380 lines
15 KiB
C#
380 lines
15 KiB
C#
using DevExpress.Office.Crypto;
|
||
using DevExpress.Xpo.DB;
|
||
using DevExpress.XtraPrinting;
|
||
using Microsoft.AspNetCore.Authorization;
|
||
using Microsoft.AspNetCore.Identity;
|
||
using Microsoft.AspNetCore.Mvc;
|
||
using Newtonsoft.Json.Linq;
|
||
using Microsoft.IdentityModel.Tokens;
|
||
using System.IdentityModel.Tokens.Jwt;
|
||
using System.Security.Claims;
|
||
using System.Security.Cryptography;
|
||
using System.Text.Json;
|
||
using TIAMWebApp.Shared.Application.Models;
|
||
using TIAMWebApp.Shared.Application.Models.PageModels;
|
||
using TIAMWebApp.Server.Models;
|
||
using System.Text;
|
||
using AyCode.Core.Logger;
|
||
using Microsoft.AspNetCore.Hosting;
|
||
using Microsoft.EntityFrameworkCore;
|
||
using TIAM.Database.DataLayers.Users;
|
||
using TIAM.Entities.Users;
|
||
using TIAM.Models.Dtos.Users;
|
||
using TIAMWebApp.Server.ModelsTIAMWebApp.Shared.Application.Models;
|
||
using TIAMWebApp.Shared.Application.Utility;
|
||
using TIAM.Database.DataLayers.Admins;
|
||
using System;
|
||
using AyCode.Core.Consts;
|
||
using AyCode.Core.Helpers;
|
||
using TIAM.Entities.Profiles;
|
||
using TIAM.Entities.Addresses;
|
||
using TIAM.Services.Server.Logins;
|
||
|
||
namespace TIAMWebApp.Server.Controllers
|
||
{
|
||
[Authorize]
|
||
[ApiController]
|
||
[Route("api/v1/[controller]")]
|
||
public class UserAPIController : ControllerBase
|
||
{
|
||
private LoginService _loginService;
|
||
private UserDal _userDal;
|
||
private AdminDal _adminDal;
|
||
private readonly IConfiguration _configuration;
|
||
private readonly IWebHostEnvironment _webHostEnvironment;
|
||
//readonly PasswordHasher _hasher = new();
|
||
|
||
|
||
/*private UserModel[] users = new UserModel[]
|
||
{
|
||
new UserModel(new Guid("540271f6-c604-4c16-8160-d5a7cafedf00"), "test@tiam.hu", "+36701234567", "Asdasd123456"),
|
||
new UserModel(new Guid("4cbaed43-2465-4d99-84f1-c8bc6b7025f7"), "adam@tiam.hu", "+36701234567", "Asdasd987654")
|
||
|
||
};*/
|
||
|
||
private readonly ILogger<UserAPIController> _logger;
|
||
|
||
public UserAPIController(ILogger<UserAPIController> logger, IConfiguration configuration, IWebHostEnvironment webHostEnvironment, UserDal userDal, AdminDal adminDal)
|
||
{
|
||
_logger = logger;
|
||
_configuration = configuration;
|
||
_webHostEnvironment = webHostEnvironment;
|
||
_userDal = userDal;
|
||
_adminDal = adminDal;
|
||
|
||
_loginService = new LoginService(_userDal, _configuration);
|
||
}
|
||
|
||
|
||
[AllowAnonymous]
|
||
[HttpPost]
|
||
[Route(APIUrls.LogoutUserRouteName)]
|
||
public IActionResult LogoutUser()
|
||
{
|
||
_loginService.Logout();
|
||
|
||
//TODO: Implement<6E>lni a Logout-ot kliens <20>s szerver oldalon is! - J.
