I'm working on a api for my college assignment where me and two of my friends have to make a rather complex app. I know that there are a lot of things that can be done better, but it's not the point of the question. I have the following code for registering a new user:
app.MapPost("/register", async (RegistrationInput inp, ThreeMoronsContext db) =>
{
var HashingResult = PasswordMegaHasher.HashPass(inp.password);
try
{
User UserToRegister = new()
{
Id = Guid.NewGuid(),
Login = inp.login,
Password = HashingResult.hashpass,
Salt = HashingResult.salt.ToString(),
Name = inp.name,
Surname = inp.surname,
Patronymic = inp.patronymic,
UserClassId = inp.UserClassId
};
await db.Users.AddAsync(UserToRegister);
//await db.SaveChangesAsync();
return Results.Ok(UserToRegister);
}
catch (Exception exc)
{
return TypedResults.BadRequest(exc.Message);
}
});
ThreeMoronsContext is the DbContext that comes from EntityFrameworkCore. The RegistrationInput is:
public record RegistrationInput(string login, string password, string name, string surname, string patronymic, int UserClassId)
I want to apply some validation to RegistrationInput, so that for example Login is between 5 and 20 characters long, the Name only cointains cyrillic letters and so on. I've tried applying [StringLength] and [RegularExpression], but i feel like i completely missunderstood the purpose of such attributes, since when i tried, for example, this input:
"login": "s",
"password": "hashme123",
"name": "123",
"surname": "s",
"patronymic": "ss",
"UserClassId": 1
i got a 200 response with a new user being being created:
{
"id": "caf3796e-ba8d-4583-8c43-e69020a03353",
"name": "123",
"surname": "s",
"patronymic": "ss",
"login": "s",
"password": "q6anLJxltC2Wf7443xRjwbOxCLZ5SXT9LdtSDOVceRk=",
"userClassId": 1,
"groups": [],
"userClass": null,
"salt": "System.Byte[]"
}
What should i do to apply validation to data coming from request body?
Follow my code :-
RegistrationInput.cs file (Model):-
Controller :-