// PUT api/<controller>/5 public HttpResponseMessage Put(int id, [FromBody] Person person) { if (Request.Headers.Contains("Authorization")) { string type = Request.Headers.GetValues("Authorization").FirstOrDefault()?.Split(' ').First(); if (type == "Bearer") { var token = Request.Headers.GetValues("Authorization").FirstOrDefault()?.Split(' ').Last(); if (AuthJWT.ValidateJwtToken(token)) { return(PutPerson(id, person)); } return(Request.CreateResponse(HttpStatusCode.Unauthorized, "Invalid token")); } if (type == "Basic") { var authHeader = Request.Headers.GetValues("Authorization").FirstOrDefault()?.Split(' ').Last(); var credentialBytes = Convert.FromBase64String(authHeader); var credentials = Encoding.UTF8.GetString(credentialBytes).Split(new[] { ':' }, 2); var user = users.SingleOrDefault(x => x.Username == credentials[0] && x.Password == credentials[1]); if (user != null) { return(PutPerson(id, person)); } return(Request.CreateResponse(HttpStatusCode.Unauthorized, "Username or password is incorrect")); } } return(Request.CreateResponse(HttpStatusCode.Unauthorized, "No authorization header")); }
public async Task GetActualProject(string town, int lastId = 0)//<List<ProjectShort>> { string userId = AuthJWT.GetCurrentId(HttpContext, out int status); if (status != 0 || userId == null) { userId = null; } //List<ProjectShort> res = new List<ProjectShort>(); int?townId = null; if (town != null) { string townLower = town.ToLower().Trim(); var townDb = await Town.GetByName(_db, townLower); if (townDb == null) { return;// new List<ProjectShort>(); } townId = townDb.Id; } var res = await Project.GetActualShortEntityWithStatus(_db, townId, userId, lastId); await ProjectShort.SetMainImages(_db, res); //return res; Response.ContentType = "application/json"; await Response.WriteAsync(JsonConvert.SerializeObject(res, new JsonSerializerSettings { Formatting = Formatting.Indented })); }
public HttpResponseMessage Get(string name = null, string surname = null, string city = null, int?year = null, bool lowercase = false, bool contains = false) { if (Request.Headers.Contains("Authorization")) { string type = Request.Headers.GetValues("Authorization").FirstOrDefault()?.Split(' ').First(); if (type == "Bearer") { var token = Request.Headers.GetValues("Authorization").FirstOrDefault()?.Split(' ').Last(); if (AuthJWT.ValidateJwtToken(token)) { return(FindPerson(name, surname, city, year, lowercase, contains)); } return(Request.CreateResponse(HttpStatusCode.Unauthorized, "Invalid token")); } if (type == "Basic") { var authHeader = Request.Headers.GetValues("Authorization").FirstOrDefault()?.Split(' ').Last(); var credentialBytes = Convert.FromBase64String(authHeader); var credentials = Encoding.UTF8.GetString(credentialBytes).Split(new[] { ':' }, 2); var user = users.SingleOrDefault(x => x.Username == credentials[0] && x.Password == credentials[1]); if (user != null) { return(FindPerson(name, surname, city, year, lowercase, contains)); } return(Request.CreateResponse(HttpStatusCode.Unauthorized, "Username or password is incorrect")); } } return(Request.CreateResponse(HttpStatusCode.Unauthorized, "No authorization header")); }
public async Task <bool?> DeleteUserFromCompany([FromForm] int companyId, [FromForm] string newUserId, StatusInCompany status) { string userId = AuthJWT.GetCurrentId(HttpContext, out int statusId); if (statusId != 0 || userId == null) { Response.StatusCode = 401; return(null); } var company = await Company.GetIfAccess(_db, userId, companyId); if (company == null) { Response.StatusCode = 404; return(null); } var res = await company.RemoveUser(_db, newUserId, status);// StatusInCompany.Moderator); if (res == null) { Response.StatusCode = 527; return(null); } return(res); }