|
||
return new RedirectToActionResult(APIUrls.BaseUrlWithSlashAndVersion, null, null);
|
||
}
|
||
|
||
[AllowAnonymous]
|
||
[HttpPost]
|
||
[Route(APIUrls.AuthenticateUserRouteName)]
|
||
public async Task<IActionResult> AuthenticateUser([FromBody] JsonElement serializedLoginModel)
|
||
{
|
||
Console.WriteLine(@"AuthenticateUser called");
|
||
var authenticateUser = JObject.Parse(serializedLoginModel.GetRawText()).ToObject<LoginModel>();
|
||
|
||
if (authenticateUser == null) throw new NullReferenceException("authenticateUser == null");
|
||
|
||
Console.WriteLine(authenticateUser.Email);
|
||
|
||
var loggedInModel = _loginService.Login(authenticateUser.Email, authenticateUser.Password);
|
||
if (loggedInModel.IsLoggedIn)
|
||
{
|
||
var response = new MainResponse
|
||
{
|
||
Content = new AuthenticationResponse
|
||
{
|
||
RefreshToken = loggedInModel.LoggedInUser.RefreshToken,
|
||
AccessToken = loggedInModel.AccessToken
|
||
},
|
||
|
||
IsSuccess = true,
|
||
ErrorMessage = ""
|
||
};
|
||
|
||
return Ok(response);
|
||
}
|
||
|
||
Console.WriteLine(@"User not valid! errorCode: " + loggedInModel.LoginErrorCode);
|
||
return Unauthorized();
|
||
}
|
||
|
||
[AllowAnonymous]
|
||
[HttpPost]
|
||
[Route(APIUrls.RefreshTokenRouteName)]
|
||
public async Task<IActionResult> RefreshToken(RefreshTokenRequest? refreshTokenRequest)
|
||
{
|
||
Console.WriteLine(@"RefreshToken called");
|
||
|
||
var response = new MainResponse();
|
||
if (refreshTokenRequest is null)
|
||
{
|
||
Console.WriteLine(@"RefreshTokenRequest is null");
|
||
response.ErrorMessage = "Invalid request";
|
||
return BadRequest(response);
|
||
}
|
||
|
||
var principal = _loginService.GetPrincipalFromExpiredToken(refreshTokenRequest.AccessToken);
|
||
|
||
if (principal != null)
|
||
{
|
||
Console.WriteLine(@"Principal is not null");
|
||
var email = principal.Claims.FirstOrDefault(f => f.Type == ClaimTypes.Email);
|
||
|
||
//var userModel = await _userManager.FindByEmailAsync(email?.Value);
|
||
//UserModel? user = users.FirstOrDefault(x => x.Email == email?.Value);
|
||
User? dbUser = null;
|
||
|
||
if (email != null)
|
||
{
|
||
//get user from db
|
||
dbUser = await _userDal.GetUserByEmailAsync(email.Value, true);
|
||
Console.WriteLine($@"DbUser email: {dbUser?.EmailAddress}");
|
||
}
|
||
|
||
//mocking - update userModel with new refreshToken so it returns true after the check below
|
||
//dbUser.RefreshToken = refreshTokenRequest.RefreshToken;
|
||
|
||
if (dbUser is null || dbUser.RefreshToken != refreshTokenRequest.RefreshToken)
|
||
{
|
||
response.ErrorMessage = "Invalid Request";
|
||
Console.WriteLine($@"{dbUser?.RefreshToken}, {refreshTokenRequest.RefreshToken}");
|
||
return BadRequest(response);
|
||
}
|
||
|
||
var newAccessToken = _loginService.GenerateAccessToken(dbUser);
|
||
var refreshToken = _loginService.GenerateRefreshToken();
|
||
|
||
//mocking - update userModel with new refreshToken
|
||
dbUser.RefreshToken = refreshToken;
|
||
//TODO await _userManager.UpdateAsync(userModel);
|
||
await _userDal.UpdateJwtRefreshTokenAsync(dbUser.EmailAddress, dbUser.RefreshToken);
|
||
|
||
response.IsSuccess = true;
|
||
response.Content = new AuthenticationResponse
|
||
{
|
||
RefreshToken = refreshToken,
|
||
AccessToken = newAccessToken
|
||
};
|
||
|
||
