}
public IActionResult Put([FromBody] string email)
{
using (var context = new DataAccess.UserDBContext())
{
var user = context.FindByEmail(email);
if (user == null || user.IsAnon())
{
return(Forbid());
}
user.verification_token = context.GenEmailToken();
context.SaveChanges();
return(Ok(Emailer.SendPasswordResetEmail(user)));
}
}
public IActionResult Get(string token)
{
using (var context = new DataAccess.UserDBContext())
{
var user = context.FindUserByToken(token);
if (user == null || user.IsAnon())
{
return(NotFound());
}
List <string> responce = new List <string>();
responce.Add(user.email);
foreach (var c in context.CallsignsForUser(user))
{
responce.Add(c.name);
}
return(Ok(responce));
}
}
public IActionResult Put(UserUpdateAction request)
{
using (var context = new DataAccess.UserDBContext())
{
var user = context.FindUserByToken(request.Token);
if (user == null || user.email == "ANON")
{
return(Forbid());
}
switch (request.EditAction)
{
case UserUpdateAction.Actions.ChangeCallsign:
{
var callsign = context.CallsignsForUser(user).First(x => x.name.ToLowerInvariant() == request.OldValue.ToLowerInvariant());
if (callsign == null || request.NewValue.Length < 4)
{
return(NotFound());
}
if (!context.CallsignAvailable(request.NewValue))
{
return(NoContent());
}
callsign.name = request.NewValue;
context.SaveChanges();
return(Ok(callsign.callsign_id));
}
case UserUpdateAction.Actions.AddCallsign:
{
var callsigns = context.CallsignsForUser(user);
if (callsigns.First(x => x.name.ToLowerInvariant() == request.NewValue.ToLowerInvariant()) != null)
{
return(Forbid());
}
if (callsigns.Count() >= 3 || request.NewValue.Length < 4)
{
return(NoContent());
}
if (!context.CallsignAvailable(request.NewValue))
{
return(NoContent());
}
Callsign newCallsign = new Callsign();
newCallsign.user = user;
newCallsign.name = request.NewValue;
newCallsign.enabled = 1;
newCallsign.created = DateTime.Now;
context.callsigns.Add(newCallsign);
context.SaveChanges();
return(Ok(newCallsign.callsign_id));
}
case UserUpdateAction.Actions.RemoveCallsign:
{
var callsign = context.CallsignsForUser(user).First(x => x.name.ToLowerInvariant() == request.OldValue.ToLowerInvariant());
if (callsign == null)
{
return(NotFound());
}
callsign.enabled = 0;
context.SaveChanges();
return(Ok(callsign.callsign_id));
}
case UserUpdateAction.Actions.VerifyEmail:
{
if (user.verified != 0 || user.verification_token != request.NewValue)
{
return(NotFound());
}
user.verified = 1;
user.verification_token = string.Empty;
context.SaveChanges();
return(Ok(user.email));
}
case UserUpdateAction.Actions.ChangePassword:
{
var hasher = new PasswordHasher <User>();
var result = hasher.VerifyHashedPassword(user, user.hash, request.OldValue);
if (result == PasswordVerificationResult.Failed)
{
return(Forbid());
}
user.hash = hasher.HashPassword(user, request.NewValue);
context.SaveChanges();
return(Ok(user.user_id));
}
case UserUpdateAction.Actions.ChangeEmail:
{
var existingUser = context.FindByEmail(request.NewValue);
if (existingUser != null || user.email != request.OldValue.ToLowerInvariant())
{
return(Forbid());
}
if (!request.NewValue.Contains("@") || !request.NewValue.Contains("."))
