public HttpResponseMessage LoginUser([FromBody] UserLoginModel model)
{
var responseMsg = this.PerformOperationAndHandleExceptions(() =>
{
User user = this.db.Users.All().Where(
u => u.Email == model.Email.ToLower() &&
u.AuthCode == model.AuthCode).FirstOrDefault();
if (user == null)
{
// The user does not exist
throw new InvalidOperationException("Invalid email or password");
}
if (user.SessionKey == null)
{
user.SessionKey = this.GenerateSessionKey(user.Id);
this.db.Users.Update(user);
this.db.SaveChanges();
}
var userLoggedModel = new UserLoggedModel()
{
Id = user.Id,
DisplayName = user.FirstName + " " + user.LastName,
SessionKey = user.SessionKey
};
var response = this.Request.CreateResponse(HttpStatusCode.Created, userLoggedModel);
return(response);
});
return(responseMsg);
}
public HttpResponseMessage RegisterUser(UserRegisterModel userToRegister)
{
UserValidator.ValidateAuthCode(userToRegister.AuthCode);
UserValidator.ValidateNickname(userToRegister.Nickname);
UserValidator.ValidateUsername(userToRegister.Username);
User newUser = null;
try
{
newUser = UsersMapper.ToUserEntity(userToRegister);
}
catch (Exception)
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Invalid user register model provided!"));
}
usersRepository.Add(newUser);
User inDbUser = this.usersRepository.GetByUsernameAndAuthCode(newUser.Username, newUser.AuthCode);
inDbUser.SessionKey = UserValidator.GenerateSessionKey(inDbUser.ID);
this.usersRepository.Update(inDbUser.ID, inDbUser);
UserLoggedModel loggedUser = new UserLoggedModel()
{
Nickname = inDbUser.Nickname,
SessionKey = inDbUser.SessionKey
};
HttpResponseMessage response = Request.CreateResponse(HttpStatusCode.Created, loggedUser);
response.Headers.Location = new Uri(Url.Link("NewsApi", new { sessionKey = loggedUser.SessionKey }));
return(response);
}
public HttpResponseMessage LoginUser(UserModel user)
{
IQueryable <User> users = this.userRepository.GetAll();
var result = from u in users
where u.Username == user.Username && u.Password == user.Password
select u;
User newUser = result.FirstOrDefault();
if (newUser != null)
{
var rep = new DbUsersRepository(this.db);
var sessionKey = rep.LoginUser(user.Username, user.Password);
UserLoggedModel userModel = new UserLoggedModel()
{
UserID = newUser.UserID,
Username = newUser.Username,
SessionKey = sessionKey
};
var responseMsg = this.Request.CreateResponse(HttpStatusCode.OK, userModel);
return(responseMsg);
}
else
{
var responseMsg = this.Request.CreateResponse(HttpStatusCode.NotFound);
return(responseMsg);
}
}
public HttpResponseMessage LoginUser(UserLoginModel userToLogin)
{
UserValidator.ValidateAuthCode(userToLogin.AuthCode);
UserValidator.ValidateUsername(userToLogin.Username);
User user = null;
try
{
user = this.usersRepository.GetByUsernameAndAuthCode(userToLogin.Username, userToLogin.AuthCode);
}
catch (Exception)
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Invalid username or password!"));
}
user.SessionKey = UserValidator.GenerateSessionKey(user.ID);
this.usersRepository.Update(user.ID, user);
UserLoggedModel loggedUser = new UserLoggedModel()
{
Nickname = user.Nickname,
SessionKey = user.SessionKey
};
HttpResponseMessage response = Request.CreateResponse(HttpStatusCode.OK, loggedUser);
return(response);
}
public HttpResponseMessage RegisterUser([FromBody] UserRegisterModel user)
{
HttpResponseMessage responseMessage = this.PerformOperation(() =>
{
UserValidator.ValidateUsername(user.Username);
UserValidator.ValidateDisplayName(user.DisplayName);
UserValidator.ValidateAuthenticationCode(user.AuthCode);
using (var context = this.ContextFactory.Create())
{
User exstingUserEntity = context.Set <User>().FirstOrDefault(
u => u.Username == user.Username.ToLower() || u.DisplayName.ToLower() == user.DisplayName.ToLower());
if (exstingUserEntity != null)
{
throw new InvalidOperationException("User already exists!");
