public IHttpActionResult ConfirmUser(string ticket)
{
if (string.IsNullOrWhiteSpace(ticket))
{
return(BadRequest("The ticket is not valid!"));
}
try
{
using (var ctx = new ListyDbContext())
{
User user = ctx.Users.SingleOrDefault(x => x.Ticket == ticket);
if (user == null)
{
return(BadRequest("This ticket is not a real!"));
}
user.IsConfirmed = true;
ctx.SaveChanges();
IHttpActionResult response;
//we want a 303 with the ability to set location
HttpResponseMessage responseMsg = new HttpResponseMessage(HttpStatusCode.RedirectMethod);
responseMsg.Headers.Location = new Uri("http://www.admaiorastudio.com/listy");
response = ResponseMessage(responseMsg);
return(response);
}
}
catch (Exception ex)
{
return(InternalServerError(ex));
}
}
public IHttpActionResult Delete(int itemId)
{
if (itemId <= 0)
{
return(BadRequest("TodoItem ID is not valid!"));
}
try
{
using (var ctx = new ListyDbContext())
{
TodoItem ti = ctx.TodoItems.SingleOrDefault(x => x.TodoItemId == itemId);
if (ti == null)
{
return(InternalServerError(new InvalidOperationException("Invalid TodoItem ID!")));
}
ctx.TodoItems.Remove(ti);
ctx.SaveChanges();
return(Ok());
}
}
catch (Exception ex)
{
return(InternalServerError(ex));
}
}
public async Task <IHttpActionResult> RegisterUser(Poco.User credentials)
{
if (string.IsNullOrWhiteSpace(credentials.Email))
{
return(BadRequest("The email is not valid!"));
}
if (string.IsNullOrWhiteSpace(credentials.Password))
{
return(BadRequest("The password is not valid!"));
}
try
{
using (var ctx = new ListyDbContext())
{
User user = ctx.Users.SingleOrDefault(x => x.Email == credentials.Email);
if (user != null)
{
return(InternalServerError(new InvalidOperationException("This email has already taken!")));
}
user = new User {
Email = credentials.Email, Password = credentials.Password
};
user.Ticket = Guid.NewGuid().ToString();
ctx.Users.Add(user);
ctx.SaveChanges();
string apiKey = System.Environment.GetEnvironmentVariable("SENDGRID_APIKEY");
SendGridAPIClient mc = new SendGridAPIClient(apiKey);
Email to = new Email(user.Email);
Email from = new Email("*****@*****.**");
string subject = "Welocme to Listy!";
Content content = new Content("text/plain",
String.Format("Hi {0},\n\nYou registration on Listy is almost complete. Please click on this link to confirm your registration!\n\n{1}",
user.Email.Split('@')[0],
String.Format("https://listy-api.azurewebsites.net/users/confirm?ticket={0}", user.Ticket)));
Mail mail = new Mail(from, subject, to, content);
dynamic response = await mc.client.mail.send.post(requestBody : mail.Get());
return(Ok(Dto.Wrap(new Poco.User
{
UserId = user.UserId,
Email = user.Email,
AuthAccessToken = null,
AuthExpirationDate = null
})));
}
}
catch (Exception ex)
{
return(InternalServerError(ex));
}
}
public IHttpActionResult LoginUser(Poco.User credentials)
{
if (string.IsNullOrWhiteSpace(credentials.Email))
{
return(BadRequest("The email is not valid!"));
}
if (string.IsNullOrWhiteSpace(credentials.Password))
{
return(BadRequest("The password is not valid!"));
}
try
{
using (var ctx = new ListyDbContext())
{
User user = ctx.Users.SingleOrDefault(x => x.Email == credentials.Email);
if (user == null)
{
return(Unauthorized());
}
if (!user.IsConfirmed)
{
return(InternalServerError(new InvalidOperationException("You must confirm your email first!")));