return Ok(response);
|
||
}
|
||
|
||
Console.WriteLine(@"Principal is null");
|
||
return NotFound("Invalid Token Found");
|
||
}
|
||
|
||
[AllowAnonymous]
|
||
[HttpPost]
|
||
[Route("CreateUser")]
|
||
public async Task<IActionResult> CreateUser([FromBody] JsonElement serializedRegistrationModel)
|
||
{
|
||
Console.WriteLine(@"CreateUser called");
|
||
|
||
if (string.IsNullOrEmpty(serializedRegistrationModel.GetRawText()))
|
||
{
|
||
return BadRequest("SerializedLoginModel is required");
|
||
}
|
||
else
|
||
{
|
||
var user = JObject.Parse(serializedRegistrationModel.GetRawText()).ToObject<RegistrationModel>();
|
||
|
||
if (user != null)
|
||
{
|
||
//add userModel to users array
|
||
//Array.Resize(ref users, users.Length + 1);
|
||
//users[users.Length - 1] = new UserModel(user.Email, user.PhoneNumber, user.Password);
|
||
|
||
|
||
var userId = Guid.NewGuid();
|
||
var email = user?.Email;
|
||
var phoneNumber = user?.PhoneNumber;
|
||
var password = user?.Password;
|
||
|
||
if (email is null || phoneNumber is null || password is null)
|
||
{
|
||
return BadRequest("Invalid request");
|
||
}
|
||
else
|
||
{
|
||
Console.WriteLine($@"User to be created: {userId}");
|
||
Console.WriteLine($@"User to be created: {email}");
|
||
Console.WriteLine($@"User to be created: {phoneNumber}");
|
||
Console.WriteLine($@"User to be created: {password}");
|
||
|
||
await _userDal.CreateUserAsync(new User(userId, email, phoneNumber, password));
|
||
}
|
||
}
|
||
|
||
return Ok("yes");
|
||
}
|
||
}
|
||
|
||
[AllowAnonymous]
|
||
[HttpPost]
|
||
[Route(APIUrls.UpdateUser)]
|
||
public async Task<IActionResult> UpdateUser([FromBody] JsonElement SerializedUserModel)
|
||
{
|
||
Console.WriteLine("UpdateUser called");
|
||
|
||
if (string.IsNullOrEmpty(SerializedUserModel.GetRawText()))
|
||
{
|
||
return BadRequest("SerializedUserModel is required");
|
||
}
|
||
else
|
||
{
|
||
var user = JObject.Parse(SerializedUserModel.GetRawText()).ToObject<UserModelDtoDetail>();
|
||
|
||
if (user != null)
|
||
{
|
||
var userId = user.Id;
|
||
var email = user.UserDto.EmailAddress;
|
||
var phoneNumber = user.UserDto.PhoneNumber;
|
||
|
||
if (email is null || phoneNumber is null)
|
||
{
|
||
return BadRequest("Invalid request");
|
||
}
|
||
else
|
||
{
|
||
Console.WriteLine($"User to be updated: {userId}");
|
||
Console.WriteLine($"User to be updated: {email}");
|
||
Console.WriteLine($"User to be updated: {phoneNumber}");
|
||
|
||
await _userDal.UpdateUserAsync(new User(userId, email, phoneNumber));
|
||
}
|
||
}
|
||
|
||
return Ok("yes");
|
||
}
|
||
}
|
||
|
||
|
||
[AllowAnonymous]
|
||
[HttpPost]
|
||
[Route(APIUrls.CreateGuestUserRouteName)]
|
||
public async Task<IActionResult> CreateGuestUser([FromBody] JsonElement SerializedRegistrationModel)
|
||
{
|
||
Console.WriteLine(@"CreateGuestUser called");
|
||
var result = false;
|
||
UserModelDtoDetail? guestUser = null;
|
||
|
||
if (string.IsNullOrEmpty(SerializedRegistrationModel.GetRawText()))
|
||
{
|
||
return BadRequest("SerializedLoginModel is required");
|
||
}
|
||
else
|
||
{
|
||
var user = JObject.Parse(SerializedRegistrationModel.GetRawText()).ToObject<RegistrationModel>();
|
||
|
||
if (user != null)
|
||
{
|
||
var random = new Random();
|
||
var chars = "1234567890";
|
||
