diff options
| -rw-r--r-- | API/Controllers/UserController.cs | 18 | ||||
| -rw-r--r-- | API/Service/UserService.cs | 24 | ||||
| -rw-r--r-- | Data/Models/Classes/Roles.cs | 9 | ||||
| -rw-r--r-- | Data/Models/Classes/UserRoles.cs | 4 | ||||
| -rw-r--r-- | Data/Models/DTOs/LoginDTO.cs | 8 | ||||
| -rw-r--r-- | Data/Models/DTOs/RegisterDTO.cs | 11 | ||||
| -rw-r--r-- | Data/Models/Profiles/UserProfile.cs | 1 |
7 files changed, 54 insertions, 21 deletions
diff --git a/API/Controllers/UserController.cs b/API/Controllers/UserController.cs index 8618c1b..fd94283 100644 --- a/API/Controllers/UserController.cs +++ b/API/Controllers/UserController.cs @@ -10,7 +10,6 @@ using Microsoft.Extensions.Configuration; namespace API.Controllers { - [Authorize] [ApiController] [Route("/api/[controller]")] public class UserController: ControllerBase @@ -22,25 +21,22 @@ namespace API.Controllers this._service = new UserService(context, mapper, configuration.GetSection("AppSettings")); } - [AllowAnonymous] [HttpPost] [Route("login")] - public async Task<IActionResult> Login([FromBody] UserDTO userDTO) + public async Task<IActionResult> Login([FromBody] LoginDTO loginDTO) { - return await this._service.LoginUser(userDTO); + return await this._service.LoginUser(loginDTO); } - //Create - [AllowAnonymous] [HttpPost] - public async Task<IActionResult> Create([FromBody] UserDTO userDTO) + [Route("register")] + public async Task<IActionResult> Register([FromBody] RegisterDTO registerDto) { - return await this._service.CreateUser(userDTO); + return await this._service.RegisterUser(registerDto); } //Read [HttpGet] - [Authorize(Roles = UserRoles.Admin)] // Functionality, only for testing purposes public async Task<IActionResult> GetById(int id) { return await this._service.GetUserById(id); @@ -48,13 +44,15 @@ namespace API.Controllers //Update [HttpPut] + [Authorize] public async Task<IActionResult> Update(int id, [FromBody] UserDTO userDTO) { return await this._service.UpdateUser(id, userDTO); } //Delete - [HttpDelete] + [HttpDelete] + [Authorize] public async Task<IActionResult> Delete(int id) { return await this._service.DeleteUser(id); diff --git a/API/Service/UserService.cs b/API/Service/UserService.cs index 8e1ba38..c3bf160 100644 --- a/API/Service/UserService.cs +++ b/API/Service/UserService.cs @@ -27,9 +27,9 @@ namespace API.Service this._appSettings = appSettings; } - public async Task<IActionResult> LoginUser(UserDTO userDTO) + public async Task<IActionResult> LoginUser(LoginDTO loginDTO) { - User user = this._userDbRepository.FindByUsername(userDTO.UserName); + User user = this._userDbRepository.FindByUsername(loginDTO.UserName); if (user == null) return new NotFoundObjectResult("User does not exist!"); @@ -37,6 +37,9 @@ namespace API.Service // Get key from appsettings.json var key = Encoding.ASCII.GetBytes(_appSettings.GetSection("Secret").Value); + if (user.PasswordHash != GeneratePasswordHash(loginDTO.Password)) + return new BadRequestObjectResult("Incorrect password!"); + // Create Jwt Token configuration var tokenHandler = new JwtSecurityTokenHandler(); var tokenDescriptor = new SecurityTokenDescriptor @@ -56,22 +59,27 @@ namespace API.Service return new OkObjectResult(tokenString); } - - public async Task<IActionResult> CreateUser(UserDTO userDTO) + public async Task<IActionResult> RegisterUser(RegisterDTO registerDTO) { - if (this._userDbRepository.DoesUsernameExist(userDTO.UserName)) + + if (this._userDbRepository.DoesUsernameExist(registerDTO.UserName)) return new BadRequestObjectResult("Username already exists!"); - User user = this._userMapper.Map<User>(userDTO); + User user = this._userMapper.Map<User>(registerDTO); - if (user.Role == null) - user.Role = UserRoles.User; + user.Role = UserRoles.User; + user.PasswordHash = GeneratePasswordHash(registerDTO.Password); await this._userDbRepository.AddAsync(user); return new CreatedResult("CreateUser", user); } + private string GeneratePasswordHash(string password) + { + return password; // TEMPORARY! + } + public async Task<IActionResult> GetUserById(int id) { User user = await this._userDbRepository.FindByIdAsync(id); diff --git a/Data/Models/Classes/Roles.cs b/Data/Models/Classes/Roles.cs new file mode 100644 index 0000000..da35bb0 --- /dev/null +++ b/Data/Models/Classes/Roles.cs @@ -0,0 +1,9 @@ +using Microsoft.AspNetCore.Identity; + +namespace Data.Models.Classes +{ + public class Roles : IdentityRole<int> + { + + } +} diff --git a/Data/Models/Classes/UserRoles.cs b/Data/Models/Classes/UserRoles.cs index 32e9bfd..5f7c87a 100644 --- a/Data/Models/Classes/UserRoles.cs +++ b/Data/Models/Classes/UserRoles.cs @@ -1,8 +1,6 @@ -using Microsoft.AspNetCore.Identity; - namespace Data.Models.Classes { - public class UserRoles : IdentityRole<int> + public class UserRoles : Roles { public const string User = "User"; public const string Admin = "Admin"; diff --git a/Data/Models/DTOs/LoginDTO.cs b/Data/Models/DTOs/LoginDTO.cs new file mode 100644 index 0000000..16141e4 --- /dev/null +++ b/Data/Models/DTOs/LoginDTO.cs @@ -0,0 +1,8 @@ +namespace Data.Models.DTOs +{ + public class LoginDTO + { + public string UserName { get; set; } + public string Password { get; set; } + } +} diff --git a/Data/Models/DTOs/RegisterDTO.cs b/Data/Models/DTOs/RegisterDTO.cs new file mode 100644 index 0000000..55c112b --- /dev/null +++ b/Data/Models/DTOs/RegisterDTO.cs @@ -0,0 +1,11 @@ +namespace Data.Models.DTOs +{ + public class RegisterDTO + { + public string UserName { get; set; } + public string Email { get; set; } + public string FirstName { get; set; } + public string LastName { get; set; } + public string Password { get; set; } + } +} diff --git a/Data/Models/Profiles/UserProfile.cs b/Data/Models/Profiles/UserProfile.cs index 048deed..7bb1497 100644 --- a/Data/Models/Profiles/UserProfile.cs +++ b/Data/Models/Profiles/UserProfile.cs @@ -9,6 +9,7 @@ namespace Data.Models.Profiles public UserProfile() { CreateMap<UserDTO, User>(); + CreateMap<RegisterDTO, User>(); } } } |