public async Task RefreshToken([FromForm] string refreshToken)//, string confirmPassword { string userId = AuthJWT.GetCurrentId(HttpContext, out int status); if ((status != 0 && status != 1) || userId == null) { Response.StatusCode = 401; return; } var tokens = await AuthJWT.Refresh(_db, userId, refreshToken); if (tokens == null) { Response.StatusCode = 401; return; } var response = new { access_token = tokens.Item1, refresh_token = tokens.Item2 }; Response.ContentType = "application/json"; await Response.WriteAsync(JsonConvert.SerializeObject(response, new JsonSerializerSettings { Formatting = Formatting.Indented })); //return status.ToString(); }
public async Task GetStudents(int projectId, StatusInProject status) { if (status != StatusInProject.Approved && status != StatusInProject.Canceled && status != StatusInProject.InProccessing) { Response.StatusCode = 400; return;// null; } string userId = AuthJWT.GetCurrentId(HttpContext, out int statusId); if (statusId != 0 || userId == null) { Response.StatusCode = 401; return;// null; } var proj = await ApplicationUser.CheckAccessEditProject(_db, projectId, userId); if (proj == null) { Response.StatusCode = 404; return;// null; } var usersShort = await proj.GetStudentsShortEntity(_db, status); Response.ContentType = "application/json"; await Response.WriteAsync(JsonConvert.SerializeObject(usersShort, new JsonSerializerSettings { Formatting = Formatting.Indented })); //return usersShort; }
public async Task <bool> ChangeStatusUserProject([FromForm] int projectId, [FromForm] string studentId, [FromForm] StatusInProject newStatus) { if (newStatus != StatusInProject.InProccessing && newStatus != StatusInProject.Canceled && newStatus != StatusInProject.Approved && newStatus != StatusInProject.Moderator) { Response.StatusCode = 400; return(false); } string userId = AuthJWT.GetCurrentId(HttpContext, out int statusId); if (statusId != 0 || userId == null) { Response.StatusCode = 401; return(false); } var proj = await ApplicationUser.CheckAccessEditProject(_db, projectId, userId); if (proj == null) { Response.StatusCode = 404; return(false); } bool?res = await proj.ChangeStatusUserByLead(_db, newStatus, studentId); if (res == null) { Response.StatusCode = 527; return(false);// null; } return((bool)res); }
public async Task <bool> ChangeStatusProject([FromForm] int projectId, [FromForm] StatusProject newStatus) { string userId = AuthJWT.GetCurrentId(HttpContext, out int statusId); if (statusId != 0 || userId == null) { Response.StatusCode = 401; return(false); } var proj = await ApplicationUser.CheckAccessEditProject(_db, projectId, userId); if (proj == null) { Response.StatusCode = 404; return(false); } try { await proj.SetStatus(_db, newStatus); } catch (DbUpdateConcurrencyException) { Response.StatusCode = 527; return(false); } return(true); }
public string LoginJWT(string register, string senha, int idAplicacao, int validadeEmMinutos = 0) { string token = ""; int matricula = 0; if (_authDataRepository.Login(register, senha, idAplicacao) || new ClienteEntity().UserGolden(register, (Aplicacoes)idAplicacao) == 1) { token = AuthJWT.GeraJwt(matricula, validadeEmMinutos); } return(token); }
public HttpResponseMessage Get() { if (Request.Headers.Contains("Authorization")) { var token = Request.Headers.GetValues("Authorization").FirstOrDefault()?.Split(' ').Last(); if (AuthJWT.ValidateJwtToken(token)) { return(Request.CreateResponse(HttpStatusCode.OK, users)); } return(Request.CreateResponse(HttpStatusCode.Unauthorized, "Invalid token")); } return(Request.CreateResponse(HttpStatusCode.Unauthorized, "No authorization header")); }