}
User newUserEntity = UsersMapper.ToEntity(user);
context.Set <User>().Add(newUserEntity);
context.SaveChanges();
newUserEntity.SessionKey = UserValidator.GenerateSessionKey(newUserEntity.ID);
context.SaveChanges();
UserLoggedModel loggedUser = UsersMapper.ToModel(newUserEntity);
return(this.Request.CreateResponse(HttpStatusCode.Created, loggedUser));
}
});
return(responseMessage);
}
public HttpResponseMessage LoginUser([FromBody] UserLoginModel user)
{
HttpResponseMessage responseMessage = this.PerformOperation(() =>
{
UserValidator.ValidateUsername(user.Username);
UserValidator.ValidateAuthenticationCode(user.AuthCode);
using (var context = this.ContextFactory.Create())
{
var userEntity = context.Set <User>().FirstOrDefault(
u => u.AuthCode == user.AuthCode && u.Username == user.Username.ToLower());
if (userEntity == null)
{
throw new InvalidOperationException("User not registered!");
}
userEntity.SessionKey = UserValidator.GenerateSessionKey(userEntity.ID);
context.SaveChanges();
UserLoggedModel loggedUser = UsersMapper.ToModel(userEntity);
return(this.Request.CreateResponse(HttpStatusCode.Created, loggedUser));
}
});
return(responseMessage);
}
public HttpResponseMessage LoginUser([FromBody] UserLoginModel inputUser)
{
User currentUser = userRepo.All().Where(u => u.Username == inputUser.Username).FirstOrDefault();
if (currentUser == null)
{
return(this.Request.CreateErrorResponse(HttpStatusCode.NotFound,
string.Format("User with username : {0}, doesn't exist ", inputUser.Username)));
}
else if (inputUser.AuthCode != currentUser.Password)
{
return(this.Request.CreateErrorResponse(HttpStatusCode.NotFound, "Username or password don't match"));
}
else if (currentUser.SessionKey != null)
{
return(this.Request.CreateErrorResponse(HttpStatusCode.BadRequest, "User already logged in."));
}
UserLoggedModel loggedUser = new UserLoggedModel()
{
UserName = currentUser.Username,
SessionKey = GenerateSessionKey(currentUser.Id),
Latitude = currentUser.Latitude,
Longitude = currentUser.Longitude
};
currentUser.SessionKey = loggedUser.SessionKey;
userRepo.Update(currentUser.Id, currentUser);
return(this.Request.CreateResponse(HttpStatusCode.OK, loggedUser));
}
public HttpResponseMessage RegisterUser(UserRegisterModel model)
{
var responseMsg = this.ExceptionHandler(
() =>
{
var context = new AutoMorgueContext();
UserDataPersister.ValidateUsername(model.Username);
UserDataPersister.ValidateNickname(model.DisplayName);
UserDataPersister.ValidateAuthCode(model.AuthCode);
var usernameToLower = model.Username.ToLower();
var displayNameToLower = model.DisplayName.ToLower();
var users = context.Users;
var user = users.FirstOrDefault(usr => usr.Username == usernameToLower || usr.DisplayName.ToLower() == displayNameToLower);
var role = context.Roles.FirstOrDefault(r => r.Name == "user");
if (role == null)
{
role = new Role
{
Name = "user"
};
}
if (user != null)
{
throw new InvalidOperationException("Invalid Username or Password");
}
var newUser = new User
{
Username = usernameToLower,
DisplayName = model.DisplayName,
AuthCode = model.AuthCode,
Role = role
};
var userInDb = context.Users.Add(newUser);
context.SaveChanges();
userInDb.SessionKey = UserDataPersister.GenerateSessionKey(userInDb.Id);
context.SaveChanges();
var loggedModel = new UserLoggedModel
{
DisplayName = userInDb.DisplayName,
SessionKey = userInDb.SessionKey
};
var response = this.Request.CreateResponse(HttpStatusCode.Created, loggedModel);
response.Headers.Location = new Uri(Url.Link("DefaultApi", new { id = userInDb.Id }));
return(response);
});
return(responseMsg);
}
public static UserLoggedModel ToModel(User userEntity)
{
UserLoggedModel userLoggedModel = new UserLoggedModel()
{
DisplayName = userEntity.DisplayName,
SessionKey = userEntity.SessionKey
};
return(userLoggedModel);
}
