diff --git a/AsbCloudInfrastructure/Services/AuthService.cs b/AsbCloudInfrastructure/Services/AuthService.cs
index e42e9b8c..04c0621c 100644
--- a/AsbCloudInfrastructure/Services/AuthService.cs
+++ b/AsbCloudInfrastructure/Services/AuthService.cs
@@ -45,7 +45,7 @@ namespace AsbCloudInfrastructure.Services
var identity = await GetClaimsUserAsync(login, password, token)
.ConfigureAwait(false);
- if (identity == default)
+ if (identity == default || identity.User.State == 0)
return null;
return new UserTokenDto
@@ -69,27 +69,33 @@ namespace AsbCloudInfrastructure.Services
public int Register(UserDto userDto)
{
- if (userDto.Login.Length < 3)
+ if (userDto.Login is null || userDto.Login.Length is < 3 or > 50)
return -1;
- if (userDto.Password.Length < 3)
+ if (userDto.Password is null || userDto.Password.Length is < 3 or > 50)
return -2;
- if (userDto.Email.Length > 255)
+ if (userDto.Email?.Length > 255)
return -3;
- if (userDto.Phone.Length > 50)
+ if (userDto.Phone?.Length > 50)
return -4;
- if (userDto.Position.Length > 255)
+ if (userDto.Position?.Length > 255)
return -5;
+ var user = db.Users.FirstOrDefault(u => u.Login == userDto.Login);
+
+ if(user is not null)
+ return -6;
+
var salt = GenerateSalt();
- var user = new User
+ var newUser = new User
{
IdCompany = userDto.IdCompany,
- IdRole = userDto.IdRole,
+ IdRole = 2, // simple user
+ State = 0,
Name = userDto.Name,
Surname = userDto.Surname,
Patronymic = userDto.Patronymic,
@@ -98,17 +104,17 @@ namespace AsbCloudInfrastructure.Services
Position = userDto.Position,
Level = userDto.Level,
Login = userDto.Login,
- PasswordHash = salt + ComputeHash(salt, userDto.Password)
+ PasswordHash = salt + ComputeHash(salt, userDto.Password),
};
- db.Users.Add(user);
+ db.Users.Add(newUser);
try
{
db.SaveChanges();
}
catch //(Exception ex)
{
- return -6;
+ return -7;
}
return 0;
diff --git a/AsbCloudWebApi/Controllers/AuthController.cs b/AsbCloudWebApi/Controllers/AuthController.cs
index 6cf23e7e..08db1c7e 100644
--- a/AsbCloudWebApi/Controllers/AuthController.cs
+++ b/AsbCloudWebApi/Controllers/AuthController.cs
@@ -36,7 +36,7 @@ namespace AsbCloudWebApi.Controllers
auth.Password, token).ConfigureAwait(false);
if (userToken is null)
- BadRequest();//"wrong login or password"
+ Forbid();
return Ok(userToken);
}
@@ -54,17 +54,13 @@ namespace AsbCloudWebApi.Controllers
}
///
- /// Регистрация пользователя. Доступна администратору
+ /// Отправить заявку на регистрацию. Заявка подтверждается администратором.
///
+ /// Информация о новом пользователе
/// Ок
- [Authorize]
[HttpPost]
public IActionResult Register(UserDto user)
{
- const string roleName = "Администратор";
- if (!User.IsInRole(roleName))
- return Forbid($"You must be an {roleName}.");
-
var code = authService.Register(user);
return code switch
{
@@ -74,6 +70,7 @@ namespace AsbCloudWebApi.Controllers
-3 => BadRequest("Email не должен быть длиннее 255 знаков."),
-4 => BadRequest("Телефон не должен быть длиннее 50 знаков."),
-5 => BadRequest("Название должности не должно быть длиннее 255 символов."),
+ -6 => BadRequest("Пользователь с таким логином уже зарегистрирован."),
_ => BadRequest(),
};
}