}
string p1 = FormsAuthentication.HashPasswordForStoringInConfigFile(user.Password, "MD5");
string p2 = FormsAuthentication.HashPasswordForStoringInConfigFile(credentials.Password, "MD5");
if (p1 != p2)
{
return(Unauthorized());
}
var token = GetAuthenticationTokenForUser(user.Email);
user.LoginDate = DateTime.Now.ToUniversalTime();
user.LastActiveDate = user.LoginDate;
user.AuthAccessToken = token.RawData;
user.AuthExpirationDate = token.ValidTo;
ctx.SaveChanges();
return(Ok(Dto.Wrap(new Poco.User
{
UserId = user.UserId,
Email = user.Email,
LoginDate = user.LoginDate,
AuthAccessToken = user.AuthAccessToken,
AuthExpirationDate = user.AuthExpirationDate
})));
}
}
catch (Exception ex)
{
return(InternalServerError(ex));
}
}
public IHttpActionResult Update(Poco.TodoItem item)
{
if (item.TodoItemId <= 0)
{
return(BadRequest("TodoItem ID is not valid!"));
}
if (String.IsNullOrWhiteSpace(item.Title))
{
return(BadRequest("Title is not valid!"));
}
try
{
using (var ctx = new ListyDbContext())
{
TodoItem ti = ctx.TodoItems.SingleOrDefault(x => x.TodoItemId == item.TodoItemId);
if (item == null)
{
return(InternalServerError(new InvalidOperationException("Invalid TodoItem ID or User ID!")));
}
ti.Title = item.Title;
ti.Description = item.Description;
ti.WillDoIn = item.WillDoIn;
ti.Tags = item.Tags;
ctx.SaveChanges();
return(Ok(Dto.Wrap(new Poco.TodoItem
{
TodoItemId = ti.TodoItemId,
UserId = ti.UserId,
Title = ti.Title,
Description = ti.Description,
CreationDate = ti.CreationDate,
WillDoIn = ti.WillDoIn,
Tags = ti.Tags,
IsComplete = ti.IsComplete,
CompletionDate = ti.CompletionDate
})));
}
}
catch (Exception ex)
{
return(InternalServerError(ex));
}
}
public IHttpActionResult AddNew(Poco.TodoItem item)
{
if (item.UserId <= 0)
{
return(BadRequest("User ID is not valid!"));
}
if (String.IsNullOrWhiteSpace(item.Title))
{
return(BadRequest("Title is not valid!"));
}
try
{
using (var ctx = new ListyDbContext())
{
TodoItem ti = new TodoItem
{
UserId = item.UserId,
Title = item.Title,
Description = item.Description,
CreationDate = DateTime.Now.ToUniversalTime(),
WillDoIn = item.WillDoIn,
Tags = item.Tags
};
ctx.TodoItems.Add(ti);
ctx.SaveChanges();
return(Ok(Dto.Wrap(new Poco.TodoItem
{
TodoItemId = ti.TodoItemId,
UserId = ti.UserId,
Title = ti.Title,
Description = ti.Description,
CreationDate = ti.CreationDate,
WillDoIn = ti.WillDoIn,
Tags = ti.Tags
})));
}
}
catch (Exception ex)
{
return(InternalServerError(ex));
}
}
public IHttpActionResult GetMyList(int userId)
{
if (userId <= 0)
{
return(BadRequest("User ID is not valid!"));
}
try
{
using (var ctx = new ListyDbContext())
{
User user = ctx.Users.SingleOrDefault(x => x.UserId == userId);
if (user == null)
{
return(InternalServerError(new InvalidOperationException("The User ID you provide is invalid!")));
}
return(Ok(Dto.Wrap(new Poco.WorkList
{
Items = ctx.TodoItems
.Where(x => x.UserId == userId)
.Select(x => new Poco.TodoItem
{
TodoItemId = x.TodoItemId,
UserId = x.UserId,
Title = x.Title,
Description = x.Description,
CreationDate = x.CreationDate,
WillDoIn = x.WillDoIn,
Tags = x.Tags,
IsComplete = x.IsComplete,
CompletionDate = x.CompletionDate
})
.ToArray()
})));
}
}
catch (Exception ex)
{
return(InternalServerError(ex));
}
}
public IHttpActionResult Uncomplete([FromBody] int itemId)
