func (api *Api) CreateUser(w rest.ResponseWriter, r *rest.Request) {
user := common.User{}
r.DecodeJsonPayload(&user)
for _, name := range api.Config.ProhibitedNames {
if user.Name == name {
rest.Error(w, "Invalid user name", 400)
return
}
}
if strings.TrimSpace(user.Name) == "" {
rest.Error(w, "Username is empty", 400)
return
}
if len(strings.TrimSpace(user.Password)) <= api.Config.PasswordMinLength {
rest.Error(w, "Password is too short", 400)
return
}
if api.DB.Where("name = ?", user.Name).First(&user).RecordNotFound() {
user.Id = 0
hash := api.GetPasswordHash(user.Name, user.Password)
user.Password = hex.EncodeToString(hash)
api.DB.Save(&user)
user.Password = ""
w.WriteJson(user)
return
}
rest.Error(w, "User with the same name already exists", 400)
}