public HttpResponseMessage RegisterUser([FromBody] UserRegisterLoginModel userModel)
{
var responseMessage = this.PerformOperationAndHandleExceptions(() =>
{
this.ValidateUsername(userModel.Username);
this.ValidateNickname(userModel.Nickname);
this.ValidateAuthCode(userModel.AuthenticationCode);
var context = this.contextFactory.Create();
using (context)
{
var usernameToLower = userModel.Username.ToLower();
var nicknameToLower = userModel.Nickname.ToLower();
var user = context.Set <User>().FirstOrDefault(
usr => usr.Username == usernameToLower ||
usr.Nickname.ToLower() == nicknameToLower);
if (user != null)
{
throw new InvalidOperationException("User already exists!");
}
user = new User()
{
Username = usernameToLower,
Nickname = userModel.Nickname,
AuthenticationCode = userModel.AuthenticationCode
};
context.Set <User>().Add(user);
context.SaveChanges();
user.SessionKey = this.GenerateSessionKey(user.Id);
context.SaveChanges();
var loggedModel = new UserLoggedModel()
{
Nickname = user.Nickname,
SessionKey = user.SessionKey
};
var response = this.Request.CreateResponse(HttpStatusCode.Created, loggedModel);
return(response);
}
});
return(responseMessage);
}
public HttpResponseMessage PostRegisterUser(UserModel model)
{
var responseMsg = this.PerformOperationAndHandleExceptions(
() =>
{
var context = this.contextFactory.Create() as NewsContext;
using (context)
{
this.ValidateUserName(model.Username);
this.ValidateNickname(model.Displayname);
this.ValidateAuthCode(model.AuthCode);
var usernameToLower = model.Username.ToLower();
var displaynameToLower = model.Displayname.ToLower();
var user = context.Users.FirstOrDefault(usr => usr.Username == usernameToLower || usr.DisplayName.ToLower() == displaynameToLower);
if (user != null)
{
throw new InvalidOperationException("User already exists in the database!");
}
user = new User()
{
Username = usernameToLower,
DisplayName = model.Displayname,
AuthCode = model.AuthCode,
IsAdmin = model.IsAdmin,
};
context.Users.Add(user);
context.SaveChanges();
user.SessionKey = this.GenerateSessionKey(user.Id);
context.SaveChanges();
var loggedModel = new UserLoggedModel()
{
Displayname = user.DisplayName,
SessionKey = user.SessionKey,
IsAdmin = user.IsAdmin,
};
var responce = this.Request.CreateResponse(HttpStatusCode.Created, loggedModel);
return(responce);
}
});
return(responseMsg);
}
public HttpResponseMessage PostRegisterUser(UserModel model)
{
var responseMsg = this.PerformOperationAndHandleExceptions(
() =>
{
var context = new dbf609f467420e40209014a26e008b568aEntities();
using (context)
{
this.ValidateUsername(model.Username);
this.ValidateName(model.Name);
this.ValidatePassword(model.Password);
var usernameToLower = model.Username.ToLower();
var nameToLower = model.Name.ToLower();
var user = context.Users.FirstOrDefault(
usr => usr.Username == usernameToLower ||
usr.Name.ToLower() == nameToLower);
if (user != null)
{
throw new InvalidOperationException("User already exists");
}
user = new User()
{
Username = usernameToLower,
Name = model.Name,
Password = model.Password
};
context.Users.Add(user);
context.SaveChanges();
user.SessionKey = user.Id.ToString();
context.SaveChanges();
var loggedModel = new UserLoggedModel()
{
Name = user.Name,
SessionKey = user.SessionKey
};
var response =
this.Request.CreateResponse(HttpStatusCode.Created,
loggedModel);
return(response);
}
});
return(responseMsg);
}
public HttpResponseMessage PostRegisterUser(UserModel model)
{
var responseMsg = this.PerformOperationAndHandleExceptions(
() =>
{
var context = new BloggingSystemContext();
using (context)
{
this.ValidateUsername(model.Username);
this.ValidateNickname(model.DisplayName);
this.ValidateAuthCode(model.AuthCode);
var usernameToLower = model.Username.ToLower();
var nicknameToLower = model.DisplayName.ToLower();
var user = context.Users.FirstOrDefault(
usr => usr.Username == usernameToLower ||
