Added a security features so you can not longer create a Admin account.

b0f0b1e2 · Kacper Kelner · 69b1b694 · b0f0b1e2
Commit b0f0b1e2 authored 5 days ago by Kacper Kelner
--- a/Controllers/AuthController.cs
+++ b/Controllers/AuthController.cs
@@ -6,6 +6,8 @@ using Microsoft.IdentityModel.Tokens;
 using System.IdentityModel.Tokens.Jwt;
 using System.Security.Claims;
 using System.Text;
+using System.IO.Compression;
+using ZiggyCreatures.Caching.Fusion.Events;

 namespace assignment1.Controllers
 {
@@ -31,12 +33,22 @@ namespace assignment1.Controllers
                Email = model.Email
            };

-            var result = await _userManager.CreateAsync(user, model.Password);
+            if (model.Role != "Admin"){
+                var result = await _userManager.CreateAsync(user, model.Password);
            if (!result.Succeeded)
+            
                return BadRequest(result.Errors);

            await _userManager.AddToRoleAsync(user, model.Role);
            return Ok("User created!");
+            }
+            else
+            {
+                return BadRequest("You cannot register as an admin. Please contact the administrator.");
+            }
+                
+                
+        ;
        }

        [HttpPost("login")]