public List <User> Query()
{
var remoteIpAddress = HttpContext.Features.Get <IHttpConnectionFeature>()?.RemoteIpAddress;
email.SendMessage("Somebody just called api/users with a GET header", "The call was from: " + remoteIpAddress);
var users = db.User.ToList();
return(users);
}
public List <Notes> Query()
{
var remoteIpAddress = HttpContext.Features.Get <IHttpConnectionFeature>()?.RemoteIpAddress;
email.SendMessage("Somebody just called api/notes with a GET header", "The call was from: " + remoteIpAddress);
var notes = db.Notes.Include(c => c.Category).Include(u => u.User).Where(n => n.IsDeleted.Equals(false)).ToList();
return(notes);
}
public List <Category> Query()
{
var remoteIpAddress = HttpContext.Features.Get <IHttpConnectionFeature>()?.RemoteIpAddress;
email.SendMessage("Somebody just called api/categories with a GET header", "The call was from: " + remoteIpAddress);
var cats = db.Category.ToList();
return(cats);
}
public string UsernameAndPasswordUpdate(CSC425Context db, String IPAddress)
{
// Check to make sure a user exists with the given name or email address
var user = db.Users.Where(u => u.Username.ToLower().Equals(CurrentUsername.ToLower())).FirstOrDefault();
if (user == null)
{
return(JsonConvert.SerializeObject(new ReturnCode(404, "Not Found", "Username is invalid")));
}
SendEmails email = new SendEmails();
var salt = Security.Generate(128);
var secret = Security.Generate(64);
// Change username/password
user.Username = NewUsername;
user.EmailAddress = NewEmailAddress;
user.Password = Security.SHA256(Security.Pepper + Password + salt);
user.Salt = salt;
user.IsVerified = false;
user.SecretKey = secret;
db.SaveChangesAsync();
email.SendMessage(new System.Net.Mail.MailAddress(user.EmailAddress, user.Username), "Please verify your account on Rohzek's Note Service", $"Hello!\n\nPlease click this link to verify your account: https://rohzek.cf:8080/api/v1/verify?verification_code={user.SecretKey}");
return(JsonConvert.SerializeObject(new SessionIDHolder(user.Username, user.SessionId)));
}
public string Signup(CSC425Context db, String IPAddress)
{
var user = db.Users.Where(u => u.EmailAddress.ToLower().Equals(Email.ToLower())).FirstOrDefault();
if (user == null)
{
user = db.Users.Where(u => u.Username.ToLower().Equals(Username.ToLower())).FirstOrDefault();
if (user == null)
{
SendEmails email = new SendEmails();
var salt = Security.Generate(128);
var secret = Security.Generate(64);
var passwordToSave = Security.SHA256(Security.Pepper + Password + salt);
// Create new user
user = new Users();
user.Username = Username;
user.EmailAddress = Email;
user.Salt = salt;
user.Password = passwordToSave;
user.UserRole = "User";
user.CreationIp = IPAddress;
user.VerificationIp = "0.0.0.0";
user.Use2Fa = false;
user.LoginAttempts = 0;
user.SecretKey = secret;
db.Users.Add(user);
db.SaveChangesAsync();
email.SendMessage(new System.Net.Mail.MailAddress(user.EmailAddress, user.Username), "Please verify your account on Rohzek's Note Service", $"Hello!\n\nPlease click this link to verify your account: http://rohzek.cf:8080/api/v1/verify?verification_code={user.SecretKey}");
return(JsonConvert.SerializeObject(new ReturnCode(100, "Continue", "User created successfully, awaiting email verification")));
}
}
return(JsonConvert.SerializeObject(new ReturnCode(409, "Conflict", $"User with username: {Username} and/or Email Address: {Email} already exists.")));
}