public async Task GetProjectByContainsName(string projectName, int?townId, int lastId = 0) { string userId = AuthJWT.GetCurrentId(HttpContext, out int status); if (status != 0 || userId == null) { userId = null; } var res = await Project.GetByStartName(_db, townId, userId, projectName, lastId); Response.ContentType = "application/json"; await Response.WriteAsync(JsonConvert.SerializeObject(res, new JsonSerializerSettings { Formatting = Formatting.Indented })); }
private AuthenticateResponse Authenticate(AuthenticateRequest authenticateRequest) { var user = users.SingleOrDefault(x => x.Username == authenticateRequest.Username && x.Password == authenticateRequest.Password); // return null if user not found if (user == null) { return(null); } // authentication successful so generate jwt token var token = AuthJWT.generateJwtToken(user); return(new AuthenticateResponse(user, token)); }
public async Task GetUserResponsibilityProjects() { string userId = AuthJWT.GetCurrentId(HttpContext, out int status); if (status != 0 || userId == null) { Response.StatusCode = 401; return;// null; } var res = await ApplicationUser.GetUserResponsibilityProjects(_db, userId); Response.ContentType = "application/json"; await Response.WriteAsync(JsonConvert.SerializeObject(res, new JsonSerializerSettings { Formatting = Formatting.Indented })); }
public async Task <int?> CreateProject([FromForm] Project project, [FromForm] string[] competences = null, [FromForm] string[] townNames = null, [FromForm] IFormFile[] uploadedFile = null) { string userId = AuthJWT.GetCurrentId(HttpContext, out int statusId); if (statusId != 0 || userId == null) { Response.StatusCode = 401; return(null); } if (!ModelState.IsValid) { Response.StatusCode = 404; return(null); } if (townNames == null || townNames.Length == 0) { Response.StatusCode = 400; return(null); } if (!await ApplicationUser.CheckAccessEditCompany(_db, project.CompanyId, userId)) { Response.StatusCode = 404; return(null); } Project newProject = new Project(project.Name, project.Description, project.Payment, project.CompanyId); newProject.Validation(new ValidationInput()); _db.Projects.Add(newProject); await _db.SaveChangesAsync(); await newProject.AddImagesToDbSystem(_db, _appEnvironment, uploadedFile); await newProject.AddCompetences(_db, competences); Town.Validation(new ValidationInput(), townNames); await Project.AddTowns(_db, newProject.Id, townNames.ToList()); // await _db.SaveChangesAsync(); return(newProject.Id); }
public async Task <bool?> ChangeCompany([FromForm] Company company, [FromForm] IFormFile[] uploadedFile = null) { string userId = AuthJWT.GetCurrentId(HttpContext, out int statusId); if (statusId != 0 || userId == null) { Response.StatusCode = 401; return(null); } if (company.Id == 0) { ModelState.AddModelError("Id", "Не передан Id"); } if (!ModelState.IsValid) { Response.StatusCode = 400; return(null); } var oldCompany = await Company.GetIfAccess(_db, userId, company.Id); //var oldCompany = await _db.Companys.FirstOrDefaultAsync(x1 => x1.Id == company.Id); if (oldCompany == null) { Response.StatusCode = 404; return(null); } //byte[] newImage = null; try { oldCompany.ChangeData(company.Name, company.Description, company.Number, company.Email);//, company.Image); oldCompany.Validation(new ValidationInput()); await _db.SaveChangesAsync(); await oldCompany.SetImage(_db, uploadedFile, _appEnvironment); } catch (DbUpdateConcurrencyException) { Response.StatusCode = 527; return(null); } return(true);//oldCompany }
public async Task GetCompany(int id) { string userId = AuthJWT.GetCurrentId(HttpContext, out int status); if (status != 0 || userId == null) { userId = null; } var company = await Company.Get(_db, id);//(int) CompanyPage res = await CompanyPage.LoadAllForView(_db, company, userId); Response.ContentType = "application/json"; await Response.WriteAsync(JsonConvert.SerializeObject(res, new JsonSerializerSettings { Formatting = Formatting.Indented })); }
