public IActionResult authgoogle([FromBody] string googleTokenID) { Console.WriteLine("api/auth/authgoogle"); try { var payload = GoogleJsonWebSignature.ValidateAsync(googleTokenID, new GoogleJsonWebSignature.ValidationSettings()).Result; Auth_UserModel user = new Auth_UserModel(); user.email = payload.Email; user.firstname = payload.GivenName; user.lastname = payload.FamilyName; user.googleSubjectID = payload.Subject; user.profileImageUrl = payload.Picture; // login or create account user = _authAction.LoginUsingGoogle(user); if (UpdateToken(user.userID)) { return(Ok("Successfully logged in to your account!")); } else { return(StatusCode(500, "something went wrong")); } } catch (Exception) { return(StatusCode(405, "Something went wrong")); } }
// Returns users data public Auth_UserModel GetUsersData(int userID) { string queryString = "SELECT * FROM Users WHERE UserID=@UserID"; MySqlConnection connection = new MySqlConnection(ConfigContex.GetConnectionString()); MySqlCommand cmd = new MySqlCommand(); cmd.Connection = connection; cmd.CommandText = queryString; connection.Open(); cmd.Parameters.Add(new MySqlParameter("@UserID", userID)); Auth_UserModel user = new Auth_UserModel(); using (MySqlDataReader reader = cmd.ExecuteReader()) { if (reader.Read()) { user.userID = int.Parse(RemoveSpacesInString(reader[0].ToString())); user.username = RemoveSpacesInString(reader[1].ToString()); user.firstname = RemoveSpacesInString(reader[2].ToString()); user.lastname = RemoveSpacesInString(reader[3].ToString()); user.email = RemoveSpacesInString(reader[4].ToString()); user.password = RemoveSpacesInString(reader[5].ToString()); user.googleSubjectID = RemoveSpacesInString(reader[6].ToString()); user.isAdmin = Convert.ToBoolean(Convert.ToInt16(RemoveSpacesInString(reader[7].ToString()))); user.profileImageUrl = RemoveSpacesInString(reader[8].ToString()); } } connection.Close(); return(user); }
// Creates a new user and return UserID public int CreateNewUser(Auth_UserModel user) { string queryString = "INSERT INTO Users (Username, Email, FirstName, LastName, Password, GoogleSubjectID, IsAdmin) VALUES (@Username, @Email, @FirstName, @LastName, @Password, @GoogleSubjectID, @IsAdmin)"; MySqlConnection connection = new MySqlConnection(ConfigContex.GetConnectionString()); MySqlCommand cmd = new MySqlCommand(); cmd.Connection = connection; cmd.CommandText = queryString; connection.Open(); cmd.Parameters.Add(new MySqlParameter("@Username", user.username)); cmd.Parameters.Add(new MySqlParameter("@Email", user.email)); cmd.Parameters.Add(new MySqlParameter("@FirstName", user.firstname)); cmd.Parameters.Add(new MySqlParameter("@LastName", user.lastname)); cmd.Parameters.Add(new MySqlParameter("@Password", user.password)); cmd.Parameters.Add(new MySqlParameter("@GoogleSubjectID", user.googleSubjectID)); cmd.Parameters.Add(new MySqlParameter("@IsAdmin", false)); cmd.ExecuteScalar(); connection.Close(); return(CheckIfPasswordIsCorrect(user.email, user.password)); // <- returns userID }
public static Auth_UserModel EditUserModel_To_UserModel(Auth_EditUserModel editModel) { Auth_UserModel auth_UserModel = new Auth_UserModel(); auth_UserModel.username = editModel.username; auth_UserModel.email = editModel.email; auth_UserModel.firstname = editModel.firstname; auth_UserModel.lastname = editModel.lastname; auth_UserModel.googleSubjectID = ""; auth_UserModel.isAdmin = false; return(auth_UserModel); }
public static Auth_UserModel RegisterUserModel_To_UserModel(Auth_RegisterUserModel registerModel) { Auth_UserModel auth_UserModel = new Auth_UserModel(); auth_UserModel.username = registerModel.username; auth_UserModel.email = registerModel.email; auth_UserModel.firstname = registerModel.firstname; auth_UserModel.lastname = registerModel.lastname; auth_UserModel.password = registerModel.password; auth_UserModel.googleSubjectID = ""; auth_UserModel.isAdmin = false; return(auth_UserModel); }
