Addressed the unsecure login HTTP endpoint and user the Performers property instead of the deprecated Artists property from the TagLib library. #38

This commit is contained in:
amazing-username
2019-05-11 16:42:29 -04:00
parent c0ac3cdd30
commit 9bfb43e46a
13 changed files with 267 additions and 60 deletions
+12
View File
@@ -0,0 +1,12 @@
using System;
using Newtonsoft.Json;
namespace Icarus.Models
{
public class BaseResult
{
[JsonProperty("message")]
public string Message { get; set; }
}
}
+2 -2
View File
@@ -3,7 +3,7 @@ using System.Collections.Generic;
using System.Globalization;
using MySql.Data.MySqlClient;
using NLog;
//using NLog;
using Icarus.Models;
@@ -12,7 +12,7 @@ namespace Icarus.Models.Context
public class AlbumStoreContext : BaseStoreContext
{
#region Fields
private static Logger _logger = NLog.LogManager.GetCurrentClassLogger();
//private static Logger _logger = NLog.LogManager.GetCurrentClassLogger();
#endregion
+2 -2
View File
@@ -4,7 +4,7 @@ using System.Globalization;
using Microsoft.Extensions.Logging;
using MySql.Data.MySqlClient;
using NLog;
//using NLog;
using Icarus.Models;
@@ -13,7 +13,7 @@ namespace Icarus.Models.Context
public class ArtistStoreContext : BaseStoreContext
{
#region Fields
private static Logger _logger = NLog.LogManager.GetCurrentClassLogger();
//private static Logger _logger = NLog.LogManager.GetCurrentClassLogger();
#endregion
+2
View File
@@ -1,6 +1,7 @@
using System;
using MySql.Data.MySqlClient;
using NLog;
namespace Icarus.Models.Context
{
@@ -8,6 +9,7 @@ namespace Icarus.Models.Context
{
#region Fields
protected string _connectionString;
protected static Logger _logger = NLog.LogManager.GetCurrentClassLogger();
#endregion
+2 -2
View File
@@ -2,14 +2,14 @@ using System;
using System.Collections.Generic;
using MySql.Data.MySqlClient;
using NLog;
//using NLog;
namespace Icarus.Models.Context
{
public class MusicStoreContext : BaseStoreContext
{
#region Fields
private static Logger _logger = NLog.LogManager.GetCurrentClassLogger();
//private static Logger _logger = NLog.LogManager.GetCurrentClassLogger();
#endregion
+141 -26
View File
@@ -31,15 +31,15 @@ namespace Icarus.Models.Context
{
try
{
_logger.Info("Saving user");
using (MySqlConnection conn = GetConnection())
{
conn.Open();
string query = "INSERT INTO Users(Username, Password, Nickname," +
"Email, PhoneNumber, Firstname, Lastname, " +
"EmailVerified, DateCreated, LastLogin) " +
"VALUES(@Username, @Password, @Nickname, " +
"@Email, @PhoneNumber, @Firstname, @Lastname," +
" @EmailVerified, @DateCreated, @LastLogin)";
string query = "INSERT INTO User(Username, Password, Nickname, Email" +
", PhoneNumber, Firstname, Lastname, EmailVerified) " +
"VALUES(@Username, @Password, @Nickname, @Email, @PhoneNumber," +
" @Firstname, @Lastname, @EmailVerified)";
using (MySqlCommand cmd = new MySqlCommand(query, conn))
{
cmd.Parameters.AddWithValue("@Username", user.Username);
@@ -50,18 +50,19 @@ namespace Icarus.Models.Context
cmd.Parameters.AddWithValue("@Firstname", user.Firstname);
cmd.Parameters.AddWithValue("@Lastname", user.Lastname);
cmd.Parameters.AddWithValue("@EmailVerified", user.EmailVerified);
cmd.Parameters.AddWithValue("@DateCreated", DateTime.Now);
cmd.Parameters.AddWithValue("@LastLogin", DateTime.Now);
cmd.ExecuteNonQuery();
}
}
_logger.Info("Successfully saved user");
}
catch (Exception ex)
{
var exMsg = ex.Message;
Console.WriteLine($"An error occurred:\n{exMsg}");
_logger.Error(exMsg, "An error occurred");
}
}
@@ -69,10 +70,12 @@ namespace Icarus.Models.Context
{
try
{
_logger.Info("Retrieving user");
using (MySqlConnection conn = GetConnection())
{
conn.Open();
var query = "SELECT * FROM Users WHERE Username=@Username";
var query = "SELECT * FROM User WHERE Username=@Username";
using (MySqlCommand cmd = new MySqlCommand(query, conn))
{
@@ -80,36 +83,148 @@ namespace Icarus.Models.Context
using (var reader = cmd.ExecuteReader())
{
while (reader.Read())
{
var dateCreated = reader["DateCreated"].ToString();
var lastLogin = reader["LastLogin"].ToString();
var parsedC = DateTime.Parse(dateCreated);
var parsedL = DateTime.Parse(lastLogin);
user.Id = Convert.ToInt32(reader["Id"]);
user.Nickname = reader["Nickname"].ToString();
user.Email = reader["Email"].ToString();
