private static User GetUser(string email, string username, int id, string apitoken)
{
email = StringSanitization.Sanitize(email);
username = StringSanitization.Sanitize(username);
apitoken = StringSanitization.Sanitize(apitoken);
var command =
new NpgsqlCommand("SELECT * FROM \"Users\" WHERE \"email\"=@email OR \"username\"=@usr OR \"ID\"=@id OR \"api_token\"=@apitoken",
database);
command.Parameters.AddWithValue("email", email);
command.Parameters.AddWithValue("usr", username);
command.Parameters.AddWithValue("id", id);
command.Parameters.AddWithValue("apitoken", apitoken);
var dr = command.ExecuteReader();
dr.Read();
if (!dr.HasRows)
{
dr.Close(); return(null);
}
User user = new User
{
ID = dr.GetInt32("ID"),
username = dr.GetString("username"),
email = dr.GetString("email"),
password = dr.GetString("password"),
registration_timestamp = dr.GetDateTime("registration_timestamp"),
date_of_birth = dr.GetDateTime("date_of_birth"),
role = dr.GetString("role"),
plan = Plans.GetPlanByName(dr.GetString("plan")) ?? throw new Exception("Unknown plan type"),
confirmed = dr.GetBoolean("confirmed")
};
dr.Close();
return(user);
}
public async Task <IActionResult> SetValue(string key, [FromForm] string value)
{
IActionResult authenticated = ValidateToken(out int userId);
if (authenticated != null)
{
return(authenticated);
}
(RedisDB db, int entries) = await GetDb(userId);
var plan = Plans.GetPlanByName(HttpContext.User.FindFirst(claim => claim.Type == ClaimTypes.UserData).Value) ?? throw new Exception("Unknown plan type");
if (plan.MaxEntries <= entries && await db.Exists(key) == 0)
{
return(Conflict("Too many entries for current plan"));
}
await db.Set(key, value);
return(Ok());
}
public void TestPlanModel()
{
Assert.IsTrue(Plans.GetPlanByName("plan.premium").Equals(Plans.Premium), "Does the function return the proper object?");
Assert.IsTrue(Plans.GetPlanByName("plan.basic").Equals(Plans.Basic), "Does the function return the proper object?");
Assert.IsNull(Plans.GetPlanByName("random name"), "Does a random name return a null object?");
}