usr.DisplayName.ToLower() == nicknameToLower);
if (user != null)
{
throw new InvalidOperationException("User exists");
}
user = new User()
{
Username = usernameToLower,
DisplayName = model.DisplayName,
AuthCode = model.AuthCode
};
context.Users.Add(user);
context.SaveChanges();
user.SessionKey = this.GenerateSessionKey(user.Id);
context.SaveChanges();
var loggedModel = new UserLoggedModel()
{
DisplayName = user.DisplayName,
SessionKey = user.SessionKey
};
var response = this.Request.CreateResponse(HttpStatusCode.Created, loggedModel);
return(response);
}
});
return(responseMsg);
}
public HttpResponseMessage RegisterUser([FromBody] UserRegisterModel model)
{
var responseMsg = this.PerformOperationAndHandleExceptions(() =>
{
this.ValidateFirstName(model.FirstName);
this.ValidateLastName(model.LastName);
this.ValidateEmail(model.Email);
this.ValidateAuthCodesMatch(model.AuthCode, model.ConfirmAuthCode);
this.ValidateAuthCode(model.AuthCode);
string emailToLower = model.Email.ToLower();
User existingUser =
this.db.Users.All().Where(u => u.Email == emailToLower).FirstOrDefault();
if (existingUser != null)
{
throw new InvalidOperationException("The user already exists");
}
User newUser = new User()
{
FirstName = model.FirstName,
LastName = model.LastName,
Email = emailToLower,
AuthCode = model.AuthCode,
};
this.db.Users.Add(newUser);
this.db.SaveChanges();
newUser.SessionKey = this.GenerateSessionKey(newUser.Id);
this.db.Users.Update(newUser);
this.db.SaveChanges();
var userLoggedModel = new UserLoggedModel()
{
Id = newUser.Id,
DisplayName = newUser.FirstName + " " + newUser.LastName,
SessionKey = newUser.SessionKey
};
var response = this.Request.CreateResponse(HttpStatusCode.Created, userLoggedModel);
return(response);
});
return(responseMsg);
}
public HttpResponseMessage LoginUser([FromBody] UserUnloggedModel userModel)
{
var responseMessage = this.PerformOperationAndHandleExceptions(() =>
{
var context = new BookstoreContext();
using (context)
{
if (userModel == null)
{
throw new ServerErrorException("User credentials not passed correctly", "invalid_credentials");
}
this.ValidateUsername(userModel.Username);
this.ValidateAuthCode(userModel.AuthCode);
var lowerCaseUsername = userModel.Username.ToLower();
var existingUser = context.Users.SingleOrDefault(u => u.Username == lowerCaseUsername &&
u.AuthCode == userModel.AuthCode);
if (existingUser == null)
{
throw new ServerErrorException("User with that username or password does not exist.", "user_does_not_exist");
}
if (existingUser.IsActive == false)
{
throw new ServerErrorException("User is not active.", "user_is_not_active");
}
if (existingUser.SessionKey == null)
{
var sessionKey = this.GenerateSessionKey(existingUser.Id);
existingUser.SessionKey = sessionKey;
context.SaveChanges();
}
var userReturnModel = new UserLoggedModel();
userReturnModel.SessionKey = existingUser.SessionKey;
userReturnModel.DisplayName = existingUser.Username;
return(Request.CreateResponse(HttpStatusCode.Created, userReturnModel));
}
});
return(responseMessage);
}
public HttpResponseMessage RegisterUser([FromBody] UserUnloggedModel userModel)
{
var responseMessage = this.PerformOperationAndHandleExceptions(() =>
{
var context = new BookstoreContext();
using (context)
{
if (userModel == null)
{
throw new ServerErrorException("User credentials not passed correctly",
"invalid_credentials");
}
this.ValidateUsername(userModel.Username);
this.ValidateAuthCode(userModel.AuthCode);
var lowerCaseUsername = userModel.Username.ToLower();
var existingUser = context.Users.SingleOrDefault(u => u.Username == lowerCaseUsername);
if (existingUser != null)
{
throw new ServerErrorException("User with that username or nickname already exists.", "user_exists");
}
var newUser = new User();
newUser.Username = lowerCaseUsername;
newUser.AuthCode = userModel.AuthCode;
newUser.IsActive = true;
