示例#1
0
        public ActionResult UpdateUser([FromBody] Tuple <User, User> users)
        {
            var oldUser = users.Item1;
            var newUser = users.Item2;


            var userFromDb = _db.Users.
                             FirstOrDefault(u => u.Login == oldUser.Login);

            if (userFromDb == null)
            {
                return(NotFound("There is no such a user"));
            }
            if (userFromDb.Password != SecurityController.GetHash(oldUser.Password + userFromDb.PasswordSalt))
            {
                return(new ForbidResult("Password is incorrect"));
            }


            if (newUser.Login != null)
            {
                userFromDb.Login = newUser.Login;
            }
            if (newUser.Password != null)
            {
                userFromDb.Password = newUser.Password;
            }

            _db.SaveChanges();
            return(new ObjectResult(userFromDb));
        }
示例#2
0
        public ActionResult DeleteUser([FromBody] User user)
        {
            var userFromDb = _db.Users.
                             FirstOrDefault(u => u.Login == user.Login);

            if (userFromDb == null)
            {
                return(NotFound("There is no such a user"));
            }
            if (userFromDb.Password != SecurityController.GetHash(user.Password + userFromDb.PasswordSalt))
            {
                return(new ForbidResult("Password is incorrect"));
            }


            _db.Users.Remove(userFromDb);
            _db.SaveChanges();
            return(Ok());
        }
示例#3
0
        public ActionResult CreateUser([FromBody] User user)
        {
            var userFromDb = _db.Users.FirstOrDefault(u => u.Login == user.Login);

            if (userFromDb != null)
            {
                return(BadRequest("The user with such a login currently exists"));
            }


            user.PasswordSalt = SecurityController.GetSalt();
            user.Password     = SecurityController.GetHash(user.Password + user.PasswordSalt);
            user.Role         = (int)Roles.User;
            user.Id           = Guid.NewGuid();

            _db.Users.Add(user);
            _logger.LogInformation("User have been registered");
            _db.SaveChanges();
            return(new ObjectResult(user));
        }
示例#4
0
        public ActionResult AuthentificateUser([FromBody] User user)
        {
            var userFromDb = _db.Users.
                             FirstOrDefault(u => u.Login == user.Login);

            if (userFromDb == null)
            {
                return(NotFound("There is no such a user"));
            }
            if (userFromDb.Password != SecurityController.GetHash(user.Password + userFromDb.PasswordSalt))
            {
                return(new ForbidResult("Password is incorrect"));
            }

            //удаляем старую jwt, еслі она есть
            var oldJWT = _db.JWTs.FirstOrDefault(j => j.UserLogin == userFromDb.Login);

            if (oldJWT != null)
            {
                _db.JWTs.Remove(oldJWT);
            }


            //добавляем новую
            var id       = Guid.NewGuid();
            var datetime = DateTime.Now;
            var jwt      = new JWT
            {
                ID        = id,
                UserLogin = userFromDb.Login,
                Datetime  = DateTime.Now,
                Value     = SecurityController.GetHash(id.ToString() + datetime.ToString() + userFromDb.Login) + userFromDb.Role.ToString()
            };

            _db.JWTs.Add(jwt);
            userFromDb.JWT = jwt;

            _db.SaveChanges();
            return(Ok(jwt.Value));
        }