{
return(NotFound());
}
user.email = request.NewValue;
user.verified = 0;
user.verification_token = context.GenEmailToken();
context.SaveChanges();
Emailer.SendVerificationEmail(user);
return(Ok(user.email));
}
case UserUpdateAction.Actions.RecoverPassword:
{
if (user.verification_token != request.OldValue)
{
return(Forbid());
}
var hasher = new PasswordHasher <User>();
user.hash = hasher.HashPassword(user, request.NewValue);
user.verified = 1;
user.verification_token = string.Empty;
context.SaveChanges();
return(Ok(user.user_id));
}
}
return(NoContent());
}
}
public IActionResult Post([FromBody] AuthenticationRequest value)
{
using (var context = new DataAccess.UserDBContext())
{
var user = context.FindByEmail(value.EmailAddress);
if (user == null)
{
return(Forbid());
}
AccessToken tok = new AccessToken();
tok.user = user;
string callsign = string.Empty;
if (user.IsAnon())
{
if (user.hash != value.Credentials)
{
return(Forbid());
}
callsign = value.EmailAddress;
tok.callsign_index = context.CallsignsForUser(user).First().callsign_id;
}
else
{
var hasher = new PasswordHasher <User>();
var result = hasher.VerifyHashedPassword(user, user.hash, value.Credentials);
if (result == PasswordVerificationResult.Failed)
{
return(Forbid());
}
if (result == PasswordVerificationResult.SuccessRehashNeeded)
{
user.hash = hasher.HashPassword(user, value.Credentials);
context.SaveChangesAsync();
}
var callsigns = context.CallsignsForUser(user);
var sign = callsigns.FirstOrDefault(x => x.callsign_id == value.CallsignIndex);
if (sign == null)
{
sign = callsigns.First();
}
tok.callsign_index = sign.callsign_id;
callsign = sign.name;
}
foreach (var token in context.AccessTokensForUser(user))
{
token.expires = DateTime.MinValue;
context.SaveChangesAsync();
}
tok.expires = DateTime.Now + new TimeSpan(0, 5, 0);
tok.token = context.GetAccessToken();
context.access_tokens.Add(tok);
user.last_used = DateTime.Now;
context.SaveChanges();
return(Ok(new string[] { tok.token, callsign }));
}
}
public IActionResult Post([FromBody] RegistrationRequest value)
{
int newUserID = -1;
using (var context = new DataAccess.UserDBContext())
{
RegistrationResponce responce = new RegistrationResponce();
if (value.Valid())
{
value.EmailAddress = value.EmailAddress.ToLowerInvariant();
if (context.FindByEmail(value.EmailAddress) != null)
{
var usr = new User();
var callsign = new Callsign();
if (!string.IsNullOrEmpty(value.AnonKey))
{
// they want to upgrade an anon callsign so don't make a new user or callsign
var oldUser = context.FindByEmail(value.Callsign);
if (oldUser != null && oldUser.IsAnon() && oldUser.hash == value.AnonKey)
{
usr = oldUser;
callsign = context.CallsignsForUser(usr).FirstOrDefault();
usr.email = value.EmailAddress.ToLowerInvariant();
usr.verification_token = context.GenEmailToken();
usr.hash = new PasswordHasher <User>().HashPassword(usr, value.Credentials);
usr.verified = 0;
newUserID = usr.user_id;
context.SaveChanges();
}
else // bad upgrade, make them resubmit as a new registration
{
return(Forbid());
}
}
else
{
usr.email = value.EmailAddress.ToLowerInvariant();
usr.hash = new PasswordHasher <User>().HashPassword(usr, value.Credentials);
usr.enabled = 1;
usr.created = DateTime.Now;
usr.verified = 0;
usr.verification_token = context.GenEmailToken();
context.users.Add(usr);
context.SaveChanges();
newUserID = usr.user_id;
callsign.enabled = 1;
callsign.name = value.Callsign;
callsign.created = DateTime.Now;
callsign.user = usr;
context.callsigns.Add(callsign);
context.SaveChanges();
}
responce.CallsignID = callsign.callsign_id;
AccessToken tok = new AccessToken();
tok.user = usr;
tok.expires = DateTime.Now + new TimeSpan(0, 5, 0);
tok.token = context.GetAccessToken();
tok.callsign_index = callsign.callsign_id;
context.access_tokens.Add(tok);
context.SaveChanges();
responce.OK = true;
responce.Token = tok.token;
responce.Result = callsign.name;
Emailer.SendVerificationEmail(usr);
}
else
{
responce.OK = false;
responce.Result = "UNAVAILBLE";
}
}
else
{
responce.OK = false;
responce.Result = "INVALID";
}
if (responce.OK)
{
return(Ok(responce));
}
else
{
return(NotFound(responce));
}
}
}
