2024-08-15 14:21:17 +01:00
|
|
|
|
using AuthorizationService.Models;
|
|
|
|
|
using AuthorizationService.Persistence.Repositories;
|
2024-08-13 12:29:01 +01:00
|
|
|
|
using Microsoft.AspNetCore.Mvc;
|
|
|
|
|
using System.Text.RegularExpressions;
|
|
|
|
|
|
2024-08-15 14:21:17 +01:00
|
|
|
|
namespace AuthorizationService.Application.Users.Commands
|
2024-08-13 12:29:01 +01:00
|
|
|
|
{
|
|
|
|
|
public class CreateUser
|
|
|
|
|
{
|
|
|
|
|
private readonly IUserRepository _repository;
|
|
|
|
|
|
|
|
|
|
public CreateUser(IUserRepository repository)
|
|
|
|
|
{
|
|
|
|
|
_repository = repository;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public async Task<ActionResult<Guid>> Handle(SignUpDTO signUpDTO)
|
|
|
|
|
{
|
|
|
|
|
List<User> existingUsers = await _repository.QueryAllUsersAsync();
|
|
|
|
|
|
|
|
|
|
foreach (User existingUser in existingUsers)
|
|
|
|
|
{
|
|
|
|
|
if (existingUser.Username == signUpDTO.Username)
|
|
|
|
|
{
|
|
|
|
|
return new ConflictObjectResult(new { message = "Username is already in use." });
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (existingUser.Email == signUpDTO.Email)
|
|
|
|
|
{
|
|
|
|
|
return new ConflictObjectResult(new { message = "Email is already in use." });
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!IsPasswordSecure(signUpDTO.Password))
|
|
|
|
|
{
|
|
|
|
|
return new ConflictObjectResult(new { message = "Password is not secure." });
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
User user = MapSignUpDTOToUser(signUpDTO);
|
|
|
|
|
string id = await _repository.CreateUserAsync(user);
|
|
|
|
|
|
|
|
|
|
if (id != "")
|
|
|
|
|
{
|
|
|
|
|
return new OkObjectResult(id);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
return new StatusCodeResult(StatusCodes.Status500InternalServerError); // or another status code that fits your case
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private bool IsPasswordSecure(string password)
|
|
|
|
|
{
|
|
|
|
|
var hasUpperCase = new Regex(@"[A-Z]+");
|
|
|
|
|
var hasLowerCase = new Regex(@"[a-z]+");
|
|
|
|
|
var hasDigits = new Regex(@"[0-9]+");
|
|
|
|
|
var hasSpecialChar = new Regex(@"[\W_]+");
|
|
|
|
|
var hasMinimum8Chars = new Regex(@".{8,}");
|
|
|
|
|
|
|
|
|
|
return hasUpperCase.IsMatch(password)
|
|
|
|
|
&& hasLowerCase.IsMatch(password)
|
|
|
|
|
&& hasDigits.IsMatch(password)
|
|
|
|
|
&& hasSpecialChar.IsMatch(password)
|
|
|
|
|
&& hasMinimum8Chars.IsMatch(password);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private User MapSignUpDTOToUser(SignUpDTO signUpDTO)
|
|
|
|
|
{
|
|
|
|
|
string hashedPassword = BCrypt.Net.BCrypt.HashPassword(signUpDTO.Password);
|
|
|
|
|
string salt = hashedPassword.Substring(0, 29);
|
|
|
|
|
|
|
|
|
|
return new User
|
|
|
|
|
{
|
|
|
|
|
Id = Guid.NewGuid().ToString("N"),
|
|
|
|
|
Email = signUpDTO.Email,
|
|
|
|
|
Username = signUpDTO.Username,
|
|
|
|
|
CreatedAt = DateTime.UtcNow.AddHours(2),
|
|
|
|
|
UpdatedAt = DateTime.UtcNow.AddHours(2),
|
|
|
|
|
HashedPassword = hashedPassword,
|
|
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|