From 8c185f4dac1c02cface4ca1de7a357d39cc8728c Mon Sep 17 00:00:00 2001 From: Ivan Ljubisavljevic Date: Wed, 23 Mar 2022 01:03:30 +0100 Subject: Odradjen api za update profila, izmenu sifre i delete profila. --- backend/api/api/Controllers/UserController.cs | 113 ++++++++++++++++---------- backend/api/api/Models/User.cs | 2 + backend/api/api/Services/IUserService.cs | 6 +- backend/api/api/Services/UserService.cs | 36 +------- 4 files changed, 81 insertions(+), 76 deletions(-) (limited to 'backend/api') diff --git a/backend/api/api/Controllers/UserController.cs b/backend/api/api/Controllers/UserController.cs index dcab53cc..96e75c32 100644 --- a/backend/api/api/Controllers/UserController.cs +++ b/backend/api/api/Controllers/UserController.cs @@ -29,22 +29,6 @@ namespace api.Controllers { return userService.Get(); } - - // GET api//5 - //potrebno za profile page - [HttpGet("{id}")] - public ActionResult Get(string id) - { - var user = userService.Get(id); - - if (user == null) - return NotFound($"User with Id = {id} not found"); - - return user; - } - - - // GET api//5 //potrebno za profile page @@ -92,43 +76,90 @@ namespace api.Controllers } } - // PUT api//5 - [HttpPut("{id}")] + // PUT api//changepass + [HttpPut("changepass")] [Authorize(Roles = "User")] - public ActionResult Put(string id, [FromBody] User user) + public ActionResult PutPass([FromBody] string oldPassword, [FromBody] string newPassword) { - var existingUser = userService.Get(id); + string username; + var header = Request.Headers[HeaderNames.Authorization]; + if (AuthenticationHeaderValue.TryParse(header, out var headerValue)) + { + var scheme = headerValue.Scheme; + var parameter = headerValue.Parameter; + username = jwtToken.TokenToUsername(parameter); + if (username == null) + return null; + } + else + return BadRequest(); - //ne mora da se proverava - if(existingUser == null) - return NotFound($"User with Id = {id} not found"); - userService.Update(id, user); + + User user = new User(); + + user = userService.GetUserUsername(username); + + string oldPass = PasswordCrypt.hashPassword(oldPassword); + string newPass = PasswordCrypt.hashPassword(newPassword); + + if (oldPass != user.Password) + return BadRequest($"Wrong old password!"); + else if (oldPass == newPassword) + return BadRequest($"Identical password!"); + else if (oldPass == user.Password) + { + user.Password = newPass; + userService.Update(username, user); + return Ok($"Succeful password change!"); + } + + return NoContent(); + } + + // PUT api//5 + [HttpPut("changeinfo")] + public ActionResult Put([FromBody] User user) + { + string username; + var header = Request.Headers[HeaderNames.Authorization]; + if (AuthenticationHeaderValue.TryParse(header, out var headerValue)) + { + var scheme = headerValue.Scheme; + var parameter = headerValue.Parameter; + username = jwtToken.TokenToUsername(parameter); + if (username == null) + return null; + } + else + return BadRequest(); + + userService.Update(username, user); return NoContent(); } // DELETE api//5 - [HttpDelete("{id}")] + [HttpDelete("deleteprofile")] [Authorize(Roles = "User")] - public ActionResult Delete(string id) + public ActionResult Delete() { - var user = userService.Get(id); + string username; + var header = Request.Headers[HeaderNames.Authorization]; + if (AuthenticationHeaderValue.TryParse(header, out var headerValue)) + { + var scheme = headerValue.Scheme; + var parameter = headerValue.Parameter; + username = jwtToken.TokenToUsername(parameter); + if (username == null) + return null; + } + else + return BadRequest(); - if (user == null) - return NotFound($"User with Id = {id} not found"); + var user = userService.GetUserUsername(username); userService.Delete(user._id); - return Ok($"Student with Id = {id} deleted"); + return Ok($"Profile with username = {username} deleted!"); } } -} -/* -{ - "_id": "", - "username" : "ivan996sk", - "email" : "ivan996sk@gmail.com", - "password" : "proba", - "firstName" : "Ivan", - "lastName" : "Ljubisavljevic" -} -*/ \ No newline at end of file +} \ No newline at end of file diff --git a/backend/api/api/Models/User.cs b/backend/api/api/Models/User.cs index 46db50ab..1ae8e437 100644 --- a/backend/api/api/Models/User.cs +++ b/backend/api/api/Models/User.cs @@ -24,5 +24,7 @@ namespace api.Models [BsonElement("lastName")] public string LastName { get; set; } + public string