UserManagementAPI/Program.cs at main · avish0694/UserManagementAPI · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
using System.ComponentModel.DataAnnotations;

var builder = WebApplication.CreateBuilder(args);

// Add services to the container.
// Learn more about configuring OpenAPI at https://aka.ms/aspnet/openapi
builder.Services.AddOpenApi();

var app = builder.Build();

// Configure the HTTP request pipeline.
if (app.Environment.IsDevelopment())
{
    app.MapOpenApi();
}

app.UseHttpsRedirection();

var users = new List<User>
{
    new User { Id = 1, Name = "Alice", Email = "alice@example.com", Password = "password123" },
    new User { Id = 2, Name = "Bob", Email = "bob@example.com", Password = "password456" }
};

var authenticatedUsers = new Dictionary<string, int>();


// Get all users (only accessible if authenticated)
app.MapGet("/users", (HttpContext httpContext) =>
{
    if (!IsAuthenticated(httpContext)) return Results.Unauthorized();
    return Results.Ok(users);
});

// Get User by id
app.MapGet("/users/{id}", (int id) =>
{
    var user = users.FirstOrDefault(u => u.Id == id);
    return user is not null ? Results.Ok(user) : Results.NotFound();
});

// Add a user
app.MapPost("/users", (User user) =>
{
    var validationContext = new ValidationContext(user);
    var validationResults = new List<ValidationResult>();

    if (!Validator.TryValidateObject(user, validationContext, validationResults, true))
    {
        return Results.ValidationProblem(validationResults.ToDictionary(
            v => v.MemberNames.FirstOrDefault() ?? "Error",
            v => new[] { v.ErrorMessage! }
        ));
    }

    user.Id = users.Count > 0 ? users.Max(u => u.Id) + 1 : 1;
    users.Add(user);
    return Results.Created($"/users/{user.Id}", user);
});

// Update a user

app.MapPut("/users/{id}", (int id, User updatedUser) =>
{
    var user = users.FirstOrDefault(u => u.Id == id);
    if (user is null) return Results.NotFound();

    user.Name = updatedUser.Name;
    user.Email = updatedUser.Email;
    return Results.Ok(user);
});

// Delete a user

app.MapDelete("/users/{id}", (int id) =>
{
    var user = users.FirstOrDefault(u => u.Id == id);
    if (user is null) return Results.NotFound();

    users.Remove(user);
    return Results.NoContent();
});


// Login endpoint (authenticate user)
app.MapPost("/login", (LoginRequest request) =>
{
    var user = users.FirstOrDefault(u => u.Email == request.Email && u.Password == request.Password);

    if (user == null)
    {
        return Results.Unauthorized();
    }

    // Store userId in the session for future requests
    var sessionKey = Guid.NewGuid().ToString();  // Generate a unique session key
    authenticatedUsers[sessionKey] = user.Id;

    return Results.Ok(new { Message = "Login successful", SessionKey = sessionKey });
});

// Simple Logout (invalidate session)
app.MapPost("/logout", (HttpContext httpContext) =>
{
    var sessionKey = httpContext.Request.Headers["SessionKey"].ToString();
    if (authenticatedUsers.ContainsKey(sessionKey))
    {
        authenticatedUsers.Remove(sessionKey);
        return Results.Ok(new { Message = "Logged out successfully." });
    }

    return Results.Unauthorized();
});

app.Run();

// Check if the user is authenticated by the session key
bool IsAuthenticated(HttpContext httpContext)
{
    var sessionKey = httpContext.Request.Headers["SessionKey"].ToString();
    return authenticatedUsers.ContainsKey(sessionKey);
}


public class User
{
    public int Id { get; set; }

    [Required(ErrorMessage = "Name is required.")]
    [MinLength(3, ErrorMessage = "Name must be at least 3 characters long.")]
    [MaxLength(50, ErrorMessage = "Name cannot be longer than 50 characters.")]
    public string Name { get; set; }

    [Required(ErrorMessage = "Email is required.")]
    [EmailAddress(ErrorMessage = "Invalid email format.")]
    public string Email { get; set; }

    [Required(ErrorMessage = "Password is required.")]
    public string Password { get; set; }
}

// Login request model
public class LoginRequest
{
    [Required]
    [EmailAddress]
    public string Email { get; set; }

    [Required]
    public string Password { get; set; }
}