// POST api/<controller>
public IHttpActionResult PostUsers([FromBody] RVisitors value)
{
JObject modelErrors = new JObject
{
{ "FirstName", "" },
{ "LastName", "" },
{ "Email", "" },
{ "PhoneNumber", "" },
{ "City", "" },
{ "Username", "" },
{ "Password", "" }
};
if (principal.RVisitors.Where(x => x.Email == value.Email).FirstOrDefault() != null)
{
return(BadRequest("User with that email already exists !"));
}
if (principal.RVisitors.Where(x => x.PhoneNumber == value.PhoneNumber).FirstOrDefault() != null)
{
return(BadRequest("User with that phone number already exists !"));
}
var salt = new Random().Next().ToString();
var saltedPass = CondorExtreme3.Tools.Algorithm.GetStringSha256Hash(value.PasswordHash + salt);
value.PasswordHash = saltedPass;
value.PasswordSalt = salt;
principal.RVisitors.Add(value);
principal.SaveChanges();
return(CreatedAtRoute("DefaultApi", new { id = value.RVisitorID }, value.RVisitorID));
}
public IHttpActionResult PostCancelReservation([FromBody] dynamic value)
{
var jObj = JObject.FromObject(value);
RVisitors user = principal.RVisitors.Find(int.Parse(jObj["RVisitorID"].ToString()));
Reservations reservation = principal.Reservations.Find(int.Parse(jObj["ReservationID"].ToString()));
if (user == null)
{
return(BadRequest("User does not exist!"));
}
if (reservation == null)
{
return(BadRequest("Reservation does not exist!"));
}
// Delete all tickets
var ticketsToRemove = principal.Tickets.Where(x => x.ReservationID == reservation.ReservationID);
foreach (var ticket in ticketsToRemove)
{
principal.Tickets.Remove(ticket);
}
// Remove the reservation
principal.Reservations.Remove(reservation);
principal.SaveChanges();
return(Ok("You have successfully canceled your reservation!"));
}
public IHttpActionResult PostConfirmReservation([FromBody] dynamic value)
{
var jObj = JObject.FromObject(value);
RVisitors user = principal.RVisitors.Find(int.Parse(jObj["RVisitorID"].ToString()));
Reservations reservation = principal.Reservations.Find(int.Parse(jObj["ReservationID"].ToString()));
if (user == null)
{
return(BadRequest("User does not exist"));
}
if (reservation == null)
{
return(BadRequest("Reservation does not exist"));
}
var totalCost = principal.Tickets
.Where(x => x.ReservationID == reservation.ReservationID)
.Select(x => x.TicketPrice).ToList().Sum();
if (user.VirtualPointsTotal < totalCost)
{
return(BadRequest("You do not have enough VP for this purchase!"));
}
else
{
reservation.IsCompleted = 1;
// Implement this at a later time! (Requires DB re-design)
//principal.TransactionsVirtualPoints.Add(new TransactionsVirtualPoints() {
// RVisitorID = user.RVisitorID,
// TransactionDate = DateTime.Now,
// TransactionValue = -totalCost
//});
user.VirtualPointsTotal -= (int)Math.Ceiling(totalCost); // VirtualPointsTotal must be double!
principal.SaveChanges();
return(Ok("You have successfully confirmed your reservation!"));
}
}
public IHttpActionResult PostUsersLogin([FromBody] RVisitors value)
{
// Because users aren't unique for now
var possibleUsers = principal.RVisitors
.Where(x => !x.IsDeleted && x.Username == value.Username);
foreach (var user in possibleUsers)
{
var passHash = CondorExtreme3.Tools.Algorithm.GetStringSha256Hash(value.PasswordHash + user.PasswordSalt);
if (passHash == user.PasswordHash)
{
return(Ok(new JObject {
{ "UserID", user.RVisitorID },
{ "FirstName", user.FirstName },
{ "LastName", user.LastName },
{ "Email", user.Email },
{ "VirtualPoints", user.VirtualPointsTotal },
{ "PhoneNumber", user.PhoneNumber }
}));
}
}
return(Unauthorized());
}
// POST api/<controller>
public IHttpActionResult PostUsersForAndroid([FromBody] RVisitors value)
{
JObject modelErrors = new JObject
{
{ "FirstName", "" },
{ "LastName", "" },
{ "Email", "" },
{ "PhoneNumber", "" },
{ "City", "" },
{ "Username", "" },
{ "Password", "" }
};
bool modelStateValid = true;
if (value.FirstName == null)
{
modelErrors["FirstName"] = "This field is required!";
modelStateValid = false;
}
if (value.LastName == null)
{
modelErrors["LastName"] = "This field is required!";
modelStateValid = false;
}
if (value.Email == null)
{
modelErrors["Email"] = "This field is required!";
modelStateValid = false;
}
else
if (!System.Text.RegularExpressions.Regex.IsMatch(value.Email, @"^([\w\.\-]+)@([\w\-]+)((\.(\w){2,3})+)$"))
{
modelErrors["Email"] = "Invalid format!";
modelStateValid = false;
}
if (value.PhoneNumber == null)
{
modelErrors["PhoneNumber"] = "This field is required!";
modelStateValid = false;
}
if (value.CityID == null || value.CityID < 0)
{
modelErrors["City"] = "This field is required!";
modelStateValid = false;
}
if (value.Username == null)
{
modelErrors["Username"] = "******";
modelStateValid = false;
}
if (value.PasswordHash == null)
{
modelErrors["Password"] = "******";
modelStateValid = false;
}
if (!modelStateValid)
{
return(Content(System.Net.HttpStatusCode.BadRequest, modelErrors));
}
var salt = new Random().Next().ToString();
var saltedPass = CondorExtreme3.Tools.Algorithm.GetStringSha256Hash(value.PasswordHash + salt);
value.PasswordHash = saltedPass;
value.PasswordSalt = salt;
principal.RVisitors.Add(value);
principal.SaveChanges();
return(Ok(value.RVisitorID));
}