public UserProfileVM Login()
{
Stream stream = Request.Body;
LoginVM loginVM = this.ReadRequestBody <LoginVM>(stream);
User?existingUser = _UserRepo.GetUserByUsername(loginVM.Username);
if (existingUser == null || !PasswordOperator.ValidateMe(existingUser.Password, loginVM.Password))
{
return(new UserProfileVM());
}
else
{
HttpContext.Session.SetString("sessionId", IdGenerator.GenerateId());
return(this.GetProfile(existingUser));
}
}
public ActionResult ChangePassword()
{
Stream stream = Request.Body;
ChangePasswordVM changeable = this.ReadRequestBody <ChangePasswordVM>(stream);
User user = _UserRepo.GetUserByUsername(changeable.Username);
bool isSame = PasswordOperator.ValidateMe(user.Password, changeable.NewPassword);
bool isValid = PasswordOperator.ValidateMe(user.Password, changeable.OldPassword);
if (isSame || !isValid)
{
return(StatusCode(417));
}
else
{
string hashedPassword = PasswordOperator.HashMe(changeable.NewPassword);
user.Password = hashedPassword;
_UserRepo.UpdateEntityById(user);
return(Ok());
}
}
public UserProfileVM Register()
{
Stream stream = Request.Body;
RegisterVM regVM = this.ReadRequestBody <RegisterVM>(stream);
User?existing = _UserRepo.GetUserByUsername(regVM.UserName);
UserProfileVM newProfile;
if (existing != null)
{
newProfile = new UserProfileVM();
}
else
{
string hashedPassword = PasswordOperator.HashMe(regVM.Password);
string id = IdGenerator.GenerateId();
User newUser = new User
{
UserId = id,
UserName = regVM.UserName,
Email = regVM.Email,
Password = hashedPassword
};
newProfile = this.GetProfile(newUser);
_UserRepo.CreateEntity(newUser);
HttpContext.Session.SetString("sessionId", IdGenerator.GenerateId());
}
return(newProfile);
}