context.Users.Add(newUser);
context.SaveChanges();
var sessionKey = this.GenerateSessionKey(newUser.Id);
newUser.SessionKey = sessionKey;
context.SaveChanges();
var userReturnModel = new UserLoggedModel();
userReturnModel.SessionKey = newUser.SessionKey;
userReturnModel.DisplayName = newUser.Username;
return(Request.CreateResponse(HttpStatusCode.Created, userReturnModel));
}
});
return(responseMessage);
}
public HttpResponseMessage PostRegisterUser(UserPostModel model)
{
var responseMsg = this.PerformOperationAndHandleExceptions(
() =>
{
this.ValidateUsername(model.Username);
this.ValidateName(model.Name);
this.ValidatePassword(model.Password);
var usernameToLower = model.Username.ToLower();
User user = this.Data.Users.All().FirstOrDefault(
x => x.Username == usernameToLower);
if (user != null)
{
throw new InvalidOperationException("User already exists");
}
user = new User()
{
Username = usernameToLower,
Name = model.Name,
Password = model.Password,
SessionKey = string.Empty,
Level = this.Data.Levels.All().OrderBy(x => x.Rank).FirstOrDefault(),
UserRole = this.Data.UserRoles.All().Where(x => x.Role == RoleUser).FirstOrDefault()
};
this.Data.Users.Add(user);
this.Data.SaveChanges();
user.SessionKey = user.Id.ToString();
this.Data.SaveChanges();
var loggedModel = new UserLoggedModel()
{
SessionKey = user.SessionKey
};
var response =
this.Request.CreateResponse(HttpStatusCode.Created,
loggedModel);
return(response);
});
return(responseMsg);
}
public HttpResponseMessage RegisterUser(UserModel model)
{
var responseMsg = this.PerformOperationAndHandleExceptions(() =>
{
ValidateUsername(model.Username);
ValidateNickname(model.Nickname);
ValidateAuthCode(model.AuthCode);
string modelUsernameToLower = model.Username.ToLower();
string modelNickNameToLower = model.Nickname.ToLower();
User user = this.userRepository.GetAll().Where(
usr => usr.Username.ToLower() == modelUsernameToLower &&
usr.AuthCode == model.AuthCode).FirstOrDefault();
if (user != null)
{
throw new InvalidOperationException("The user already exists");
}
user = new User()
{
Username = modelUsernameToLower,
Nickname = model.Nickname,
AuthCode = model.AuthCode
};
this.userRepository.Add(user);
user.SessionKey = this.GenerateSessionKey(user.Id);
this.userRepository.Update(user.Id, user);
var userLoggedModel = new UserLoggedModel()
{
Nickname = user.Nickname,
SessionKey = user.SessionKey
};
var response = this.Request.CreateResponse(HttpStatusCode.Created, userLoggedModel);
return(response);
});
return(responseMsg);
}
public HttpResponseMessage LoginUser(UserLoginModel user)
{
try
{
UserRepository userRepository = this.data.GetUserRepository();
string nickname = string.Empty;
var sessionKey = userRepository.LoginUser(user.Username, user.AuthCode, out nickname);
UserLoggedModel result = new UserLoggedModel()
{
Nickname = nickname,
SessionKey = sessionKey
};
return(Request.CreateResponse(HttpStatusCode.OK, result));
}
catch (InvalidOperationException e)
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, e.Message));
}
}
public HttpResponseMessage LoginUser([FromBody] UserRegisterLoginModel userModel)
{
var responseMessage = this.PerformOperationAndHandleExceptions(
() =>
{
this.ValidateUsername(userModel.Username);
this.ValidateAuthCode(userModel.AuthenticationCode);
var context = this.contextFactory.Create();
using (context)
{
var usernameToLower = userModel.Username.ToLower();
var user = context.Set <User>()
.Where(x => x.Username == usernameToLower && x.AuthenticationCode == userModel.AuthenticationCode).FirstOrDefault();
if (user == null)
{
throw new InvalidOperationException("Invalid username or password!");
}
if (user.SessionKey == null)
{
user.SessionKey = this.GenerateSessionKey(user.Id);
context.SaveChanges();
}
UserLoggedModel loggedUser = new UserLoggedModel()
{
Nickname = user.Nickname,
SessionKey = user.SessionKey
};