public async Task <bool?> ChangeUserData([FromForm] ApplicationUser newUser, [FromForm] string[] competences, [FromForm] int[] competenceIds) { string userId = AuthJWT.GetCurrentId(HttpContext, out int statusId); if (statusId != 0 || userId == null) { Response.StatusCode = 401; return(false); } newUser.Id = userId; newUser.Validation(new ValidationInput()); var user = await ApplicationUser.ChangeData(_db, _userManager, newUser); await user.AddCompetences(_db, competences); await user.DeleteCompetences(_db, competenceIds); return(true); }
public async Task <bool?> ChangeStatusStudentInProject([FromForm] int projectId, [FromForm] Models.StatusInProject newStatus) { if (newStatus != StatusInProject.InProccessing && newStatus != StatusInProject.CanceledByStudent) { Response.StatusCode = 400; return(null); } string userId = AuthJWT.GetCurrentId(HttpContext, out int status); if (status != 0 || userId == null) { Response.StatusCode = 401; return(null); } //---------------этот кусок нужен //var user = await ApplicationUser.Get(_userManager, userId); //bool mailConfirmed = await _userManager.IsEmailConfirmedAsync(user); //if (!mailConfirmed) //{ // Response.StatusCode = 406; // return null; //} var project = await Project.Get(_db, projectId); if (project == null) { Response.StatusCode = 404; return(null); } bool?res = await project.CreateChangeStatusUser(_db, newStatus, userId); if (res == null) { Response.StatusCode = 527; return(null);// null; } return(res); }
public async Task <bool?> ChangeStatusUserInCompany([FromForm] int companyId, [FromForm] Models.StatusInCompany newStatus) { if (newStatus != StatusInCompany.RequestedByUser && newStatus != StatusInCompany.Empty) { Response.StatusCode = 400; return(null); } string userId = AuthJWT.GetCurrentId(HttpContext, out int status); if (status != 0 || userId == null) { Response.StatusCode = 401; return(null); } //---------------этот кусок нужен //var user = await ApplicationUser.Get(_userManager, userId); //bool mailConfirmed = await _userManager.IsEmailConfirmedAsync(user); //if (!mailConfirmed) //{ // Response.StatusCode = 406; // return null; //} var company = await Company.Get(_db, companyId); if (company == null) { Response.StatusCode = 404; return(null); } bool?res = await company.CreateChangeStatusUser(_db, newStatus, userId); if (res == null) { Response.StatusCode = 527; return(null);// null; } return(res); }
public async Task Login([FromForm] string username, [FromForm] string password) { //try //{ var user = await ApplicationUser.LoginGet(_userManager, username, password); //} //catch(Exception e) //{ // var asd = 1; //} if (user == null) { Response.StatusCode = 400; await Response.WriteAsync("Invalid username or password."); return; } var identity = AuthJWT.GetIdentity(user); var encodedJwt = AuthJWT.GenerateMainToken(identity); var encodedRefJwt = AuthJWT.GenerateRefreshToken(); await user.SetRefreshToken(_db, encodedRefJwt); var response = new { access_token = encodedJwt, refresh_token = encodedRefJwt, username = identity.Name }; // сериализация ответа Response.ContentType = "application/json"; await Response.WriteAsync(JsonConvert.SerializeObject(response, new JsonSerializerSettings { Formatting = Formatting.Indented })); }
public async Task GetProject(int?id) { string userId = AuthJWT.GetCurrentId(HttpContext, out int status); if (status != 0 || userId == null) { userId = null; } var proj = await Project.Get(_db, id); if (proj == null) { Response.StatusCode = 404; return;// null; } var res = await ProjectPage.LoadAllForView(_db, proj, userId); Response.ContentType = "application/json"; await Response.WriteAsync(JsonConvert.SerializeObject(res, new JsonSerializerSettings { Formatting = Formatting.Indented })); }
