Learn how to build a registration route that allows a user to create a new account in the API by sending a POST request.
- [Instructor] Let's make it possible for a user to register for the API by simply posting a form to the user's endpoint. I've added a form model called Registerform to the model's folder. You can find it in the exercise files This registration form takes an email, a password, and the user's first and last names. We'll let ASP.NET Core validate these parameters for us, and then create a new user in the system with these values. We need to add a method to the user service to save that user to the database.
I'll start in the interface Iuserservice. I'll say Task Create/UserAsync which takes a register form. We can take advantage of a cool feature in C# 7, and return a named tuple here. So this will be a task of parens, bool succeeded, string error message.
If you aren't using C# 7 in your project, you could just a simple class to hold these values instead. Now over in the default user service, I'll implement that method as a stub, and make this async. Bring this down here. There we go. Now we need to build up a user entity. I'll do var entity = new UserEntity, and we'll copy the email and the form, copy the user name.
We'll say that that's the form email as well, first name and last name, also do created at. We'll set that to right now. Then we'll save the user using the user manager. Say await userManager.CreateAsync. Create this entity and the password that was given to us in the form. If for some reason, this didn't work, if it failed, we'll pull out an error.
We'll say firstError = result.Errors .FirstOrDefault.Description. We'll return succeeded false and the error message. Otherwise, we'll just return true we succeeded, and no error message. The user's controller will be responsible for validating this form model, and then passing it down into the service code. Let's go over to the user's controller, and we'll build a new route.
We'll maybe put it at the bottom. We'll say that this is public async Task of IactionResult, at least for now. We'll call this RegisterUser. The parameter here is going to be FromBody, a RegisterForm called form. Now we'll mark this as HttpPost. We'll give it a name. It's the name of RegisterUser. This is gonna be POST to /users.
ASP.NET Core will automatically validate the register form parameters for us, and that may produce a 400, so we'll say this could produce a response type of 400, and in here, all we need to do is do var succeeded and message. We'll use this to call userService.CreateUserAsync given this form. If we succeeded, if we got back a true response, then we'll just return created or 201.
We need a link to the new resource, but we don't have that quite yet, so we'll just say todo and no object to return, add a todo here we need to link. We haven't built what we call a user info route yet, but we'll do that a little bit later. Just make a note that we need to do that. If, for some reason, we didn't succeed, then we'll fall down into this next line which will return a bad request response, and the API error will return as just registration failed.
So this could also return or produce a response code of 201 which is created. All right, let's switch over to post man and try this out by creating a user. I'll do /users and we'll make this a post. I want this to be a JSON post. Let's create a test user for me. Let's say first name is Nate. Last name is Barbettini.
Email in this system is gonna be, let's says it's firstname.lastname@example.org, and my password, which I do not use in real life is notsecure123?. Okay, let's try this out. You get an error back saying that passwords must have one uppercase letter. This is ASP.NET Core identity enforcing a default set of password constraints, which you can customize if you want. In my case, I'll switch this to uppercase, and then let's see what happens now.
Now we get 201 created. That means I did register successfully in the API. I get a location back which is just to do. We'll have to make sure we fix that in a little bit. For now though, if I switch this over to a get, let's try a get request, I should see both users in the database, both the admin and my account. So far, we've added a registration route to the API, but users can't really do anything after they sign up. We need to add a token route so that users can exchange their credentials for an access token.
- What is RESTful design?
- Building a new API with ASP.NET Core
- Using HTTP methods
- Returning JSON
- Creating RESTful routing with templates
- Securing RESTful APIs with HTTPS
- Representing resources
- Representing links
- Representing collections
- Sorting and searching collections
- Building forms
- Adding caching to an ASP.NET Core API
- Configuring user authentication and authorization