Exemplo n.º 1
0
        public async Task <IActionResult> Delete(string id)
        {
            var user = await _userManager.FindByIdAsync(id);

            if (user == null)
            {
                return(StatusCode(404, ResponseDto <int> .NotFound("Пользователя с таким id не существует")));
            }

            var isAdmin = await _userManager.IsInRoleAsync(user, "Admin");

            if (isAdmin)
            {
                StatusCode(400, ResponseDto <int> .BadRequest("Невозможно удалить администратора"));
            }

            var result = await _userManager.DeleteAsync(user);

            if (result.Succeeded)
            {
                return(NoContent());
            }

            return(StatusCode(400, ResponseDto <int> .BadRequest("Невозможно удалить пользователя")));
        }
Exemplo n.º 2
0
        public async Task <ActionResult> RaisePrice(Guid id, [FromBody] NewPriceRaiseDto newPriceRaiseDto)
        {
            var curLastRaise = (await _raiseRepository.ListAllAsync())
                               .Where(r => r.AuctionId == id)
                               .OrderByDescending(r => r.Date)
                               .FirstOrDefault();

            var raise = _mapper.Map <PriceRaise>(newPriceRaiseDto);

            raise.RaisedUserId = User.FindFirstValue(ClaimTypes.NameIdentifier);
            raise.AuctionId    = id;
            raise.Date         = DateTime.Now;

            // FEATURE to update user balance on each price raise (automatically returns to prev user)
            var userId = User.FindFirstValue(ClaimTypes.NameIdentifier);

            var user = await _userManager.FindByIdAsync(userId);

            var balance = user.Balance;

            if (curLastRaise != null && curLastRaise.RaisedUserId == user.Id)
            {
                balance += curLastRaise.EndPrice;
            }
            if (balance < raise.EndPrice)
            {
                return(StatusCode(400, ResponseDto <int> .BadRequest("Недостаточный баланс")));
            }

            var result = await _raiseRepository.AddAsync(raise);

            if (result == null)
            {
                return(BadRequest());
            }

            if (curLastRaise != null)
            {
                var prevUser = await _userManager.FindByIdAsync(curLastRaise.RaisedUserId);

                prevUser.Balance += curLastRaise.EndPrice;
                await _userManager.UpdateAsync(prevUser);
            }

            user.Balance -= raise.EndPrice;
            await _userManager.UpdateAsync(user);

            return(Ok(ResponseDto <int> .Ok()));
        }
        public async Task <IActionResult> ChangePassword([FromBody] PasswordChangeDto passwordChangeDto)
        {
            if (passwordChangeDto.NewPassword != passwordChangeDto.NewPasswordConfirmation)
            {
                return(StatusCode(400, ResponseDto <int> .BadRequest("Пароли не совпадают")));
            }

            var userId = User.FindFirstValue(ClaimTypes.NameIdentifier);
            var user   = await _userManager.FindByIdAsync(userId);

            var result = await _userManager.ChangePasswordAsync(user, passwordChangeDto.CurrentPassword,
                                                                passwordChangeDto.NewPassword);

            if (result.Succeeded)
            {
                return(Ok(ResponseDto <int> .Ok()));
            }

            return(StatusCode(400, ResponseDto <int> .BadRequest("Неверный текущий пароль")));
        }
        public async Task <IActionResult> ValidateRegistration([FromBody] RegisterDto registerDto)
        {
            if (string.IsNullOrEmpty(registerDto.Email))
            {
                return(StatusCode(400, ResponseDto <int> .BadRequest("Email не может быть пуст")));
            }
            if (string.IsNullOrEmpty(registerDto.Username))
            {
                return(StatusCode(400, ResponseDto <int> .BadRequest("Username не может быть пуст")));
            }
            if (string.IsNullOrEmpty(registerDto.Password))
            {
                return(StatusCode(400, ResponseDto <int> .BadRequest("Пароль не может быть пуст")));
            }
            if (string.IsNullOrEmpty(registerDto.PasswordConfirmation))
            {
                return(StatusCode(400, ResponseDto <int> .BadRequest("Подтверждение не может быть пусто")));
            }

            if (registerDto.Password != registerDto.PasswordConfirmation)
            {
                return(StatusCode(400, ResponseDto <int> .BadRequest("Пароли не совпадают")));
            }

            var user = await _userManager.FindByNameAsync(registerDto.Username);

            if (user != null)
            {
                return(StatusCode(400, ResponseDto <int> .BadRequest("Пользователь с таким именем существует")));
            }

            user = await _userManager.FindByEmailAsync(registerDto.Email);

            if (user != null)
            {
                return(StatusCode(400, ResponseDto <int> .BadRequest("Пользователь с таким email существует")));
            }

            return(Ok(ResponseDto <int> .Ok()));
        }
        public async Task <IActionResult> CreateToken([FromBody] LoginDto loginDto)
        {
            if (!ModelState.IsValid)
            {
                return(StatusCode(400, ResponseDto <int> .BadRequest("Пароли не совпадают")));
            }

            var loginResult =
                await _signInManager.PasswordSignInAsync(loginDto.Username, loginDto.Password, false, false);

            if (!loginResult.Succeeded)
            {
                return(StatusCode(400, ResponseDto <int> .BadRequest("Неверный пароль")));
            }

            var user = await _userManager.FindByNameAsync(loginDto.Username);

            var token = new TokenDto {
                Token = await GetToken(user)
            };

            return(Ok(ResponseDto <TokenDto> .Ok(token)));
        }
        public async Task <IActionResult> Register([FromBody] RegisterDto registerDto)
        {
            if (registerDto.Password != registerDto.PasswordConfirmation)
            {
                return(StatusCode(400, ResponseDto <int> .BadRequest("Пароли не совпадают")));
            }

            if (!ValidateCreditCard(registerDto.CardNumber))
            {
                return(StatusCode(400, ResponseDto <int> .BadRequest("Неверный формат номера карты")));
            }

            try
            {
                _mapper.Map <ApplicationUser>(registerDto);
            }
            catch (Exception e)
            {
                StatusCode(400, ResponseDto <int> .BadRequest("Неверный формат даты"));
            }

            var user = _mapper.Map <ApplicationUser>(registerDto);

            user.RegistrationDate = DateTime.Now;

            var identityResult = await _userManager.CreateAsync(user, registerDto.Password);

            if (!identityResult.Succeeded)
            {
                return(BadRequest(identityResult.Errors));
            }

            var code = await _userManager.GenerateEmailConfirmationTokenAsync(user);

            var base64     = Convert.ToBase64String(Encoding.Unicode.GetBytes(code));
            var request    = ControllerContext.HttpContext.Request;
            var uriBuilder = new UriBuilder
            {
                Scheme = request.Scheme,
                Host   = request.Host.Host,
                Path   = "api/auth/confirmation",
                Query  = $"username={user.UserName}&code={base64}"
            };

            if (request.Host.Port.HasValue)
            {
                uriBuilder.Port = request.Host.Port.Value;
            }

            var callbackUrl = uriBuilder.Uri.ToString();

            try
            {
                _emailSender.SendEmail(registerDto.Email, "Confirm your email",
                                       $"Please confirm your account by <a href=\"{callbackUrl}\">clicking here</a>.");
            }
            catch (Exception e) { Console.WriteLine(e.Message); }

            return(Ok(ResponseDto <int> .Ok()));

            //await _signInManager.SignInAsync(user, false);

            //var token = new TokenDto {Token = await GetToken(user)};

            //return Ok(ResponseDto<TokenDto>.Ok(token));
        }