public void CreateUser(UserWithPassword user)
{
ValidateCreateUser(user);
if (userReader.GetUser(user.Email) != null)
{
throw new UserAlreadyExistsException("The user already exists");
}
user.Password = new SecurityHelper().HashPassword(user.Password, 20);
string insertUser = "******";
string insertPassword = $"insert into Passwords (OwnerId, Password) values ((select id from users where email = @Email), @Password)";
dbr.InsertDataInTransaction(new string[] { insertUser, insertPassword }, user);
}
public IActionResult Login([FromBody] LoginModel userParam)
{
using (var connection = _connector.GetConnection())
{
var user = _userReader.GetUser(connection, userParam.username);
if (user == null)
{
return(BadRequest(new { message = "Username or password is incorrect" }));
}
var userPermissions = _permissionReader.GetUserPermissions(connection, user.Id);
user.Permissions = CheckAccess.GetUserPermissionTabs(userPermissions);
user.Roles = userPermissions.Select(x => x.Role).Distinct().ToList();
user.Token = GenerateToken(user);
return(Ok(user));
}
}