Creating Users Controller

[00:00 - 00:14] Now let's create users controller so that our frontend can create and get users . So inside controllers, we will create a new class and we will call it users controller.

[00:15 - 00:28] Like always, let's derive it from the base controller. And let's create a new constructor where we'll inject the user manager.

[00:29 - 00:48] Let's mention the user manager with type user and let's call it simply user manager. Now we will import user manager from ASP net core identity and user using entity.

[00:49 - 00:57] Now let's initialize the field from parameter. We will interact with the database with the help of the user manager.

[00:58 - 01:08] It will help us verifying the password or checking if the user exists or creating a new user. Also, we don't have to use the save changes async method with the user manager.

[01:09 - 01:13] It handles it automatically behind the scenes. So let's start implementing the API now.

[01:14 - 01:26] Let's start with the login endpoint. So what I'll do is here I'll mention HTTP post and let's call it login.

[01:27 - 01:44] So this we will write public async task which will return action result of type user. And let's call this method login.

[01:45 - 02:01] First of all, let's import HTTP post using Microsoft ASP net core dot MVC and action result using system dot threading dot tasks. Now rather than hard coding the required parameters, let's create a login class inside the dto folder.

[02:02 - 02:13] So here let's create a new class and we will call it login dto. We just need the email of type string and a password of type string as well.

[02:14 - 02:32] So let's write prop string email and same for the password. And here we can mention our login dto.

[02:33 - 02:39] And let's name it login dto. Let's import it using API dot dto.

[02:40 - 02:50] Since we are going to pass user information inside body, we don't have to explicit mention body here. Like we would do if we were expecting the data from the query.

[02:51 - 03:14] Now let's go inside and first of all, we will check if the user already exists. So let's write wah user and await user manager dot find by email async and here we will pass login dto.email.

[03:15 - 03:20] Now if the user exists, it will give us the user. If not, it will return null.

[03:21 - 03:44] Now we can check if the user is null or the password is incorrect. So let me write if user is equal to null or for checking the password, we can use await user manager dot check password async.

[03:45 - 04:09] Which takes user as a first parameter and password as a second one, which is inside login dto dot password. Now if any of them is true, which means if the user does not exist or the password is incorrect, we can return unauthorized with the API response, which we created.

[04:10 - 04:21] Let's pass 401 status code, which stands for unauthorized. Let's import API response from API dot error response.

[04:22 - 04:29] Now if everything is correct, we can simply return the user. Let's write the register method now.

[04:30 - 04:50] So here let's write http post and let's call this method register. Below that we will write let's go on top of it.

[04:51 - 05:11] Click async task of action result of type user. Let's call it register as parameters we need to pass username, email and the password.

[05:12 - 05:18] We can create a new dto class called register dto. They already have email and password inside login dto.

[05:19 - 05:39] So what we can do is we can derive it from the login dto and additionally mention the username property there. So inside dto, let me create another class with name register dto and we will derive it from login dto, which has the email and the password.

[05:40 - 05:54] And here we will simply mention the username. Coming back to the user's controller, we can mention register dto with the name register dto.

[05:55 - 05:57] Simple. And let me tell you one thing.

[05:58 - 06:06] The username inside identity should be unique. If the user with the same username already exists, it will throw an error.

[06:07 - 06:18] So let's stick to it for now. Coming back to the user's controller, they have passed register dto as a parameter and inside they will again create a user variable.

[06:19 - 06:40] So user and let's write new user with username as register dto.use name and email as register dto.email. Now we can try creating the user.

[06:41 - 06:59] So what we can do is write var result and await user manager dot create async. It will take a user and the password which is inside register dto.password.

[07:00 - 07:09] When the user is successfully created, the result will have a succeeded property. If it is false, we know that something is wrong.

[07:10 - 07:16] Now we have a lot of ways to catch errors. So what we can do is let's check if it's not succeeded.

[07:17 - 07:25] So I will write result dot succeeded. So I'm using a bang operator which checks if it's not succeeding.

[07:26 - 07:39] In this case, result will give us an array of errors and we can simply loop over them. So I will use for each and let's call the individual error simply error.

[07:40 - 07:53] And since yeah, looping over result dot errors, I will mention it here. And to catch the errors, I will store it inside model state dot add model error .

[07:54 - 08:14] It takes two arguments, the error code and the description. So the first one will be error dot code and the second one will be error dot description and finally, we will return all the errors with the help of the validation problem.

[08:15 - 08:27] So here I will write return validation problem. If the result is succeeded, I can add a role to it.

[08:28 - 08:41] So await user manager dot add to role async. I will pass the user and the role which is going to be student.

[08:42 - 08:51] Now we can finally return the user. Now in the next lesson, we will check if it is working correctly.

[08:52 - 08:52] So I'll see you in the next one.