public static Auth_ReturnUserModel UserModel_To_ReturnUserModel(Auth_UserModel auth_UserModel) { Auth_ReturnUserModel auth_ReturnUserModel = new Auth_ReturnUserModel(); auth_ReturnUserModel.userID = auth_UserModel.userID; auth_ReturnUserModel.username = auth_UserModel.username; auth_ReturnUserModel.firstname = auth_UserModel.firstname; auth_ReturnUserModel.lastname = auth_UserModel.lastname; auth_ReturnUserModel.email = auth_UserModel.email; auth_ReturnUserModel.googleSubjectID = auth_UserModel.googleSubjectID; auth_ReturnUserModel.isAdmin = auth_UserModel.isAdmin; auth_ReturnUserModel.profileImageUrl = auth_UserModel.profileImageUrl; return(auth_ReturnUserModel); }
public Auth_UserModel EditUser(Auth_EditUserModel editUser, int userID) { Auth_UserModel beforeUpdateUserData = authQuery.GetUsersData(userID); Auth_UserModel user = UserModelConverter.EditUserModel_To_UserModel(editUser); // this fields are not allwed to be changed here. user.userID = beforeUpdateUserData.userID; user.googleSubjectID = beforeUpdateUserData.googleSubjectID; user.isAdmin = beforeUpdateUserData.isAdmin; // if they fields are empty, populate with old data. if (string.IsNullOrEmpty(user.username)) { user.username = beforeUpdateUserData.username; } if (string.IsNullOrEmpty(user.firstname)) { user.firstname = beforeUpdateUserData.firstname; } if (string.IsNullOrEmpty(user.lastname)) { user.lastname = beforeUpdateUserData.lastname; } if (string.IsNullOrEmpty(user.email)) { user.email = beforeUpdateUserData.email; } if (string.IsNullOrEmpty(user.password)) { user.password = beforeUpdateUserData.password; } else { user.password = Hash.HashPassword(user.password); } // Database interaction authQuery.EditUser(user); // Return the user return(user); }
// Update User information public void EditUser(Auth_UserModel user) { string queryString = "UPDATE Users SET Username=@Username, Email=@Email, Firstname=@Firstname, Lastname=@Lastname, Password=@Password WHERE UserID=@UserID"; MySqlConnection connection = new MySqlConnection(ConfigContex.GetConnectionString()); MySqlCommand cmd = new MySqlCommand(); cmd.Connection = connection; cmd.CommandText = queryString; connection.Open(); cmd.Parameters.Add(new MySqlParameter("@UserID", user.userID)); cmd.Parameters.Add(new MySqlParameter("@Username", user.username)); cmd.Parameters.Add(new MySqlParameter("@Email", user.email)); cmd.Parameters.Add(new MySqlParameter("@Firstname", user.firstname)); cmd.Parameters.Add(new MySqlParameter("@Lastname", user.lastname)); cmd.Parameters.Add(new MySqlParameter("@Password", user.password)); cmd.ExecuteScalar(); connection.Close(); }
public Auth_UserModel LoginUsingGoogle(Auth_UserModel user) { // Check if user already have an account that is linked to google. Auth_UserModel fetchedUser = authQuery.GetUserFromGoogleID(user.googleSubjectID); if (fetchedUser.googleSubjectID == null) { // No account found, create account. user.username = user.googleSubjectID + "@Google"; //<- a normal user cannot create a account using @ symbol. so we dont need to check if username already exist. authQuery.CreateNewUser(user); string pictureUrl = user.profileImageUrl; user = authQuery.GetUserFromGoogleID(user.googleSubjectID); AddProfilePictureByUrl(pictureUrl, user.userID); } else { // Account found user.userID = fetchedUser.userID; user.username = fetchedUser.username; user = fetchedUser; } return(user); }
public int CreateNewUserUsingRegisterModel(Auth_RegisterUserModel newUser) { Auth_UserModel user = UserModelConverter.RegisterUserModel_To_UserModel(newUser); return(authQuery.CreateNewUser(user)); }