using System; using System.Collections.Generic; using System.IdentityModel.Tokens.Jwt; using System.Linq; using System.Security.Claims; using System.Text; using System.Threading.Tasks; using AutoMapper; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Microsoft.Extensions.Options; using Microsoft.IdentityModel.Tokens; using UnivateProperties_API.Containers.Users; using UnivateProperties_API.Helpers; using UnivateProperties_API.Model.Users; using UnivateProperties_API.Repository; using UnivateProperties_API.Repository.Users; using System.Net.Http; using System.Net; using System.Web.Http; namespace UnivateProperties_API.Controllers.Users { [Route("api/[controller]")] [ApiController] public class RegisterController : ControllerBase { private readonly IRegisterRepository _Repo; private IMapper _mapper; private readonly AppSettings _appSettings; public RegisterController(IRegisterRepository repo, IMapper mapper, IOptions appSettings) { _Repo = repo; _mapper = mapper; _appSettings = appSettings.Value; } //Works [AllowAnonymous] [HttpPost("authenticate")] public IActionResult Authenticate([FromBody]UserDto userDto) { var user = _Repo.Authenticate(userDto.Username, userDto.Password); //HttpResponseMessage response = Request.CreateResponse(HttpStatusCode.Unauthorized, "value"); if (user == null) return BadRequest(new { message = "Username or password is incorrect" }); var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_appSettings.Secret); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Name, user.Id.ToString()), //new Claim(ClaimTypes.Role, user.Role) }), Expires = DateTime.UtcNow.AddMinutes(15), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); var tokenString = tokenHandler.WriteToken(token); // return basic user info (without password) and token to store client side return Ok(new { user.Id, user.Username, Token = tokenString }); } //Writes to DB [AllowAnonymous] [HttpPost("register")] public IActionResult Register([FromBody]UserDto individual) { _mapper.Map(individual); try { _Repo.CreatePerson(individual, PersonType.Individual, true, null); return Ok(); } catch (AppException ex) { return BadRequest(new { messge = ex.Message }); } } //Writes to DB [AllowAnonymous] [HttpPost("registeragency")] public IActionResult RegisterAgency([FromBody]AgencyDto agency) { // map dto to entity _mapper.Map(agency); try { // save _Repo.CreateAgency(agency); return Ok(); } catch (AppException ex) { // return error message if there was an exception return BadRequest(new { message = ex.Message }); } } //[HttpGet("{id}")] //public IActionResult GetById(int id) //{ // var user = _Repo.GetById(id); // var userDto = _mapper.Map(user); // if (user == null) // { // return NotFound(); // } // // Only allow SuperAdmins to access other user records // var currentUserId = int.Parse(User.Identity.Name); // if (id != currentUserId && !User.IsInRole(Role.SuperAdmin)) // { // return Forbid(); // } // return Ok(userDto); //} //[HttpGet("{id}")] //public IActionResult GetByAgencyId(int id) //{ // var agency = _Repo.GetByAgencyId(id); // var agencyDto = _mapper.Map(agency); // if (agency == null) // { // return NotFound(); // } // var currentAgencyId = int.Parse(User.Identity.Name); // if (id != currentAgencyId && !User.IsInRole(Role.Agency)) // { // return Forbid(); // } // return Ok(agencyDto); //} //[Authorize(Roles = Role.SuperAdmin)] //[HttpDelete("{id}")] //public IActionResult Delete(User user) //{ // _Repo.Delete(user.Id); // return Ok(); //} //[Authorize(Roles = Role.SuperAdmin)] //[HttpDelete("{id}")] //public IActionResult DeleteAgency(Agency agency) //{ // _Repo.DeleteAgency(agency.Id); // return Ok(); //} } }