Beispiel #1
0
        public async Task <ActionResult <List <Users> > > GetUsers(
            [FromQuery(Name = "limit")] string limit   = "1000",
            [FromQuery(Name = "offset")] string offset = "0",
            [FromQuery(Name = "search")] string search = ""
            )
        {
            if (!_authorizationService.ValidateJWTToken(Request))
            {
                return(Unauthorized(new { errors = new { Token = new string[] { "Invalid token" } }, status = 401 }));
            }

            if (limit != null && offset != null)
            {
                if (!int.TryParse(limit, out _) || !int.TryParse(offset, out _))
                {
                    var response = new JsonResponse
                    {
                        Message = "Invalid request",
                        Status  = 400,
                        Errors  = new Dictionary <string, string[]>
                        {
                            { "Queries", new string[] { "Invalid queries" } }
                        }
                    };

                    return(BadRequest(response.FormatResponse()));
                }
            }

            List <Users> users = await _usersContext.Browse(limit, offset, search);

            return(Ok(new { users }));
        }
Beispiel #2
0
        public async Task <IActionResult> SignIn([FromBody] AuthenticatedUserModel user)
        {
            if (string.IsNullOrWhiteSpace(Request.Headers["Origin"]))
            {
                var response = new JsonResponse
                {
                    Message = "Invalid request",
                    Status  = 401,
                    Errors  = new Dictionary <string, string[]>
                    {
                        { "Origin", new string[] { "Invalid request origin" } }
                    }
                };

                return(Unauthorized(response.FormatResponse()));
            }

            // Authenticate user
            var authenticatedUser = await _authenticationService.Authenticate(user.UserNameOrEmail, user.UserPassword);

            if (authenticatedUser == null)
            {
                // User isn't registered
                Response.Headers.Append("Access-Control-Allow-Origin", Request.Headers["Origin"]);
                return(Unauthorized(new { errors = new { Authentication = new string[] { "Invalid username, email and/or password" } }, status = 401 }));
            }

            // Return 200 OK with token in cookie
            var existingUser = await _context.Users.Where(u => u.Id == authenticatedUser.Id).FirstOrDefaultAsync();

            authenticatedUser.BaseUser = existingUser;

            _authorizationService.SetAuthCookie(Request, Response, authenticatedUser.Token);
            Response.Headers.Append("X-Authorization-Token", authenticatedUser.Token);

            return(Ok(authenticatedUser.BaseUser.WithoutPassword()));
        }