{
if (itemId <= 0)
{
return(BadRequest("TodoItem ID is not valid!"));
}
try
{
using (var ctx = new ListyDbContext())
{
TodoItem ti = ctx.TodoItems.SingleOrDefault(x => x.TodoItemId == itemId);
if (ti == null)
{
return(InternalServerError(new InvalidOperationException("Invalid TodoItem ID!")));
}
ti.IsComplete = false;
ti.CompletionDate = null;
ctx.SaveChanges();
return(Ok(Dto.Wrap(new Poco.TodoItem
{
TodoItemId = ti.TodoItemId,
UserId = ti.UserId,
Title = ti.Title,
Description = ti.Description,
CreationDate = ti.CreationDate,
WillDoIn = ti.WillDoIn,
Tags = ti.Tags,
IsComplete = ti.IsComplete,
CompletionDate = ti.CompletionDate
})));
}
}
catch (Exception ex)
{
return(InternalServerError(ex));
}
}
public IHttpActionResult RestoreUser(string accessToken)
{
if (string.IsNullOrWhiteSpace(accessToken))
{
return(BadRequest("The access token is not valid!"));
}
try
{
using (var ctx = new ListyDbContext())
{
User user = ctx.Users.SingleOrDefault(x => x.AuthAccessToken == accessToken);
if (user == null)
{
return(Unauthorized());
}
user.LoginDate = DateTime.Now.ToUniversalTime();
user.LastActiveDate = user.LoginDate;
ctx.SaveChanges();
return(Ok(Dto.Wrap(new Poco.User
{
UserId = user.UserId,
Email = user.Email,
LoginDate = user.LoginDate,
AuthAccessToken = user.AuthAccessToken,
AuthExpirationDate = user.AuthExpirationDate
})));
}
}
catch (Exception ex)
{
return(InternalServerError(ex));
}
}
public async Task <IHttpActionResult> VerifyUser(Poco.User credentials)
{
if (string.IsNullOrWhiteSpace(credentials.Email))
{
return(BadRequest("The email is not valid!"));
}
if (string.IsNullOrWhiteSpace(credentials.Password))
{
return(BadRequest("The password is not valid!"));
}
try
{
using (var ctx = new ListyDbContext())
{
User user = ctx.Users.SingleOrDefault(x => x.Email == credentials.Email);
if (user == null)
{
return(InternalServerError(new InvalidOperationException("This email is not registered!")));
}
if (user.IsConfirmed)
{
return(InternalServerError(new InvalidOperationException("This email has been already confirmed!")));
}
string p1 = FormsAuthentication.HashPasswordForStoringInConfigFile(user.Password, "MD5");
string p2 = FormsAuthentication.HashPasswordForStoringInConfigFile(credentials.Password, "MD5");
if (p1 != p2)
{
return(InternalServerError(new InvalidOperationException("Your credentials seem to be not valid!")));
}
string apiKey = System.Environment.GetEnvironmentVariable("SENDGRID_APIKEY");
SendGridAPIClient mc = new SendGridAPIClient(apiKey);
Email to = new Email(user.Email);
Email from = new Email("*****@*****.**");
string subject = "Welocme to Listy!";
Content content = new Content("text/plain",
String.Format("Hi {0},\n\nYou registration on Listy is almost complete. Please click on this link to confirm your registration!\n\n{1}",
user.Email.Split('@')[0],
String.Format("https://listy-api.azurewebsites.net/users/confirm?ticket={0}", user.Ticket)));
Mail mail = new Mail(from, subject, to, content);
dynamic response = await mc.client.mail.send.post(requestBody : mail.Get());
if (response.StatusCode != System.Net.HttpStatusCode.Accepted)
{
return(InternalServerError(new InvalidOperationException("Internal mail error. Retry later!")));
}
return(Ok());
}
}
catch (Exception ex)
{
return(InternalServerError(ex));
}
}
