diff --git a/backend/Api/BusinessLogic/DeviceLogic.cs b/backend/Api/BusinessLogic/DeviceLogic.cs
index 506316c..27ab67a 100644
--- a/backend/Api/BusinessLogic/DeviceLogic.cs
+++ b/backend/Api/BusinessLogic/DeviceLogic.cs
@@ -16,6 +16,12 @@ namespace Api.BusinessLogic
_configuration = configuration;
}
+ ///
+ /// Gets the user from dbaccess using the userId and checks if the user exists
+ /// Gets all devices that match the userId and checks if there are any devices connected to the user
+ ///
+ /// UserId that matches a user that owns the devices
+ /// returns the devices in a OkObjectResult and if there is some error it returns a ConflictObjectResult and a message that explain the reason
public async Task GetDevices(int userId)
{
var profile = await _dbAccess.ReadUser(userId);
@@ -29,6 +35,13 @@ namespace Api.BusinessLogic
return new OkObjectResult(devices);
}
+ ///
+ /// Checks if the user that the device is trying to be added to exists
+ /// Then it is send to dbaccess
+ ///
+ /// The new device
+ /// The user that owns the device
+ /// returns true in a OkObjectResult and if there is some error it returns a ConflictObjectResult and a message that explain the reason
public async Task AddDevice(Device device, int userId)
{
var profile = await _dbAccess.ReadUser(userId);
@@ -38,6 +51,12 @@ namespace Api.BusinessLogic
return await _dbAccess.CreateDevice(device, userId);
}
+ ///
+ /// Checks if the device exist that is trying to be read from
+ /// Gets the logs and checks if there are any in the list
+ ///
+ /// The deviceId that you want from the logs
+ /// returns the logs in a OkObjectResult and if there is some error it returns a ConflictObjectResult and a message that explain the reason
public async Task GetLogs(int deviceId)
{
var device = await _dbAccess.ReadDevice(deviceId);
@@ -51,6 +70,12 @@ namespace Api.BusinessLogic
return new OkObjectResult(logs);
}
+ ///
+ /// Checks if the deviceId matches a device
+ ///
+ /// The updated info
+ /// The device to be edited
+ /// returns the updated device in a OkObjectResult and if there is some error it returns a ConflictObjectResult and a message that explain the reason
public async Task EditDevice(Device device, int deviceId)
{
var device1 = _dbAccess.ReadDevice(deviceId);
diff --git a/backend/Api/BusinessLogic/UserLogic.cs b/backend/Api/BusinessLogic/UserLogic.cs
index 43d21f6..ed0a11f 100644
--- a/backend/Api/BusinessLogic/UserLogic.cs
+++ b/backend/Api/BusinessLogic/UserLogic.cs
@@ -22,6 +22,14 @@ namespace Api.BusinessLogic
_configuration = configuration;
}
+ ///
+ /// First checks if the mail is a valid one with regex so if there is something before the @ and after and it has a domain
+ /// Then it checks if the password is to our security standard
+ /// Then it makes sure the user has a device list
+ /// The last thing before it saves the user is creating a salt and then hashing of the password
+ ///
+ /// The new user
+ /// returns true in a OkObjectResult and if there is some error it returns a ConflictObjectResult and a message that explain the reason
public async Task RegisterUser(User user)
{
if (!new Regex(@".+@.+\..+").IsMatch(user.Email))
@@ -48,6 +56,13 @@ namespace Api.BusinessLogic
return await _dbAccess.CreateUser(user);
}
+ ///
+ /// Gets the user that matches the login
+ /// Hashes the login password with the users salt
+ /// checks if the hashed password that the login has is the same as the one saved in the database
+ ///
+ /// Has a username or email and a password
+ /// Returns a jwt token, username and userid
public async Task Login(Login login)
{
User user = await _dbAccess.Login(login);
@@ -65,6 +80,15 @@ namespace Api.BusinessLogic
return new ConflictObjectResult(new { message = "Invalid password" });
}
+ ///
+ /// First checks if the mail is a valid one with regex so if there is something before the @ and after and it has a domain
+ /// Then it checks if the password is to our security standard
+ /// Finds the user that matches the userId and hashes a new hash with the old salt
+ /// Then the updated user and the userId is being send to dbaccess
+ ///
+ /// Contains the updated user info
+ /// Has the id for the user that is to be updated
+ /// returns the updated user in a OkObjectResult and if there is some error it returns a ConflictObjectResult and a message that explain the reason
public async Task EditProfile(User user, int userId)
{
if (!new Regex(@".+@.+\..+").IsMatch(user.Email))
@@ -85,11 +109,23 @@ namespace Api.BusinessLogic
return await _dbAccess.UpdateUser(user, userId);
}
+ ///
+ /// Just sends the userid of the user that is to be deleted
+ ///
+ /// The Id of the user that is to be deleted
+ /// returns the true in a OkObjectResult and if there is some error it returns a ConflictObjectResult and a message that explain the reason
public async Task DeleteUser(int userId)
{
return await _dbAccess.DeleteUser(userId);