var response = this.Request.CreateResponse(HttpStatusCode.OK, loggedUser);
return(response);
}
});
return(responseMessage);
}
public HttpResponseMessage LogoutUser(UserLoggedModel model)
{
var responseMsg = this.PerformOperationAndHandleExceptions(() =>
{
var user = this.userRepository.GetAll().Where(
u => u.SessionKey == model.SessionKey).FirstOrDefault();
if (user == null)
{
throw new InvalidOperationException("The user is not logged in");
}
user.SessionKey = null;
this.userRepository.Update(user.Id, user);
var response = this.Request.CreateResponse(HttpStatusCode.OK, (object)null);
return(response);
});
return(responseMsg);
}
public void Register_WhenUserIsValid_ShouldReturnStatusCode201_AndSessionKey()
{
var fakeRepo = new FakeUserRepository();
var server = new InMemoryHttpServer <User>("http://localhost/", fakeRepo);
var user = new User()
{
Username = "******",
DisplayName = "Valid Display Name",
AuthCode = "bfff2dd4f1b310eb0dbf593bd83f94dd8d34077e"
};
var response = server.CreatePostRequest("api/users/register", user);
string stringContent = response.Content.ReadAsStringAsync().Result;
UserLoggedModel loggedUser = JsonConvert.DeserializeObject <UserLoggedModel>(stringContent);
Assert.AreEqual(HttpStatusCode.Created, response.StatusCode);
Assert.AreEqual(2, fakeRepo.Entities.Count); // I put one user in the repository so that the ids begin from 1 (the first user is dummy)
Assert.IsNotNull(loggedUser.SessionKey);
}
// GET api/user/5
public HttpResponseMessage Get(int id)
{
User user = this.userRepository.Get(id);
if (user != null)
{
UserLoggedModel curLoggedUser = new UserLoggedModel
{
SessionKey = user.SessionKey,
UserID = user.UserID,
Username = user.Username
};
var responseMsg = this.Request.CreateResponse(HttpStatusCode.OK, curLoggedUser);
return(responseMsg);
}
else
{
var responseMsg = this.Request.CreateResponse(HttpStatusCode.NotFound, "User id incorrect!");
return(responseMsg);
}
}
public HttpResponseMessage RegisterUser(User user)
{
var rep = new DbUsersRepository(this.db);
if (user.Username.Length <= 3 || user.Password.Length <= 3)
{
return(this.Request.CreateResponse(HttpStatusCode.ExpectationFailed, "Username or password incorrect!"));
}
rep.CreateUser(user.Username, user.Password);
var sessionKey = rep.LoginUser(user.Username, user.Password);
var loggedUser = new UserLoggedModel()
{
UserID = user.UserID,
Username = user.Username,
SessionKey = sessionKey
};
return(this.Request.CreateResponse(HttpStatusCode.Created, loggedUser));
}
public HttpResponseMessage PostLoginUser(UserModel model)
{
var responseMsg = this.PerformOperationAndHandleExceptions(
() =>
{
var context = this.contextFactory.Create() as NewsContext;
using (context)
{
this.ValidateUserName(model.Username);
this.ValidateAuthCode(model.AuthCode);
var usernameToLower = model.Username.ToLower();
var user = context.Users.FirstOrDefault(usr => usr.Username == usernameToLower && usr.AuthCode == model.AuthCode);
if (user == null)
{
throw new InvalidOperationException("Invalid username or password!");
}
if (user.SessionKey == null)
{
user.SessionKey = this.GenerateSessionKey(user.Id);
context.SaveChanges();
}
var loggedModel = new UserLoggedModel()
{
Displayname = user.DisplayName,
SessionKey = user.SessionKey,
IsAdmin = user.IsAdmin,
};
var responce = this.Request.CreateResponse(HttpStatusCode.Created, loggedModel);
return(responce);
}
});
return(responseMsg);
}
// GET api/user
public IEnumerable <UserLoggedModel> Get()
{
var users = this.userRepository.GetAll().ToList();
var loggedUsers = new List <UserLoggedModel>();
foreach (var user in users)
{
if (user.SessionKey != null)
{
UserLoggedModel curLoggedUser = new UserLoggedModel
{
SessionKey = user.SessionKey,
UserID = user.UserID,
Username = user.Username
};
loggedUsers.Add(curLoggedUser);
}
}
return(loggedUsers);
}
public HttpResponseMessage LoginUser(UserLoginModel model)
