From 6ccb8618f2fe79e61702b0ba0ce48182d9293943 Mon Sep 17 00:00:00 2001
From: Syndamia <kamen.d.mladenov@protonmail.com>
Date: Fri, 11 Dec 2020 21:25:45 +0200
Subject: Made login require only username and made null roles to user

---
 API/Controllers/UserController.cs | 3 +--
 API/Database/UserDbRepository.cs  | 6 ++++++
 API/Service/UserService.cs        | 9 +++++++--
 3 files changed, 14 insertions(+), 4 deletions(-)

(limited to 'API')

diff --git a/API/Controllers/UserController.cs b/API/Controllers/UserController.cs
index 5b47f1c..922119e 100644
--- a/API/Controllers/UserController.cs
+++ b/API/Controllers/UserController.cs
@@ -29,7 +29,6 @@ namespace API.Controllers
 			return await this._service.LoginUser(userDTO);
 		}
 
-
 		//Create
 		[AllowAnonymous]
 		[HttpPost]
@@ -40,7 +39,7 @@ namespace API.Controllers
 
 		//Read
 		[HttpGet]
-		[Authorize(Roles = "Admin")]
+		[Authorize(Roles = Data.Models.Classes.Roles.Admin)]
 		public async Task<IActionResult> GetById(int id)
 		{
 			return await this._service.GetUserById(id);
diff --git a/API/Database/UserDbRepository.cs b/API/Database/UserDbRepository.cs
index b8bf8e4..2e7b0bb 100644
--- a/API/Database/UserDbRepository.cs
+++ b/API/Database/UserDbRepository.cs
@@ -17,6 +17,12 @@ namespace API.Database
 			this._dbRepository = new DbRepository<User>(context);
 		}
 
+		public User FindByUsername(string username)
+		{
+			return this._dbRepository.DbSet
+				.FirstOrDefault(usr => usr.UserName == username);
+		}
+
 		public bool DoesUsernameExist(string username)
 		{
 			return this._dbRepository.DbSet
diff --git a/API/Service/UserService.cs b/API/Service/UserService.cs
index 48f6c6e..453e5f4 100644
--- a/API/Service/UserService.cs
+++ b/API/Service/UserService.cs
@@ -26,10 +26,11 @@ namespace API.Service
 
 		public async Task<IActionResult> LoginUser(UserDTO userDTO)
 		{
-			if (userDTO == null)
+			User user = this._userDbRepository.FindByUsername(userDTO.UserName);
+
+			if (user == null)
 				return new NotFoundObjectResult("User does not exist!");
 
-			User user = this._userMapper.Map<User>(userDTO);
 
 			// Temporary, TODO: get key from appsettings
 			var key = Encoding.ASCII.GetBytes(")H@McQfTB?E(H+Mb8x/A?D(Gr4u7x!A%WnZr4t7weThWmZq4KbPeShVm*G-KaPdSz%C*F-Ja6w9z$C&F");  
@@ -57,6 +58,10 @@ namespace API.Service
 				return new BadRequestObjectResult("Username already exists!");
 
 			User user = this._userMapper.Map<User>(userDTO);
+
+			if (user.Role == null)
+				user.Role = Roles.User;
+
 			await this._userDbRepository.AddAsync(user);
 
 			return new CreatedResult("CreateUser", user);
-- 
cgit v1.2.3