}
+ ///
+ /// Generates a hash from a salt and input using the algorithm that is provided
+ ///
+ /// This is the input that is supposed to be hashed
+ /// This is the alogorithm that is used to encrypt the input
+ /// This is something extra added to make the hashed input more unpredictable
+ /// The hashed input
private static string ComputeHash(string input, HashAlgorithm algorithm, string salt)
{
Byte[] inputBytes = Encoding.UTF8.GetBytes(input);
@@ -105,6 +141,11 @@ namespace Api.BusinessLogic
return BitConverter.ToString(hashedBytes);
}
+ ///
+ /// Checks if password is up to our security standard
+ ///
+ /// The password that is to be checked
+ /// true or false dependeing on if the password is up to standard
public bool PasswordSecurity(string password)
{
var hasMinimum8Chars = new Regex(@".{8,}");
@@ -112,6 +153,11 @@ namespace Api.BusinessLogic
return hasMinimum8Chars.IsMatch(password);
}
+ ///
+ /// Generates a JWT token that last 2 hours
+ ///
+ /// Used for sending the userid and username with the token
+ /// Returns a valid JWTToken
private string GenerateJwtToken(User user)
{
var claims = new[]
@@ -129,7 +175,7 @@ namespace Api.BusinessLogic
_configuration["JwtSettings:Issuer"],
_configuration["JwtSettings:Audience"],
claims,
- expires: DateTime.Now.AddMinutes(30),
+ expires: DateTime.Now.AddHours(2),
signingCredentials: creds);
return new JwtSecurityTokenHandler().WriteToken(token);
diff --git a/backend/Api/Controllers/DeviceController.cs b/backend/Api/Controllers/DeviceController.cs
index d936fdb..8244f8c 100644
--- a/backend/Api/Controllers/DeviceController.cs
+++ b/backend/Api/Controllers/DeviceController.cs
@@ -19,15 +19,15 @@ namespace Api.Controllers
_deviceLogic = deviceLogic;
}
+ // Sends the userId to deviceLogic
[Authorize]
[HttpGet("{userId}")]
public async Task GetDevices(int userId)
{
- List devices = await _dbAccess.ReadDevices(userId);
- if (devices.Count == 0) { return BadRequest(new { error = "There is no devices that belong to this userID" }); }
return await _deviceLogic.GetDevices(userId);
}
+ // Sends the device and userId to deviceLogic
[Authorize]
[HttpPost("adddevice/{userId}")]
public async Task AddDevice([FromBody] Device device, int userId)
@@ -35,6 +35,7 @@ namespace Api.Controllers
return await _deviceLogic.AddDevice(device, userId);
}
+ // Sends the deviceId to deviceLogic
[Authorize]
[HttpGet("logs/{deviceId}")]
public async Task GetLogs(int deviceId)
@@ -42,6 +43,7 @@ namespace Api.Controllers
return await _deviceLogic.GetLogs(deviceId);
}
+ // Sends the deviceId to deviceLogic
[Authorize]
[HttpPut("Edit/{deviceId}")]
public async Task EditDevice([FromBody] Device device, int deviceId)
diff --git a/backend/Api/Controllers/UserController.cs b/backend/Api/Controllers/UserController.cs
index 186e1d4..74cbb1b 100644
--- a/backend/Api/Controllers/UserController.cs
+++ b/backend/Api/Controllers/UserController.cs
@@ -21,18 +21,21 @@ namespace Api.Controllers
_userLogic = userLogic;
}
+ // Sends the login to userLogic
[HttpPost("Login")]
public async Task Login([FromBody] Login login)
{
return await _userLogic.Login(login);
}
+ // Sends the user to userLogic
[HttpPost("Create")]
public async Task CreateUser([FromBody] User user)
{
return await _userLogic.RegisterUser(user);
}
+ // Sends the user and userId to userLogic
[Authorize]
[HttpPut("Edit/{userId}")]
public async Task EditUser([FromBody] User user, int userId)
@@ -40,6 +43,7 @@ namespace Api.Controllers
return await _userLogic.EditProfile(user, userId);
}
+ // Sends the userId to userLogic
[Authorize]
[HttpDelete("Delete/{userId}")]
public async Task DeleteUser(int userId)
diff --git a/backend/Api/DBAccess/DBAccess.cs b/backend/Api/DBAccess/DBAccess.cs
index 8ced21d..a239f8c 100644
--- a/backend/Api/DBAccess/DBAccess.cs
+++ b/backend/Api/DBAccess/DBAccess.cs
@@ -22,7 +22,7 @@ namespace Api.DBAccess
/// Creates a user using entityframework core
///
/// Need the entire user obj
- /// returns the true in a OkObjectResult and if there is some error it returns a ConflictObjectResult and a message that explain the reason
+ /// returns true in a OkObjectResult and if there is some error it returns a ConflictObjectResult and a message that explain the reason
public async Task CreateUser(User user)
{
var users = await _context.Users.ToListAsync();
@@ -118,7 +118,7 @@ namespace Api.DBAccess
/// Deletes a user from the database
///
/// The Id of the user that is to be deleted
- /// returns the true in a OkObjectResult and if there is some error it returns a ConflictObjectResult and a message that explain the reason
+ /// returns true in a OkObjectResult and if there is some error it returns a ConflictObjectResult and a message that explain the reason
public async Task DeleteUser(int userId)
{
var user = await _context.Users.Include(u => u.Devices).FirstOrDefaultAsync(u => u.Id == userId);