var nameExtension = new string(Enumerable.Repeat(chars, 10)
|
||
.Select(s => s[random.Next(s.Length)]).ToArray());
|
||
|
||
|
||
var userId = Guid.NewGuid();
|
||
var email = user?.Email;
|
||
var phoneNumber = user?.PhoneNumber;
|
||
var password = user?.Password;
|
||
var referralId = user?.ReferralId;
|
||
|
||
if (email is null || phoneNumber is null || password is null)
|
||
{
|
||
return BadRequest("Invalid request");
|
||
}
|
||
else
|
||
{
|
||
Console.WriteLine($@"User to be created: {userId}");
|
||
Console.WriteLine($@"User to be created: {email}");
|
||
Console.WriteLine($@"User to be created: {phoneNumber}");
|
||
Console.WriteLine($@"User to be created: {password}");
|
||
User userToCreate = new(userId, email, phoneNumber, password);
|
||
userToCreate.ProfileId = Guid.NewGuid();
|
||
|
||
userToCreate.Profile = new Profile();
|
||
userToCreate.Profile.Id = userToCreate.ProfileId;
|
||
userToCreate.Profile.Name = "Guest - " + nameExtension;
|
||
userToCreate.RefferalId = referralId;
|
||
userToCreate.Profile.AddressId = Guid.NewGuid();
|
||
|
||
//Random rnd = new Random();
|
||
userToCreate.Profile.Address = new Address();
|
||
userToCreate.Profile.Address.Id = userToCreate.Profile.AddressId;
|
||
userToCreate.Profile.Address.AddressText = null;
|
||
userToCreate.Profile.Address.Latitude = null; //Math.Round(90 + rnd.NextDouble(), 8);
|
||
userToCreate.Profile.Address.Longitude = null; //Math.Round(180 + rnd.NextDouble(), 8);
|
||
result = await _userDal.AddUserAsync(userToCreate);
|
||
guestUser = await _userDal.GetUserModelDtoByIdAsync<UserModelDtoDetail>(userId, false);
|
||
}
|
||
}
|
||
|
||
return Ok(guestUser);
|
||
}
|
||
}
|
||
|
||
[AllowAnonymous]
|
||
[HttpGet]
|
||
[Route("GetUsers")]
|
||
public Task<List<UserModelDto>> GetUsers()
|
||
{
|
||
//var users = await _userDal.Ctx.Users.ToListAsync();//.GetUsersAsync();
|
||
//return users;
|
||
return _userDal.GetAllUserModelDtoAsync<UserModelDto>();
|
||
}
|
||
|
||
[AllowAnonymous]
|
||
[HttpGet]
|
||
[Route(APIUrls.GetUsersWithDetailsRouteName)]
|
||
public Task<List<UserModelDtoDetail>> GetUsersWithDetails()
|
||
{
|
||
Console.WriteLine("GetUsersWithDetails called");
|
||
//var users = await _userDal.Ctx.Users.ToListAsync();//.GetUsersAsync();
|
||
//return users;
|
||
return _userDal.GetAllUserModelDtoAsync<UserModelDtoDetail>();
|
||
}
|
||
|
||
[AllowAnonymous]
|
||
[HttpPost]
|
||
[Route("GetUserByEmail")]
|
||
public Task<UserModelDto?> GetUserByEmail(string email)
|
||
{
|
||
Logger.Info($"GetUserByEmail called with email: {email}");
|
||
Console.WriteLine($@"GetUserByEmail called with email: {email}");
|
||
|
||
return _userDal.GetUserModelDtoByEmailAsync<UserModelDto>(email, false);
|
||
}
|
||
|
||
[AllowAnonymous]
|
||
[HttpPost]
|
||
[Route("GetUserById")]
|
||
public Task<UserModelDto?> GetUserById([FromBody] Guid id)
|
||
{
|
||
Logger.Info($"GetUserById called with id: {id}");
|
||
return _userDal.GetUserModelDtoByIdAsync<UserModelDto>(id, true);
|
||
}
|
||
|
||
[AllowAnonymous]
|
||
[HttpPost]
|
||
[Route("GetUserDetailById")]
|
||
public Task<UserModelDtoDetail?> GetUserDetailById([FromBody] Guid id)
|
||
{
|
||
Logger.Info($"GetUserDetailById called with id: {id}");
|
||
return _userDal.GetUserModelDtoByIdAsync<UserModelDtoDetail>(id, true);
|
||
}
|
||
}
|
||
} |