public async Task <AppUser> Handle(Command request, CancellationToken cancellationToken) { var user = new User { UserName = request.Username, Email = request.Email, Password = DaedalusPasswordHasher.HashPassword(request.Password), FirstName = request.FirstName, LastName = request.LastName, Role = request.Role }; int?result = null; MySqlConnection connection = new MySqlConnection("Database=daedalusdb; Data Source=projectdaedalus.mysql.database.azure.com; User Id=daedalus@projectdaedalus; Password=xDEvk7Cr"); ////// Check Email bool foundExistingEmail = false; string sqlCheckEmailQuery = $"SELECT * FROM appuser WHERE email = '" + request.Email + "'"; MySqlCommand commandCheckEmail = new MySqlCommand(sqlCheckEmailQuery, connection); try { connection.Open(); commandCheckEmail.Prepare(); MySqlDataReader reader = commandCheckEmail.ExecuteReader(); while (reader.Read()) { foundExistingEmail = request.Email == reader["Email"].ToString(); } reader.Close(); } catch (Exception e) { Console.WriteLine(e.ToString()); connection.Close(); } connection.Close(); ////// if (foundExistingEmail) { throw new RestException(HttpStatusCode.BadRequest, new { Email = "Email already exists" }); } // if (await _context.Users.Where(x => x.UserName == request.Username).AnyAsync()) // throw new RestException(HttpStatusCode.BadRequest, new { Username = "******" }); using (connection) { string sqlQuery = $"INSERT INTO appuser (id,email,firstname,lastname,password,role) VALUES (@id,@Email,@FirstName,@LastName,@Password,@Role)"; try { MySqlCommand command = new MySqlCommand(sqlQuery, connection); connection.Open(); command.Prepare(); command.Parameters.AddWithValue("@Id", user.Id); command.Parameters.AddWithValue("@Email", user.Email); command.Parameters.AddWithValue("@FirstName", user.FirstName); command.Parameters.AddWithValue("@LastName", user.LastName); command.Parameters.AddWithValue("@Password", user.Password); command.Parameters.AddWithValue("@Role", user.Role); result = command.ExecuteNonQuery(); } catch (Exception e) { Console.WriteLine(e.ToString()); connection.Close(); } connection.Close(); } if (result > 0) { return(new AppUser { Token = _jwtGenerator.CreateToken(user), Id = user.Id, Email = user.Email, FirstName = user.FirstName, LastName = user.LastName, Role = user.Role, Image = null }); } throw new Exception("Problem creating user"); }
public async Task <User> Handle(Query request, CancellationToken cancellationToken) { User user = new User(); bool result = false; MySqlConnection connection = new MySqlConnection("Database=daedalusdb; Data Source=projectdaedalus.mysql.database.azure.com; User Id=daedalus@projectdaedalus; Password=xDEvk7Cr"); using (connection) { string sqlQuery = $"SELECT * FROM appuser WHERE email = '" + request.Email + "'"; MySqlCommand command = new MySqlCommand(sqlQuery, connection); try { connection.Open(); command.Prepare(); MySqlDataReader reader = command.ExecuteReader(); while (reader.Read()) { user.Email = reader["Email"].ToString(); user.Id = reader["Id"].ToString(); user.FirstName = reader["FirstName"].ToString(); user.LastName = reader["LastName"].ToString(); user.Role = Convert.ToInt32(reader["Role"]); user.Password = reader["Password"].ToString(); } reader.Close(); } catch (Exception e) { Console.WriteLine(e.ToString()); connection.Close(); } connection.Close(); } if (user.Email == null) { throw new RestException(HttpStatusCode.Unauthorized); } result = DaedalusPasswordHasher.VerifyHashedPassword(user.Password, request.Password); // uncomment for å vise hash til passordet ditt som du kan bytte i databasen // Console.WriteLine(request.Password + " bytt til hash som passord på brukeren din i databasen: " + DaedalusPasswordHasher.HashPassword(request.Password)); // sett tredje parameter til true for lockout on failure login senere !##! //var result = await _signInManager.CheckPasswordSignInAsync(user, request.Password, false); //if (result.Succeeded) if (result) { return(new User { Token = _jwtGenerator.CreateToken(user), Id = user.Id, Email = user.Email, FirstName = user.FirstName, LastName = user.LastName, Role = user.Role, // Username = user.UserName, Image = null }); } throw new RestException(HttpStatusCode.Unauthorized); }