Untitled

using System;
using System.Collections.Generic;
using System.Linq;
using System.Net;
using System.Net.Http;
using System.Threading.Tasks;
using System.Web.Http;
using customerMarket.Functions;
using customerMarket.Models;
using customerMarket.Database;
using System.Data.Entity;
using System.Text;
using System.Globalization;

namespace customerMarket.Controllers
{
    [RoutePrefix("api/Account")]
    public class AccountController : ApiController
    {
        DatabaseEntities db = new DatabaseEntities();

        [Route("Register")]
        [System.Web.Http.HttpPost]
        public async Task<IHttpActionResult> Register(UserRegisterModel model)
        {
            if (AuthChecker.checkAuthKey(Request.Headers.GetValues("authKey").FirstOrDefault()) == false)
                return Json(new { Message = "Access denied!" });

            if (!ModelState.IsValid)
                return Json(new { Message = ModelState });

            if (await db.users.Where(x => x.user_email.Trim() == model.User.user_email.Trim()).FirstOrDefaultAsync() == null)
            {
                Database.users user = new Database.users();

                user.user_first_name = model.User.user_first_name.Trim();
                user.user_last_name = model.User.user_last_name.Trim();
                user.user_email = model.User.user_email.Trim();
                user.user_password = model.User.user_password.Trim();
                user.user_role_id = await db.user_roles.Where(x => x.user_role_name.Contains("User")).Select(z => z.user_role_id).FirstOrDefaultAsync();
                user.user_token = Guid.NewGuid().ToString();

                while (await db.users.Where(x => x.user_token == user.user_token).FirstOrDefaultAsync() != null)
                    user.user_token = Guid.NewGuid().ToString();

                user.user_created_date = DateTime.Now;
                db.users.Add(user);
                await db.SaveChangesAsync();

                if (user.user_id == 0)
                    return Json(new { Message = "Unexpected error, user not registered" });

                Msg Message1 = new Msg("Success.");
                return Json(new { Message = Message1 });
            }
            Msg Message = new Msg(String.Format("The user with email '{0}' is allready exist", model.User.user_email.Trim()));
            return Json(new { Message = Message });
        }

        [Route("Authorize")]
        [System.Web.Http.HttpPost]
        public async Task<IHttpActionResult> UserAuthorize(UserAuthorizeModel model)
        {
            if (AuthChecker.checkAuthKey(Request.Headers.GetValues("authKey").FirstOrDefault()) == false)
                return BadRequest("Access denied!");

            if (!ModelState.IsValid)
                return BadRequest(ModelState);

            var userQuery = await db.users.Where(x => x.user_email.Trim() == model.User.user_email.Trim() && x.user_password.Trim() == model.User.user_password.Trim()).FirstOrDefaultAsync();
            if (userQuery != null)
            {
                List<Cart> Cart = new List<Cart>();
                foreach (Database.cart cart in db.cart.Where(x => x.user_id == userQuery.user_id))
                {
                    if (await db.device_information.Where(x => x.device_id == cart.device_id).FirstOrDefaultAsync() != null)
                    {
                        Cart.Add(new Cart(cart.cart_id, cart.device_id));
                    }
                }

                UnreadMessageCount UnreadMessageCount = new UnreadMessageCount(await db.topic_messages_read_state.CountAsync(x => x.user_id == userQuery.user_id && x.topic_message_read_date.HasValue == false));
                UserInfo UserInfo = new UserInfo(userQuery.user_id, userQuery.user_first_name.Trim(), userQuery.user_last_name.Trim(), userQuery.user_email.Trim(), userQuery.user_token.Trim(), userQuery.user_created_date.ToString("dd.MM.yyyy HH:mm:ss", CultureInfo.InvariantCulture));
                return Json(new { User = UserInfo, Cart = Cart, UnreadMessageCount = UnreadMessageCount });
            }
            return BadRequest(String.Format("The user with email '{0}' and password: {1} is not found.", model.User.user_email.Trim(), model.User.user_password.Trim()));
        }

        [Route("ChangePassword")]
        [System.Web.Http.HttpPost]
        public async Task<IHttpActionResult> ChangePassword(UserChangePasswordModel model)
        {
            if (AuthChecker.checkAuthKey(Request.Headers.GetValues("authKey").FirstOrDefault()) == false)
                return BadRequest("Access denied!");

            if (!ModelState.IsValid)
                return BadRequest(ModelState);

            if (model.User.user_password == model.User.user_newPassword)
                return BadRequest("The new password and old password shouldn't be identically.");

            var userQuery = await db.users.Where(x => x.user_id == model.User.user_id && x.user_email.Trim() == model.User.user_email.Trim() && x.user_token.Trim() == model.User.user_token.Trim()).FirstOrDefaultAsync();//await UserManager.User(model.User.user_id, model.User.user_email, model.User.user_token);
            if (userQuery != null)
            {
                userQuery.user_password = model.User.user_newPassword.Trim();
                await db.SaveChangesAsync();

                if (db.users.Where(x => x.user_id == model.User.user_id && x.user_password == model.User.user_newPassword).FirstOrDefault() == null)
                    return BadRequest("Password doesn't changed.");

                Msg Message = new Msg("Success.");
                return Json(new { Message = Message });
            }
            return BadRequest("User not found!");
        }

        [Route("RemindPassword")]
        [System.Web.Http.HttpPost]
        public async Task<IHttpActionResult> RemindPassword(UserRemindPasswordModel model)
        {
            if (AuthChecker.checkAuthKey(Request.Headers.GetValues("authKey").FirstOrDefault()) == false)
                return BadRequest("Access denied!");

            if (!ModelState.IsValid)
                return BadRequest(ModelState);

            var userQuery = await db.users.Where(x => x.user_email.Trim() == model.User.user_email.Trim()).FirstOrDefaultAsync();
            if (userQuery != null)
            {
                string title = "CustomerMarket Account Recovery";
                string newPassword = RandomGenerator.generateRandomPassword(8);

                StringBuilder msg = new StringBuilder();
                msg.AppendLine(String.Format("Hello, {0}", model.User.user_email));
                msg.AppendLine();
                msg.AppendLine(String.Format("Your new Account Password is: {0}", newPassword));
                msg.AppendLine();
                msg.AppendLine(String.Format("The CustomerMarket Support Team"));

                if (EmailSender.sendEmail(title, msg.ToString(), model.User.user_email.Trim()) == true)
                {
                    userQuery.user_password = newPassword.Trim();
                    await db.SaveChangesAsync();

                    if (db.users.Where(x => x.user_email == model.User.user_email && x.user_password == newPassword).FirstOrDefault() == null)
                        return BadRequest("Password doesn't changed.");

                    Msg Message = new Msg(String.Format("New password will be sent on email: {0}", model.User.user_email.Trim()));
                    return Json(new { Message = Message });
                }
                return BadRequest("Unexpected error, password is not reseted.");
            }
            return BadRequest(String.Format("User with email: {0} is not found.", model.User.user_email.Trim()));
        }
    }
}