public HttpResponseMessage PostDeactivateAccount(UserDTO userDTO) { string email = JwtAuthManager.GetEmailFromRequest(Request); if (CheckCredentials(email, userDTO.Password)) { int userId = JwtAuthManager.GetUserIdFromRequest(Request); User user = db.Users.Find(userId); List <Comment> allComments = db.Comments.Where(c => c.UserDetails.UserDetailsId == userId).ToList(); allComments.ForEach(c => db.Comments.Remove(c)); int?imageId = Image.ExtractImageId(user.UserDetails.ImageUrl); if (imageId != null) { ImageController.DeleteImage(imageId.Value, db); } db.UserDetails.Remove(user.UserDetails); db.Users.Remove(user); db.SaveChanges(); return(Request.CreateResponse(HttpStatusCode.OK)); } return(Request.CreateResponse(HttpStatusCode.Unauthorized, "Профилот не е деактивиран бидејќи лозинката која ја внесовте е погрешна.")); }
public HttpResponseMessage PostChangePassword(ChangePasswordDTO changePasswordDTO) { string email = JwtAuthManager.GetEmailFromRequest(Request); if (CheckCredentials(email, changePasswordDTO.Password)) { int userId = JwtAuthManager.GetUserIdFromRequest(Request); User user = db.Users.Find(userId); byte[] salt; rngCsp.GetBytes(salt = new byte[16]); var pdkdf2 = new Rfc2898DeriveBytes(changePasswordDTO.NewPassword, salt, 1000); byte[] hash = pdkdf2.GetBytes(20); byte[] hashBytes = new byte[36]; Array.Copy(salt, 0, hashBytes, 0, 16); Array.Copy(hash, 0, hashBytes, 16, 20); user.Password = Convert.ToBase64String(hashBytes); user.Salt = Convert.ToBase64String(salt); db.SaveChanges(); return(Request.CreateResponse(HttpStatusCode.OK)); } return(Request.CreateResponse(HttpStatusCode.Unauthorized, "Промената на лозинка е неуспешна, бидејќи внесовте погрешна стара лозинка")); }