示例#1
0
        // POST api/CustomRegistration
        public HttpResponseMessage Post(RegistrationRequest registrationRequest)
        {
            if (!Regex.IsMatch(registrationRequest.StudentId, "^[0-9]{8}$"))
            {
                return(this.Request.CreateResponse(HttpStatusCode.BadRequest, "Invalid Student Id"));
            }
            //else if (!Regex.IsMatch(registrationRequest.Email, "^[A-Za-z0-9._%+-]+@+(.*?.)?uts.edu.au$"))
            //{
            //    return this.Request.CreateResponse(HttpStatusCode.BadRequest, "Email must be a UTS email address");
            //}
            else if (registrationRequest.Password.Length < 8)
            {
                return(this.Request.CreateResponse(HttpStatusCode.BadRequest, "Invalid Password (at least 8 chars required)"));
            }

            helpsDbContext context = new helpsDbContext();
            User           account = context.Users.Where(a => a.StudentId == registrationRequest.StudentId).SingleOrDefault();

            if (account != null)
            {
                return(this.Request.CreateResponse(HttpStatusCode.BadRequest, "That user already exists, please log in."));
            }
            else
            {
                byte[] salt    = LoginProviderUtil.generateSalt();
                User   newUser = new User
                {
                    Id                      = Guid.NewGuid().ToString(),
                    FirstName               = registrationRequest.FirstName,
                    LastName                = registrationRequest.LastName,
                    StudentId               = registrationRequest.StudentId,
                    Salt                    = salt,
                    Email                   = registrationRequest.StudentId + "@student.uts.edu.au",
                    Confirmed               = false,
                    ConfirmToken            = Guid.NewGuid().ToString(),
                    ForgotPasswordToken     = Guid.NewGuid().ToString(),
                    ResetTokenSentAt        = DateTime.Now,
                    SaltedAndHashedPassword = LoginProviderUtil.hash(registrationRequest.Password, salt)
                };

                var url = Request.RequestUri.GetLeftPart(UriPartial.Authority) + Url.Route("DefaultApi", new { controller = "ConfirmEmail", Token = newUser.ConfirmToken });
                EmailProviderUtil.SendConfirmationEmail(newUser, url);

                context.Users.Add(newUser);
                context.SaveChanges();
                return(this.Request.CreateResponse(HttpStatusCode.Created));
            }
        }
        public HttpResponseMessage Get(string StudentId, string Resend)
        {
            helpsDbContext context = new helpsDbContext();
            // Find the User with the token which was emailed to them
            User user = context.Users.Where(a => a.StudentId == StudentId).SingleOrDefault();

            if (user != null)
            {
                if (user.Confirmed)
                {
                    return(this.Request.CreateResponse(HttpStatusCode.InternalServerError, "Email already confirmed"));
                }

                var url = Request.RequestUri.GetLeftPart(UriPartial.Authority) + Url.Route("DefaultApi", new { controller = "ConfirmEmail", Token = user.ConfirmToken });
                EmailProviderUtil.SendConfirmationEmail(user, url);

                //Return success
                return(this.Request.CreateResponse(HttpStatusCode.OK, "Email confirmation sent"));
            }
            return(this.Request.CreateResponse(HttpStatusCode.NotFound, "User not found"));
        }