photoId { get; set; } + } } diff --git a/backend/api/api/Services/IUserService.cs b/backend/api/api/Services/IUserService.cs index b6725694..1cb6a609 100644 --- a/backend/api/api/Services/IUserService.cs +++ b/backend/api/api/Services/IUserService.cs @@ -1,14 +1,14 @@ using api.Models; +using Microsoft.AspNetCore.Mvc; namespace api.Services { public interface IUserService { List Get();// daje sve korisnike - User Get(string id); //daje korisnika po id-u User GetUserUsername(string username); //daje korisnika po korisnickom imenu User Create(User user); // kreira korisnika - void Update(string id, User user); //apdejruje korisnika po idu - void Delete(string id);//brise korisnika + void Update(string username, User user); //apdejtuje korisnika po idu + void Delete(string username);//brise korisnika } } diff --git a/backend/api/api/Services/UserService.cs b/backend/api/api/Services/UserService.cs index c626889d..847757be 100644 --- a/backend/api/api/Services/UserService.cs +++ b/backend/api/api/Services/UserService.cs @@ -18,50 +18,22 @@ namespace api.Services _users.InsertOne(user); return user; } - public List Get() { return _users.Find(user => true).ToList(); } - public User GetUserUsername(string username) { return _users.Find(user => user.Username == username).FirstOrDefault(); } - - public User Get(string id) + public void Update(string username, User user) { - return _users.Find(user => user._id == id).FirstOrDefault(); + _users.ReplaceOne(user => user.Username == username, user); } - - public void Delete(string id) + public void Delete(string username) { - _users.DeleteOne(user => user._id == id); + _users.DeleteOne(user => user.Username == username); } - public void Update(string id, User user) - { - _users.ReplaceOne(user => user._id == id, user); - } } } -/* - { - "_id": "", - "username" : "ivan996sk", - "email" : "ivan996sk@gmail.com", - "password" : "proba", - "firstName" : "Ivan", - "lastName" : "Ljubisavljevic" -} - -{ - "_id": { - "$oid": "62291140d88e6bcf95c96a58" - }, - "uploaderId":"", - "extension" : "", - "name" : "" -} - -*/ -- cgit v1.2.3 From c77852e3935319559a3021c0bd74383731a72767 Mon Sep 17 00:00:00 2001 From: Ivan Ljubisavljevic Date: Wed, 23 Mar 2022 12:13:31 +0100 Subject: User password change FIX --- backend/api/api/Controllers/UserController.cs | 23 ++++++++++++----------- backend/api/api/Services/UserService.cs | 1 + 2 files changed, 13 insertions(+), 11 deletions(-) (limited to 'backend/api') diff --git a/backend/api/api/Controllers/UserController.cs b/backend/api/api/Controllers/UserController.cs index 96e75c32..0287f3cb 100644 --- a/backend/api/api/Controllers/UserController.cs +++ b/backend/api/api/Controllers/UserController.cs @@ -79,7 +79,7 @@ namespace api.Controllers // PUT api//changepass [HttpPut("changepass")] [Authorize(Roles = "User")] - public ActionResult PutPass([FromBody] string oldPassword, [FromBody] string newPassword) + public ActionResult PutPass([FromBody] string[] Password) { string username; var header = Request.Headers[HeaderNames.Authorization]; @@ -99,20 +99,21 @@ namespace api.Controllers User user = new User(); user = userService.GetUserUsername(username); - - string oldPass = PasswordCrypt.hashPassword(oldPassword); - string newPass = PasswordCrypt.hashPassword(newPassword); - - if (oldPass != user.Password) - return BadRequest($"Wrong old password!"); - else if (oldPass == newPassword) - return BadRequest($"Identical password!"); - else if (oldPass == user.Password) + + if(PasswordCrypt.checkPassword(Password[0], user.Password)) { - user.Password = newPass; + if(PasswordCrypt.checkPassword(Password[1], user.Password)) + { + return BadRequest($"Identical password!"); + } + + user.Password = PasswordCrypt.hashPassword(Password[1]); userService.Update(username, user); return Ok($"Succeful password change!"); } + else + return BadRequest($"Wrong old password!"); + return NoContent(); } diff --git a/backend/api/api/Services/UserService.cs b/backend/api/api/Services/UserService.cs index 847757be..f613f923 100644 --- a/backend/api/api/Services/UserService.cs +++ b/backend/api/api/Services/UserService.cs @@ -28,6 +28,7 @@ namespace api.Services } public void Update(string username, User user) { + //username koji postoji u bazi _users.ReplaceOne(user => user.Username == username, user); } public void Delete(string username) -- cgit v1.2.3