Learn how to build a registration route that allows a user to create a new account in the API by sending a POST request.
- [Instructor] Instead of having an out-of-band registration process, let's model registering for the API as simply posting a form to the user's endpoint. I've added a form model called register form to the models folder. You can find it in the exercise files for this course. The registration form takes an email, a password, first name, and last name. We'll let asp.net core validate the parameters for us, using the data annotations on the model. Then we'll create a new user in the system with these values. We need to add a method to the user service to save the user to the database.
First, we'll open the interface I user service. I'll use the keyboard shortcut control + comment to open the file quickly in Visual Studio. We'll create a new method that returns a task called create user async. This will take a register form. We need to return two things from this method. Whether the operation succeeded and also any error messages. We can take advantage of a new feature in C sharp seven and return it a named tuple. So we can return bool succeeded and string error message, if any.
We'll just call it error. I added the value tuple nougat package to this project in order to use this feature. If you aren't using C sharp seven yet, you could just create a simple class to hold these values. In the default user service, we need to implement this method. I'll let Visual Studio create a stub for me. First we need to create an entity object for our new user. We'll create a new user entity... With the email from the form, and the username from the form as well.
If you want your users to have a separate username from their email address, in your API, you could implement that here. We'll over the first name and last name. And set a created at time stamp. Now we use the user manager to create this user in the database. We'll await the unsermanager.create method. We'll pass in the new entity and the password supplied from the form. Now we can check to see if it was successful.
If it was not successful, will return an error message. We'll pull the first error out of the result. And return it in the tuple with false for succeeded. We need to update the method to be async because of the await call. If the operation was successful, we'll simply return true and no error message. Let's now go to the user's controller. The controller will be responsible for validating the model and then passing the form data to the service.
We'll add a new method here to handle the post verb. We'll mark it as httpPost. We'll name this method register user async. This method will accept a register form from the body of the request. And a cancellation token. First, we can make sure the model state is valid. If not, we'll return bad request. Now we can call our new create user async method on the user service.
We'll deconstruct the tuple that comes back by saying var succeeded... Comma error equals await. UserService.createuserasync and pass the form. Now succeeded with be a boolean and error will be a string. If we succeeded, then there's nothing left to do. We can simply return status code 201. And we're done. Later we can add a link to a route where the user can get details about themselves. If the operation failed for some reason, we'll return an error back to the client.
The message will be registration failed. And for the detail, we'll pull the message that we got back from the user service. Alright, let's compile and run this and then try it in Postman. I've built a request here that posts to the user's route and includes this post body. To create an account for myself in the API, I'll try sending this request. I get an error message back with some details saying I need to have at least one uppercase letter in my password. So we know the validation is working correctly.
Let's try again. This time I get 201 created back, so I've created an account in the API. We've successfully added a registration route to the API. But right now, users can't really do anything after they sign up. We need to add a token route so users can exchange their credentials for an access token.
- REST vs. RPC
- Using HTTP methods (aka verbs)
- Returning JSON
- Creating a new API project
- Building a root controller
- Routing to controllers with templates
- Requiring HTTPS for security
- Creating resources and data models
- Returning data and resources from a controller
- Representing links (HREFs)
- Representing collections
- Sorting and searching collections
- Creating forms
- Caching and compression
- Authentication and authorization for RESTful APIs