Provision
/
UnivatePropertiesAPI


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168
							using System;
using System.Collections.Generic;
using System.IdentityModel.Tokens.Jwt;
using System.Linq;
using System.Security.Claims;
using System.Text;
using System.Threading.Tasks;
using AutoMapper;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Options;
using Microsoft.IdentityModel.Tokens;
using UnivateProperties_API.Containers.Users;
using UnivateProperties_API.Helpers;
using UnivateProperties_API.Model.Users;
using UnivateProperties_API.Repository;
using UnivateProperties_API.Repository.Users;

namespace UnivateProperties_API.Controllers.Users
{
    [Route("api/[controller]")]
    [ApiController]
    public class RegisterController : ControllerBase
    {
        private readonly IRegisterRepository _Repo;
        private IMapper _mapper;
        private readonly AppSettings _appSettings;

        public RegisterController(IRegisterRepository repo, IMapper mapper, IOptions<AppSettings> appSettings)
        {
            _Repo = repo;
            _mapper = mapper;
            _appSettings = appSettings.Value;
        }

        //Works
        [AllowAnonymous]
        [HttpPost("authenticate")]
        public IActionResult Authenticate([FromBody]UserDto userDto)
        {
            var user = _Repo.Authenticate(userDto.Username, userDto.Password);

            if (user == null)
                return BadRequest(new { message = "Username or password is incorrect" });

            var tokenHandler = new JwtSecurityTokenHandler();
            var key = Encoding.ASCII.GetBytes(_appSettings.Secret);
            var tokenDescriptor = new SecurityTokenDescriptor
            {
                Subject = new ClaimsIdentity(new Claim[]
                {
                    new Claim(ClaimTypes.Name, user.Id.ToString()),
                    new Claim(ClaimTypes.Role, user.Role)
                }),
                Expires = DateTime.UtcNow.AddMinutes(15),
                SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
            };
            var token = tokenHandler.CreateToken(tokenDescriptor);
            var tokenString = tokenHandler.WriteToken(token);

            // return basic user info (without password) and token to store client side
            return Ok(new
            {
                user.Id,
                user.Username,
                user.Name,
                user.Surname,
                Token = tokenString
            });
        }

        //Writes to DB
        [AllowAnonymous]
        [HttpPost("register")]
        public IActionResult Register([FromBody]UserDto individual)
        {
            _mapper.Map<Individual>(individual);

            try
            {
                _Repo.CreatePerson(individual, PersonType.Individual, true, null);
                return Ok();
            }
            catch (AppException ex)
            {
                return BadRequest(new { messge = ex.Message });
            }
        }

        //Writes to DB
        [AllowAnonymous]
        [HttpPost("registeragency")]
        public IActionResult RegisterAgency([FromBody]AgencyDto agency)
        {
            // map dto to entity
            _mapper.Map<Agency>(agency);

            try
            {
                // save 
                _Repo.CreateAgency(agency);
                return Ok();
            }
            catch (AppException ex)
            {
                // return error message if there was an exception
                return BadRequest(new { message = ex.Message });
            }
        }

        //[HttpGet("{id}")]
        //public IActionResult GetById(int id)
        //{
        //    var user = _Repo.GetById(id);
        //    var userDto = _mapper.Map<UserDto>(user);

        //    if (user == null)
        //    {
        //        return NotFound();
        //    }

        //    // Only allow SuperAdmins to access other user records
        //    var currentUserId = int.Parse(User.Identity.Name);
        //    if (id != currentUserId && !User.IsInRole(Role.SuperAdmin))
        //    {
        //        return Forbid();
        //    }

        //    return Ok(userDto);
        //}

        //[HttpGet("{id}")]
        //public IActionResult GetByAgencyId(int id)
        //{
        //    var agency = _Repo.GetByAgencyId(id);
        //    var agencyDto = _mapper.Map<AgencyDto>(agency);

        //    if (agency == null)
        //    {
        //        return NotFound();
        //    }

        //    var currentAgencyId = int.Parse(User.Identity.Name);
        //    if (id != currentAgencyId && !User.IsInRole(Role.Agency))
        //    {
        //        return Forbid();
        //    }

        //    return Ok(agencyDto);
        //}

        //[Authorize(Roles = Role.SuperAdmin)]
        //[HttpDelete("{id}")]
        //public IActionResult Delete(User user)
        //{
        //    _Repo.Delete(user.Id);
        //    return Ok();
        //}

        //[Authorize(Roles = Role.SuperAdmin)]
        //[HttpDelete("{id}")]
        //public IActionResult DeleteAgency(Agency agency)
        //{
        //    _Repo.DeleteAgency(agency.Id);
        //    return Ok();
        //}
    }
}