public async Task <IHttpActionResult> UpdateUser([FromBody] UserCredentials cred)
{
object userId;
Request.Properties.TryGetValue("user_id", out userId);
try
{
User user = await db.Users.FindAsync(Convert.ToInt32(userId));
if (user == null)
{
return(NotFound());
}
if (!string.IsNullOrEmpty(cred.Name))
{
user.Name = cred.Name;
}
if (!string.IsNullOrEmpty(cred.Email))
{
user.Email = cred.Email;
}
if (!string.IsNullOrEmpty(cred.Password))
{
if (cred.Password == cred.Password_Confirmation)
{
// TODO: encrypt password
user.Password = cred.Password;
}
else
{
throw new Exception("password error");
}
}
db.Entry(user).State = EntityState.Modified;
await db.SaveChangesAsync();
return(Ok(new { id = user.UserId, name = user.Name, email = user.Email }));
}
catch (Exception e)
{
// log
}
return(BadRequest());
}
public async Task <Chat> UpdateChat(int chatId, int userId, string name)
{
Chat chat = _db.Chats.Find(chatId);
// only allow original creator to update chat
if (userId != chat.CreatedBy)
{
throw new UnauthorizedAccessException();
}
chat.Name = name;
_db.Entry(chat).State = EntityState.Modified;
await _db.SaveChangesAsync();
return(chat);
}