public async Task CreateCompany([FromForm] Company company, [FromForm] IFormFile[] uploadedFile = null) { //var file = HttpContext.Request.Form.Files; string userId = AuthJWT.GetCurrentId(HttpContext, out int statusId); if (statusId != 0 || userId == null) { Response.StatusCode = 401; return; } if (!ModelState.IsValid) { Response.StatusCode = 400; return; } var newCompany = await Company.Create(_db, _appEnvironment, userId, company, uploadedFile); //Company newCompany = new Company(company.Name, company.Description, company.Number, company.Email); //newCompany.Validation(new ValidationInput()); //_db.Companys.Add(newCompany); //await _db.SaveChangesAsync(); //await newCompany.SetImage(_db, uploadedFile, _appEnvironment); //_db.CompanyUsers.Add(new Models.Domain.ManyToMany.CompanyUser(userId, newCompany.Id, StatusInCompany.Moderator)); //await _db.SaveChangesAsync(); //return newCompany; Response.ContentType = "application/json"; await Response.WriteAsync(JsonConvert.SerializeObject(new { newCompany.Id, newCompany.Name }, new JsonSerializerSettings { Formatting = Formatting.Indented })); }
public async Task <bool?> AddUserToCompany([FromForm] int companyId, [FromForm] string newUserId, [FromForm] StatusInCompany newStatus) { string userId = AuthJWT.GetCurrentId(HttpContext, out int statusId); if (statusId != 0 || userId == null) { Response.StatusCode = 401; return(null); } var company = await Company.GetIfAccess(_db, userId, companyId); if (company == null) { Response.StatusCode = 404; return(null); } bool?res = null; if (newStatus == StatusInCompany.Moderator) { res = await company.AddHeadUser(_db, newUserId); } if (newStatus == StatusInCompany.Employee) { //#TODO //res = await company.AddHeadUser(_db, newUserId); } if (res == null) { Response.StatusCode = 527; return(null); } return(res); }
public async Task Register([FromForm] RegisterModel model)//, string confirmPassword { if (!ModelState.IsValid) { Response.StatusCode = 400; return; } var user = new ApplicationUser { UserName = model.Email, Email = model.Email }; user.Validation(new ValidationInput()); var result = await _userManager.CreateAsync(user, model.Password); if (!result.Succeeded) { Response.StatusCode = 404; return; } var identity = AuthJWT.GetIdentity(user); if (identity == null) { Response.StatusCode = 500; // await Response.WriteAsync("Invalid username or password."); return; } var encodedJwt = AuthJWT.GenerateMainToken(identity); var encodedRefJwt = AuthJWT.GenerateRefreshToken(); await user.SetRefreshToken(_db, encodedRefJwt); //--------этот блок для подтверждения почты //var code = await _userManager.GenerateEmailConfirmationTokenAsync(user); //var callbackUrl = Url.Action( // "ConfirmEmail", // "Account", // new { userId = user.Id, code = code }, // protocol: HttpContext.Request.Scheme); //EmailService emailService = new EmailService(); //await emailService.SendEmailAsync(model.Email, "Confirm your account", // $"Подтвердите регистрацию, перейдя по ссылке: <a href='{callbackUrl}'>link</a>"); var response = new { access_token = encodedJwt, refresh_token = encodedRefJwt, username = identity.Name }; // сериализация ответа Response.ContentType = "application/json"; await Response.WriteAsync(JsonConvert.SerializeObject(response, new JsonSerializerSettings { Formatting = Formatting.Indented })); }
