Merge branch 'master' of http://192.168.6.188:3000/Provision/UnivatePropertiesAPI

UnivateProperties_API/Containers/Users/AgentDto.cs

+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+using UnivateProperties_API.Model.Users;
+
+namespace UnivateProperties_API.Containers.Users
+{
+    public class AgentDto
+    {
+        public Agent Agent { get; set; }
+        public string Password { get; set; }
+    }
+}

UnivateProperties_API/Controllers/Users/AgentController.cs

 using System.Transactions;
 using Microsoft.AspNetCore.Mvc;
+using UnivateProperties_API.Containers.Users;
+using UnivateProperties_API.Helpers;
 using UnivateProperties_API.Model.Users;
 using UnivateProperties_API.Repository;
-using UnivateProperties_API.Repository.Users;
 
 namespace User_API.Controllers
 {
         }
 
         [HttpPost()]
-        public IActionResult Post([FromBody] Agent agent)
+        public IActionResult Post([FromBody] AgentDto agentDto)
         {
             using (var scope = new TransactionScope())
             {
-                
+                Agent agent = agentDto.Agent;
+                byte[] passwordHash, passwordSalt;
+                MyCommon.CreatePasswordHash(agentDto.Password, out passwordHash, out passwordSalt);
+
+                agent.User.PasswordHash = passwordHash;
+                agent.User.PasswordSalt = passwordSalt;
                 _Repo.Insert(agent);
                 scope.Complete();
-                return CreatedAtAction(nameof(Get), new { id = agent.Id }, agent);
+                return CreatedAtAction(nameof(Get), new { id = agentDto.Agent.Id }, agentDto.Agent);
             }
         }
 

UnivateProperties_API/Controllers/Users/RegisterController.cs

 using UnivateProperties_API.Model.Users;
 using UnivateProperties_API.Repository;
 using UnivateProperties_API.Repository.Users;
+using System.Net.Http;
+using System.Net;
+using System.Web.Http;
 
 namespace UnivateProperties_API.Controllers.Users
 {
         {
             var user = _Repo.Authenticate(userDto.Username, userDto.Password);
 
+            //HttpResponseMessage response = Request.CreateResponse(HttpStatusCode.Unauthorized, "value");
+
             if (user == null)
                 return BadRequest(new { message = "Username or password is incorrect" });
 
                 SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
             };
             var token = tokenHandler.CreateToken(tokenDescriptor);
-            var tokenString = tokenHandler.WriteToken(token); 
-
+            var tokenString = tokenHandler.WriteToken(token);
             // return basic user info (without password) and token to store client side
             return Ok(new
             {

UnivateProperties_API/Helpers/MyCommon.cs

-using System.Text.RegularExpressions;
+using System;
+using System.Text.RegularExpressions;
 
 namespace UnivateProperties_API.Helpers
 {
             }
             else return false;
         }
+
+        public static void CreatePasswordHash(string password, out byte[] passwordHash, out byte[] passwordSalt)
+        {
+            if (password == null) throw new ArgumentNullException("password");
+            if (string.IsNullOrWhiteSpace(password)) throw new ArgumentException("Value cannot be empty or whitespace only string.", "password");
+
+            using (var hmac = new System.Security.Cryptography.HMACSHA512())
+            {
+                passwordSalt = hmac.Key;
+                passwordHash = hmac.ComputeHash(System.Text.Encoding.UTF8.GetBytes(password));
+            }
+        }
+
+        public static bool VerifyPasswordHash(string password, byte[] storedHash, byte[] storedSalt)
+        {
+            if (password == null) throw new ArgumentNullException("password");
+            if (string.IsNullOrWhiteSpace(password)) throw new ArgumentException("Value cannot be empty or whitespace only string.", "password");
+            if (storedHash.Length != 64) throw new ArgumentException("Invalid length of password hash (64 bytes expected).", "passwordHash");
+            if (storedSalt.Length != 128) throw new ArgumentException("Invalid length of password salt (128 bytes expected).", "passwordHash");
+
+            using (var hmac = new System.Security.Cryptography.HMACSHA512(storedSalt))
+            {
+                var computedHash = hmac.ComputeHash(System.Text.Encoding.UTF8.GetBytes(password));
+                for (int i = 0; i < computedHash.Length; i++)
+                {
+                    if (computedHash[i] != storedHash[i]) return false;
+                }
+            }
+
+            return true;
+        }
     }
 }

UnivateProperties_API/Model/Users/Person.cs

 
         #region Properties
         [ForeignKey("User")]
-        public int UserId { get; set; }
+        public int? UserId { get; set; }
         public string Name { get; set; }
         public string Surname { get; set; }
         public string Email { get; set; }