{
var responseMsg = this.ExceptionHandler(
() =>
{
var context = new AutoMorgueContext();
UserDataPersister.ValidateUsername(model.Username);
UserDataPersister.ValidateAuthCode(model.AuthCode);
var usernameToLower = model.Username.ToLower();
var users = context.Users;
var user = users.FirstOrDefault(
usr => usr.Username == usernameToLower && usr.AuthCode == model.AuthCode);
if (user == null)
{
throw new InvalidOperationException("Invalid Username or Password");
}
user.SessionKey = UserDataPersister.GenerateSessionKey(user.Id);
context.SaveChanges();
var loggedModel = new UserLoggedModel
{
DisplayName = user.DisplayName,
SessionKey = user.SessionKey
};
var response = this.Request.CreateResponse(HttpStatusCode.Created, loggedModel);
response.Headers.Location = new Uri(Url.Link("DefaultApi", new { id = user.Id }));
return(response);
});
return(responseMsg);
}
public HttpResponseMessage RegisterUser([FromBody] UserRegisterModel inputUser)
{
if (string.IsNullOrWhiteSpace(inputUser.Username) ||
string.IsNullOrWhiteSpace(inputUser.AuthCode) ||
inputUser.AuthCode.Length != 40)
{
return(this.Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Username or password is invalid"));
}
User foundedUser = userRepo.All().Where(u => u.Username == inputUser.Username).FirstOrDefault();
if (foundedUser != null)
{
return(this.Request.CreateErrorResponse(HttpStatusCode.Conflict, "There is already a user with this username"));
}
User userToBeRegistered = new User()
{
Username = inputUser.Username,
Password = inputUser.AuthCode,
Latitude = inputUser.Latitude,
Longitude = inputUser.Longitude
};
userRepo.Add(userToBeRegistered);
UserLoggedModel loggedUser = new UserLoggedModel()
{
UserName = userToBeRegistered.Username,
SessionKey = GenerateSessionKey(userToBeRegistered.Id),
Latitude = inputUser.Latitude,
Longitude = inputUser.Longitude
};
userToBeRegistered.SessionKey = loggedUser.SessionKey;
userRepo.Update(userToBeRegistered.Id, userToBeRegistered);
return(this.Request.CreateResponse(HttpStatusCode.OK, loggedUser));
}
// GET api/user/5
public HttpResponseMessage Get(int id)
{
User user = this.userRepository.Get(id);
if (user != null)
{
UserLoggedModel curLoggedUser = new UserLoggedModel
{
SessionKey = user.SessionKey,
UserID = user.UserID,
Username = user.Username,
AvatarURL = user.Avatar
};
var jsonString = Newtonsoft.Json.JsonConvert.SerializeObject(curLoggedUser);
var responseMsg = this.Request.CreateResponse(HttpStatusCode.OK, jsonString);
return(responseMsg);
}
else
{
var responseMsg = this.Request.CreateResponse(HttpStatusCode.NotFound, "User id incorrect!");
return(responseMsg);
}
}
public async Task <IActionResult> Login([FromBody] LoginModel model)
{
var user = await userManager.FindByEmailAsync(model.Username);
if (user != null && await userManager.CheckPasswordAsync(user, model.Password) && user.IsActive.Value)
{
var responseUser = new UserLoggedModel
{
Username = user.UserName
};
var userClaims = await userManager.GetClaimsAsync(user);
var orgClaim = userClaims.First(x => x.Type == Constants.Organization);
var privileges = userClaims.First(c => c.Type == Constants.Privileges);
var claims = new List <Claim>
{
new Claim(JwtRegisteredClaimNames.Sub, user.Id),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
orgClaim,
privileges
};
responseUser.Privileges = Enum.Parse <UserPrivileges>(privileges.Value, true);
var signingKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(this.config.GetValue <string>("SigningKey")));
var token = new JwtSecurityToken(
issuer: "https://www.apis.bg",
audience: null,
claims: claims,
expires: DateTime.UtcNow.AddDays(3),
signingCredentials: new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256)
);
responseUser.Expiration = token.ValidTo;
responseUser.Token = new JwtSecurityTokenHandler().WriteToken(token);
return(Ok(responseUser));
}
return(Unauthorized());
}
