public IActionResult Create([FromBody] LoginModel loginModel)
{
List <string> ClaimsList = new List <string>();
if (!ModelState.IsValid)
{
IEnumerable <ModelError> allErrors = ModelState.Values.SelectMany(v => v.Errors);
return(BadRequest(allErrors));
}
else
{
UserInformation userInfo = context.UserInformations.Include(p => p.UserClaimsRoles)
.FirstOrDefault(p => p.Username.Equals(loginModel.UserName));
if (userInfo != null)
{
Customer customerDetails = context.Customers.FirstOrDefault(p =>
p.UserInformationId.ToString().Equals(userInfo.Id.ToString()) &&
p.Password.Equals(loginModel.Password));
//Get User Claims according to there roles.
foreach (var userClaimRole in userInfo.UserClaimsRoles)
{
ClaimRoles claimRole = context.ClaimRoles.Include(p => p.Claims)
.Include(q => q.Roles)
.FirstOrDefault(p => p.Id == userClaimRole.Id);
if (claimRole != null)
{
ClaimsList.Add(claimRole.Claims.Claim);
}
}
if (customerDetails != null)
{
var token = new JwtTokenBuilder()
.AddSecurityKey(JwtSecurityKey.Create("XBitApi-secret-key-1234"))
.AddSubject(userInfo.Name)
.AddIssuer("XBitApi.Security.Bearer")
.AddAudience("XBitApi.Security.Bearer")
.AddClaim("UserId", userInfo.Id.ToString())
.AddClaimRoles(ClaimsList)
.AddExpiry(5)
.Build();
return(Ok(token.Value));
}
else
{
return(BadRequest(new { Error = "Invalid Password For User " + loginModel.UserName }));
}
}
else
{
return(BadRequest(new { Error = "This UserName/Email does not exist in our system." }));
}
}
}
private List <ClaimRoles> GetClaimRolesByUserInformationId(Guid userinformationId)
{
List <ClaimRoles> claimsRoles = new List <ClaimRoles>();
UserInformation userInfo = context.UserInformations.Include(p => p.UserClaimsRoles)
.FirstOrDefault(p => p.Id == userinformationId);
foreach (var userClaimRole in userInfo.UserClaimsRoles)
{
ClaimRoles claimRole = context.ClaimRoles.Include(p => p.Claims)
.Include(q => q.Roles)
.FirstOrDefault(p => p.Id == userClaimRole.Id);
claimsRoles.Add(claimRole);
}
return(claimsRoles);
}
public IActionResult PostUserRolesAssociation([FromBody] UserRolesVM UserRolesVM)
{
if (ModelState.IsValid)
{
List <int> ClaimRolesIds = new List <int>();
foreach (var role in UserRolesVM.Roles)
{
//check roles exist?
Roles rolesVM = context.Roles.FirstOrDefault(p => p.Role.ToLower().Equals(role.Role.ToLower()));
if (rolesVM == null)
{
var addRole = context.Roles.Add(new Roles()
{
Role = role.Role
});
context.SaveChanges();
role.Id = addRole.Entity.Id;
}
else
{
role.Id = rolesVM.Id;
}
foreach (var claim in role.Claims)
{
//check claims exist?
Claims claimsVM = context.Claims.FirstOrDefault(p => p.Claim.ToLower().Equals(claim.Claim.ToLower()));
if (claimsVM == null)
{
var addClaim = context.Claims.Add(new Claims()
{
Claim = claim.Claim
});
context.SaveChanges();
claim.Id = addClaim.Entity.Id;
}
else
{
claim.Id = claimsVM.Id;
}
//check ClaimRoles exist? If not Add them...
ClaimRoles claimRolesVM = context.ClaimRoles.FirstOrDefault(p => p.RolesId == role.Id && p.ClaimsId == claim.Id);
if (claimRolesVM == null)
{
var claimRoles = context.ClaimRoles.Add(new ClaimRoles()
{
ClaimsId = claim.Id, RolesId = role.Id
});
context.SaveChanges();
ClaimRolesIds.Add(claimRoles.Entity.Id);
}
else
{
ClaimRolesIds.Add(claimRolesVM.Id);
}
}
//check UserClaimRoles exist....
foreach (var claimRolesId in ClaimRolesIds)
{
var UserClaimRoles = context.UserClaimRoles.FirstOrDefault(p => p.ClaimRolesId == claimRolesId && p.UserInformationId == new Guid(UserRolesVM.UserInformationId));
if (UserClaimRoles == null)
{
var userClaimRoles = context.UserClaimRoles.Add(new UserClaimRoles()
{
ClaimRolesId = claimRolesId, UserInformationId = new Guid(UserRolesVM.UserInformationId)
});
context.SaveChanges();
}
}
}
return(Ok());
}
else
{
return(StatusCode(500));
}
}
public async Task <bool> UserHasRole(string email, ClaimRoles role)
{
var roles = await _userLoginInfoRepository.GetUserRoles(email);
return(roles.Contains(role.ToString()));
}
public ClaimRequirementAttribute(string claimType, ClaimRoles claimValue) : base(typeof(ClaimRequirementFilter))
{
Arguments = new object[] { new Claim(claimType, claimValue.ToString()) };
}