UnivateProperties_API/Model/Users/User.cs

-namespace UnivateProperties_API.Model.Users
+using UnivateProperties_API.Helpers;
+
+namespace UnivateProperties_API.Model.Users
 {
     public class User : BaseEntity
     {
         #region Constructor
+        public User(string username, string password)
+        {
+            Username = username;
+
+            byte[] passwordHash, passwordSalt;
+            MyCommon.CreatePasswordHash(password, out passwordHash, out passwordSalt);
+
+            PasswordHash = passwordHash;
+            PasswordSalt = passwordSalt;
+        }
+
+        /// <summary>
+        /// Do not use when creating new user
+        /// </summary>
         public User()
         {
 

UnivateProperties_API/Repository/Users/AgentRepository.cs

 using System.Collections.Generic;
 using System.Linq;
 using UnivateProperties_API.Context;
+using UnivateProperties_API.Helpers;
 using UnivateProperties_API.Model.Users;
 
 namespace UnivateProperties_API.Repository.Users
 
         public Agent GetDetailed(Func<Agent, bool> first)
         {
+
             var item = _dbContext.Agents.FirstOrDefault(first);
             //AgentRepository account = new AgentRepository(_dbContext);
             //item = GetDetailedObject(item, account);
 
         public void Insert(Agent item)
         {
-            if (item.AgencyId != 0 && item.Agency == null)
-            {
-                AgencyRepository arepo = new AgencyRepository(_dbContext);
-                item.Agency = arepo.Get(a => a.Id == item.AgencyId).FirstOrDefault();
-            }
             _dbContext.Add(item);
             Save();
         }

UnivateProperties_API/Repository/Users/RegisterRepository.cs

 
             // check if username exists
             if (user == null)
-                return null;
+                throw new AppException("Username is incorrect");
 
             // check if password is correct
-            if (!VerifyPasswordHash(password, user.PasswordHash, user.PasswordSalt))
-                return null;
+            if (!MyCommon.VerifyPasswordHash(password, user.PasswordHash, user.PasswordSalt))
+                throw new AppException("Password is incorrect");
 
             // authentication successful
             return user;
                 throw new AppException("Username \"" + user.Username + "\" is already taken");
 
             byte[] passwordHash, passwordSalt;
-            CreatePasswordHash(password, out passwordHash, out passwordSalt);
+            MyCommon.CreatePasswordHash(password, out passwordHash, out passwordSalt);
 
             user.PasswordHash = passwordHash;
             user.PasswordSalt = passwordSalt;
                 throw new AppException("Individual \"" + individual.Username + "\" is already taken");
             byte[] passwordHash, passwordSalt;
 
-            CreatePasswordHash(individual.Password, out passwordHash, out passwordSalt);
+            MyCommon.CreatePasswordHash(individual.Password, out passwordHash, out passwordSalt);
+
+            User createUser = new User(individual.Username, individual.Password);
 
-            User createUser = new User()
-            {
-                Username = individual.Username,
-                PasswordHash = passwordHash,
-                PasswordSalt = passwordSalt
-            };
             Create(createUser, individual.Password, save);
-            Person person = new Person()
-            {
-            };
+
             if (personType == PersonType.Agent)
             {
                 Agent agent = new Agent()
             if (!string.IsNullOrWhiteSpace(password))
             {
                 byte[] passwordHash, passwordSalt;
-                CreatePasswordHash(password, out passwordHash, out passwordSalt);
+                MyCommon.CreatePasswordHash(password, out passwordHash, out passwordSalt);
 
                 user.PasswordHash = passwordHash;
                 user.PasswordSalt = passwordSalt;
         {
             _dbContext.SaveChanges();
         }
-
-        private static void CreatePasswordHash(string password, out byte[] passwordHash, out byte[] passwordSalt)
-        {
-            if (password == null) throw new ArgumentNullException("password");
-            if (string.IsNullOrWhiteSpace(password)) throw new ArgumentException("Value cannot be empty or whitespace only string.", "password");
-
-            using (var hmac = new System.Security.Cryptography.HMACSHA512())
-            {
-                passwordSalt = hmac.Key;
-                passwordHash = hmac.ComputeHash(System.Text.Encoding.UTF8.GetBytes(password));
-            }
-        }
-
-        private static bool VerifyPasswordHash(string password, byte[] storedHash, byte[] storedSalt)
-        {
-            if (password == null) throw new ArgumentNullException("password");
-            if (string.IsNullOrWhiteSpace(password)) throw new ArgumentException("Value cannot be empty or whitespace only string.", "password");
-            if (storedHash.Length != 64) throw new ArgumentException("Invalid length of password hash (64 bytes expected).", "passwordHash");
-            if (storedSalt.Length != 128) throw new ArgumentException("Invalid length of password salt (128 bytes expected).", "passwordHash");
-
-            using (var hmac = new System.Security.Cryptography.HMACSHA512(storedSalt))
-            {
-                var computedHash = hmac.ComputeHash(System.Text.Encoding.UTF8.GetBytes(password));
-                for (int i = 0; i < computedHash.Length; i++)
-                {
-                    if (computedHash[i] != storedHash[i]) return false;
-                }
-            }
-
-            return true;
-        }
     }
 }