public async Task <ActionResult <string> > Register(Common.Api.Request.UserRegister newUser) { // Check if there is an administrator first. Can't allow user to register before Administrator. var adminUser = await context.Users.Where(u => u.Role == Common.User.UserRole.Admin).ToListAsync(); if (adminUser.Count == 0) { return(Conflict("There is no administrator. System needs administrator in order to work.")); } // Check if user exists. var usersFound = await context.Users.Where(u => u.Email == newUser.Email || u.Nickname == newUser.Nickname).ToListAsync(); if (usersFound.Count == 0) { var newUserDb = new Dal.Model.User() { Email = newUser.Email, Password = EncryptPassword(newUser.Password), Nickname = newUser.Nickname, Created = DateTime.Now, Role = Common.User.UserRole.User, Logged = true }; context.Users.Add(newUserDb); await context.SaveChangesAsync(); return(Ok(token.Generate(newUserDb.UserId, newUserDb.Email, Common.User.UserRole.User))); } else { return(Conflict($"There is already user with email {newUser.Email}, or with nickname {newUser.Nickname}.")); } }
public async Task <ActionResult <bool> > Update(Common.Api.Request.UserRegister updateUser) { // Validate password. if (string.IsNullOrWhiteSpace(updateUser.Password)) { return(Conflict("Password can not be empty.")); } // Always check at beginning! var loggedAdmin = await GetLoggedAdminAsync(); if (loggedAdmin != null) { var newPassword = EncryptPassword(updateUser.Password); if (loggedAdmin.Password != newPassword) { loggedAdmin.Password = newPassword; await context.SaveChangesAsync(); return(Ok(true)); } else { return(Ok(false)); // Return false, because there is no point updating same value. } } else { return(GetUnauthorizedLoginResponse()); } }
public async Task <bool> RegisterAsync(Common.Api.Request.UserRegister userRegister, string confirmPassword) { // Validations if (string.IsNullOrWhiteSpace(userRegister.Email) || string.IsNullOrWhiteSpace(userRegister.Password) || string.IsNullOrWhiteSpace(confirmPassword)) { throw new Exception("Please fill all fields."); } #if RELEASE // I'll only need minimum password length in release mode (for production). To increase security. if (userRegister.Password.Length < passwordMinimumLength) { throw new Exception("Password must be at least {passwordMinimumLength} characters."); } #endif if (userRegister.Password != confirmPassword) { throw new Exception("Silly, you must retype same password in Confirm password field. :)"); } var response = await HttpClient.PostAsJsonAsync(Common.ApiRoutes.Admin.Register, userRegister); if (response.StatusCode == System.Net.HttpStatusCode.OK) { SetToken(await response.Content.ReadAsStringAsync()); return(true); } else { return(false); } }
public async Task <bool> RegisterAsync(Common.Api.Request.UserRegister userRegister, string confirmPassword) { if (userRegister.Password != confirmPassword) { throw new Exception("Confirmed password is not same."); } var response = await HttpClient.PostAsJsonAsync(Common.ApiRoutes.User.Register, userRegister); if (response.StatusCode == System.Net.HttpStatusCode.OK) { SetToken(await response.Content.ReadAsStringAsync()); return(true); } else { return(false); } }
public async Task <ActionResult <string> > Register(Common.Api.Request.UserRegister newUser) { //Validate new user data. if (newUser == null) { return(BadRequest("Please send data for a new user.")); } if (string.IsNullOrWhiteSpace(newUser.Email)) { return(BadRequest("Please send email.")); } if (string.IsNullOrWhiteSpace(newUser.Password)) { return(BadRequest("Please send password.")); } // Check if administrator exists. At this point it can be only one administrator. var adminsFound = await context.Users.Where(u => u.Role == Common.User.UserRole.Admin).ToListAsync(); if (adminsFound.Count == 0) { var newAdminDb = new Dal.Model.User() { Email = newUser.Email, Password = EncryptPassword(newUser.Password), Nickname = adminNickname, // Administrator has fixed nickname. Created = DateTime.Now, Role = Common.User.UserRole.Admin, Logged = true }; context.Users.Add(newAdminDb); await context.SaveChangesAsync(); return(Ok(token.Generate(newAdminDb.UserId, newAdminDb.Email, Common.User.UserRole.Admin))); } else { return(Conflict($"There is already administrator with email {adminsFound.FirstOrDefault()?.Email}.")); } }
public async Task <ActionResult <bool> > Update(Common.Api.Request.UserRegister updateUser) { // Always check at beginning! var loggedUser = await GetLoggedUserAsync(); if (loggedUser != null) { // Validate nickname. if (string.IsNullOrWhiteSpace(updateUser.Nickname)) { return(Conflict("Nickname is empty.")); } // Validate password. if (string.IsNullOrWhiteSpace(updateUser.Password)) { return(Conflict("Password can not be empty.")); } var newPassword = EncryptPassword(updateUser.Password); if (loggedUser.Nickname != updateUser.Nickname || loggedUser.Password != newPassword) { loggedUser.Nickname = updateUser.Nickname; loggedUser.Password = newPassword; await context.SaveChangesAsync(); return(Ok(true)); } else { return(Ok(false)); } } else { return(GetUnauthorizedLoginResponse()); } }