public HttpResponseMessage PostLoginUser(UserModel model)
{
var responseMsg = this.PerformOperationAndHandleExceptions(() =>
{
var dbContext = new RecipesContext();
using (dbContext)
{
this.ValidateUsername(model.Username);
this.ValidateAuthCode(model.AuthCode);
var usernameToLower = model.Username.ToLower();
var user = dbContext.Users.FirstOrDefault(
usr => usr.Username == usernameToLower
&& usr.AuthCode == model.AuthCode);
if (user == null)
{
throw new InvalidOperationException("Invalid username or password");
}
if (user.SessionKey == null)
{
user.SessionKey = this.GenerateSessionKey(user.UserId);
dbContext.SaveChanges();
}
var loggedModel = new LoggedUserModel()
{
Username = user.Username,
SessionKey = user.SessionKey
};
var response = this.Request.CreateResponse(HttpStatusCode.Created, loggedModel);
return response;
}
});
return responseMsg;
}
public HttpResponseMessage UpdateUser(int id, UserModel model)
{
var dbContext = new RecipesContext();
using (dbContext)
{
var user = GetCurrentUser(dbContext);
if (user == null || user.Role != Role.Admin)
{
throw new InvalidOperationException("Only an authorized admin can delete users.");
}
var userToUpdate = dbContext.Users.FirstOrDefault(u => u.UserId == id);
if (userToUpdate != null)
{
if (model.AuthCode != null)
{
ValidateAuthCode(model.AuthCode);
userToUpdate.AuthCode = model.AuthCode;
dbContext.SaveChanges();
}
}
var response = this.Request.CreateResponse(HttpStatusCode.OK, string.Empty);
return response;
}
}
public HttpResponseMessage PostRegisterUser(UserModel model)
{
var responseMsg = this.PerformOperationAndHandleExceptions(() =>
{
var dbContext = new RecipesContext();
using (dbContext)
{
this.ValidateUsername(model.Username);
this.ValidateAuthCode(model.AuthCode);
var usernameToLower = model.Username.ToLower();
var user = dbContext.Users.FirstOrDefault(
usr => usr.Username == usernameToLower);
if (user != null)
{
throw new InvalidOperationException("User exists");
}
user = new User()
{
Username = model.Username.ToLower(),
AuthCode = model.AuthCode,
Role = Role.Client
};
dbContext.Users.Add(user);
dbContext.SaveChanges();
user.SessionKey = this.GenerateSessionKey(user.UserId);
dbContext.SaveChanges();
var loggedModel = new LoggedUserModel()
{
Username = user.Username,
SessionKey = user.SessionKey
};
var response = this.Request.CreateResponse(HttpStatusCode.Created, loggedModel);
return response;
}
});
return responseMsg;
}