public async Task <bool> LogOut([FromForm] string userId, [FromForm] string refreshToken) { return(await AuthJWT.DeleteRefreshTokenFromDb(_db, userId, refreshToken)); }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { services.Configure <CookiePolicyOptions>(options => { // This lambda determines whether user consent for non-essential cookies is needed for a given request. options.CheckConsentNeeded = context => true; options.MinimumSameSitePolicy = SameSiteMode.None; }); services.AddDbContext <ApplicationDbContext>(options => options.UseSqlServer( Configuration.GetConnectionString("DefaultConnection"))); services.AddIdentity <ApplicationUser, IdentityRole>(options => { options.ClaimsIdentity.UserIdClaimType = ClaimsIdentity.DefaultNameClaimType; }) .AddEntityFrameworkStores <ApplicationDbContext>() .AddDefaultTokenProviders(); //services.AddTransient<UserManager<ApplicationUser>>(); JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear(); services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(options => { options.RequireHttpsMetadata = false; //TODO надо поставить true для ssl options.TokenValidationParameters = new TokenValidationParameters { // укзывает, будет ли валидироваться издатель при валидации токена ValidateIssuer = true, // строка, представляющая издателя ValidIssuer = AuthJWT.ISSUER, // будет ли валидироваться потребитель токена ValidateAudience = true, // установка потребителя токена ValidAudience = AuthJWT.AUDIENCE, // будет ли валидироваться время существования ValidateLifetime = true, // установка ключа безопасности IssuerSigningKey = AuthJWT.GetSymmetricSecurityKey(), // валидация ключа безопасности ValidateIssuerSigningKey = true, }; }); services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1); services.AddSwaggerGen(c => { c.SwaggerDoc("v1", new Swashbuckle.AspNetCore.Swagger.Info { Version = "v1", Title = "ProjectRecruting", Description = "service for students", TermsOfService = "None", Contact = new Swashbuckle.AspNetCore.Swagger.Contact { Name = "yeap", Email = "@zsuzitor", Url = "" } }); //var xmlFile = "swaggerxmlsettings.xml"; var xmlFile = $"{Assembly.GetExecutingAssembly().GetName().Name}.xml"; var xmlPath = Path.Combine(AppContext.BaseDirectory, xmlFile); c.IncludeXmlComments(xmlPath); }); }
public async Task SetRefreshToken(ApplicationDbContext db, string token) { this.RefreshTokenHash = AuthJWT.GetHashRefreshToken(token);//token.GetHashCode(); await db.SaveChangesAsync(); }
public async Task <bool> ChangeProject([FromForm] Project project, [FromForm] int[] deleteImages, [FromForm] string[] competences, [FromForm] int[] competenceIds, [FromForm] IFormFile[] uploadedFile = null) { string userId = AuthJWT.GetCurrentId(HttpContext, out int statusId); if (statusId != 0 || userId == null) { Response.StatusCode = 401; return(false); } if (!ModelState.IsValid) { Response.StatusCode = 404; return(false); } project.Validation(new ValidationInput()); var oldProj = await ApplicationUser.CheckAccessEditProject(_db, project.Id, userId); if (oldProj == null) { Response.StatusCode = 404; return(false); } var updt = await oldProj.Update(_db, _appEnvironment, project, competences, competenceIds, uploadedFile, deleteImages); if (updt == null) { Response.StatusCode = 527; return(false); } //using (var tranzaction = _db.Database.BeginTransaction()) //{ // try // { // oldProj.ChangeData(project.Name, project.Description, project.Payment); // await _db.SaveChangesAsync(); // await oldProj.AddCompetences(_db, competences); // await oldProj.DeleteCompetences(_db, competenceIds); // await Project.DeleteImagesFromDb(_db, oldProj.Id, deleteImages); // tranzaction.Commit(); // } // catch (DbUpdateConcurrencyException ex) // { // tranzaction.Rollback(); // Response.StatusCode = 527; // return false; // } // catch // { // tranzaction.Rollback(); // return false; // } //} //await oldProj.AddImagesToDbSystem(_db, _appEnvironment, uploadedFile); return(true); }