user.PhoneNumber = reader["PhoneNumber"].ToString();
user.EmailVerified = (reader["EmailVerified"].ToString()) == "1";
user.Firstname = reader["Firstname"].ToString();
user.Lastname = reader["Lastname"].ToString();
user.DateCreated = DateTime.Parse(parsedC.ToString("yyyy-MM-dd HH:mm:ss"));
user.LastLogin = DateTime.Parse(parsedL.ToString("yyyy-MM-dd HH:mm:ss"));
}
user = ParseSingleData(reader);
}
}
}
_logger.Info("Successfully retrieved user");
return user;
}
catch (Exception ex)
{
var exMsg = ex.Message;
Console.WriteLine($"An error occurred:\n{exMsg}");
_logger.Error(exMsg, "An error occurred");
}
return null;
}
public bool DoesUserExist(User user)
{
var username = user.Username;
try
{
_logger.Info($"Checking to see if {user.Username} exists");
using (var conn = GetConnection())
{
conn.Open();
var query = "SELECT * FROM User WHERE Username=@Username";
using (var cmd = new MySqlCommand(query, conn))
{
cmd.Parameters.AddWithValue("@Username", user.Username);
using (var reader = cmd.ExecuteReader())
{
user = ParseSingleData(reader, true);
username = user.Username;
if (!string.IsNullOrEmpty(username))
{
_logger.Info($"The user {username} exists");
return true;
}
}
}
}
}
catch (Exception ex)
{
var msg = ex.Message;
_logger.Error(msg, "An error occurred");
}
_logger.Info($"The user {username} does not exists");
return false;
}
private User ParseSingleData(MySqlDataReader reader)
{
var user = new User();
while (reader.Read())
{
var id = Convert.ToInt32(reader["Id"].ToString());
var username = reader["Username"].ToString();
var password = reader["Password"].ToString();
var nickname = reader["Nickname"].ToString();
var email = reader["Email"].ToString();
var phoneNumber = reader["PhoneNumber"].ToString();
var emailVerified = reader["EmailVerified"].ToString() == "1";
var firstname = reader["Firstname"].ToString();
var lastname = reader["Lastname"].ToString();
var rawLastLogin = reader["LastLogin"].ToString();
var parsedDateCreated = DateTime.Parse(reader["DateCreated"].ToString());
var dateCreated = DateTime.Parse(parsedDateCreated.ToString("yyyy-MM-dd HH:mm:ss"));
if (!string.IsNullOrEmpty(rawLastLogin))
{
var parsedLastLogin = DateTime.Parse(rawLastLogin);
var lastLogin = DateTime.Parse(parsedLastLogin.ToString("yyyy-MM-dd HH:mm:ss"));
user.LastLogin = lastLogin;
}
user.Id = id;
user.Username = username;
user.Password = password;
user.Nickname = nickname;
user.Email = email;
user.PhoneNumber = phoneNumber;
user.EmailVerified = emailVerified;
user.Firstname = firstname;
user.Lastname = lastname;
user.DateCreated = dateCreated;
}
return user;
}
private User ParseSingleData(MySqlDataReader reader, bool ignoreLastLogin)
{
var user = new User();
while (reader.Read())
{
var id = Convert.ToInt32(reader["Id"].ToString());
var username = reader["Username"].ToString();
var nickname = reader["Nickname"].ToString();
var email = reader["Email"].ToString();
var phoneNumber = reader["PhoneNumber"].ToString();
var emailVerified = reader["EmailVerified"].ToString() == "1";
var firstname = reader["Firstname"].ToString();
var lastname = reader["Lastname"].ToString();
var parsedDateCreated = DateTime.Parse(reader["DateCreated"].ToString());
var dateCreated = DateTime.Parse(parsedDateCreated.ToString("yyyy-MM-dd HH:mm:ss"));
if (!ignoreLastLogin)
{
var parsedLastLogin = DateTime.Parse(reader["LastLogin"].ToString());
var lastLogin = DateTime.Parse(parsedLastLogin.ToString("yyyy-MM-dd HH:mm:ss"));
user.LastLogin = lastLogin;
}
user.Id = id;
user.Username = username;
user.Nickname = nickname;
user.Email = email;
user.PhoneNumber = phoneNumber;
user.EmailVerified = emailVerified;
user.Firstname = firstname;
user.Lastname = lastname;
user.DateCreated = dateCreated;
}
return user;
}
#endregion
}
}
+1 -1
View File
@@ -4,7 +4,7 @@ using Newtonsoft.Json;
namespace Icarus.Models
{
public class LoginResult
public class LoginResult : BaseResult
{
[JsonProperty("id")]
public int UserId { get; set; }
+14
View File
@@ -0,0 +1,14 @@
using System;
using Newtonsoft.Json;
namespace Icarus.Models
{
public class RegisterResult : BaseResult
{
[JsonProperty("username")]
public string Username { get; set; }
[JsonProperty("successfully_registered")]
public bool SuccessfullyRegistered { get; set; }
}
}