From fb9a24796e859e434c83ba2f5e84895143fc0232 Mon Sep 17 00:00:00 2001 From: Syndamia Date: Sat, 12 Dec 2020 13:53:53 +0200 Subject: Implemented register request, made login require correct password, removed create user request, brought back Roles.cs and moved roles constants to UserRoles, fixed authorization in UserController --- API/Service/UserService.cs | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) (limited to 'API/Service/UserService.cs') diff --git a/API/Service/UserService.cs b/API/Service/UserService.cs index 8e1ba38..c3bf160 100644 --- a/API/Service/UserService.cs +++ b/API/Service/UserService.cs @@ -27,9 +27,9 @@ namespace API.Service this._appSettings = appSettings; } - public async Task LoginUser(UserDTO userDTO) + public async Task LoginUser(LoginDTO loginDTO) { - User user = this._userDbRepository.FindByUsername(userDTO.UserName); + User user = this._userDbRepository.FindByUsername(loginDTO.UserName); if (user == null) return new NotFoundObjectResult("User does not exist!"); @@ -37,6 +37,9 @@ namespace API.Service // Get key from appsettings.json var key = Encoding.ASCII.GetBytes(_appSettings.GetSection("Secret").Value); + if (user.PasswordHash != GeneratePasswordHash(loginDTO.Password)) + return new BadRequestObjectResult("Incorrect password!"); + // Create Jwt Token configuration var tokenHandler = new JwtSecurityTokenHandler(); var tokenDescriptor = new SecurityTokenDescriptor @@ -56,22 +59,27 @@ namespace API.Service return new OkObjectResult(tokenString); } - - public async Task CreateUser(UserDTO userDTO) + public async Task RegisterUser(RegisterDTO registerDTO) { - if (this._userDbRepository.DoesUsernameExist(userDTO.UserName)) + + if (this._userDbRepository.DoesUsernameExist(registerDTO.UserName)) return new BadRequestObjectResult("Username already exists!"); - User user = this._userMapper.Map(userDTO); + User user = this._userMapper.Map(registerDTO); - if (user.Role == null) - user.Role = UserRoles.User; + user.Role = UserRoles.User; + user.PasswordHash = GeneratePasswordHash(registerDTO.Password); await this._userDbRepository.AddAsync(user); return new CreatedResult("CreateUser", user); } + private string GeneratePasswordHash(string password) + { + return password; // TEMPORARY! + } + public async Task GetUserById(int id) { User user = await this._userDbRepository.FindByIdAsync(id); -- cgit v1.2.3