public JsonResult Validate2FA([FromForm] string token, [FromForm] string code, [FromForm] string datetime)
{
DateTime now = DateTime.ParseExact(datetime, "dd-MM-yyyy HH:mm:ss", CultureInfo.InvariantCulture);
if (now < DateTime.Now.AddMinutes(-2))
{
return(Json(new { status = "timeout" }));
}
token = Uri.UnescapeDataString(token);
if (Security.TFA.Validate(code, token, now))
{
using (var context = new OverstagContext())
{
var a = context.Accounts.First(e => e.Token == token);
//Set important session variables
base.setUser(a);
string remember = Security.Auth.Register(a.Token, HttpContext.Connection.RemoteIpAddress.ToString()).Result;
HttpContext.Session.SetString("Remember", remember);
return(Json(new { status = "success", remember = Uri.EscapeDataString(remember) }));
}
}
else
{
return(Json(new { status = "error" }));
}
}
public async Task <IActionResult> setDrink(int eventid, int userid, int amount)
{
using (var context = new OverstagContext())
{
var eve = context.Events.Include(f => f.Participators).FirstOrDefault(f => f.Id == eventid);
if (eve == null)
{
return(Json(new { status = "error", error = "Activiteit niet gevonden" }));
}
try
{
var user = eve.Participators.First(f => f.UserID == userid);
if (user.Paid)
{
return(Json(new { status = "error", error = "Gebruiker heeft al betaald" }));
}
user.AdditionsCost = amount;
context.Events.Update(eve);
await context.SaveChangesAsync();
return(Json(new { status = "success" }));
}
catch (Exception e)
{
return(Json(new { status = "error", error = "Er is iets fout gegaan", debuginfo = e.Message }));
}
}
}
public IActionResult Events()
{
var events = new OverstagContext().Events.ToList();
ViewBag.Passed = events.Where(e => Core.General.DateIsPassed(e.When)).OrderBy(e => e.When).ToArray().Reverse().ToArray();
return(View(events.Where(e => !Core.General.DateIsPassed(e.When)).OrderBy(e => e.When).ToArray()));
}
public async Task <IActionResult> addUser(int eventid, int userid)
{
using (var context = new OverstagContext())
{
try
{
var user = context.Accounts.Include(f => f.Subscriptions).First(a => a.Id == userid);
var eve = context.Events.First(e => e.Id == eventid);
if (DateTime.Today > eve.When.Date.AddDays(3))
{
return(Json(new { status = "error", error = "Het is nu te lang geleden. U kunt geen mensen meer inschrijven." }));
}
if (!user.Subscriptions.Any(e => e.EventID == eventid))
{
user.Subscriptions.Add(new Participate {
UserID = user.Id, EventID = eve.Id
});
await context.SaveChangesAsync();
return(Json(new { status = "success" }));
}
else
{
return(Json(new { status = "error", error = "Deze gebruiker is al ingeschreven!" }));
}
}
catch (Exception e)
{
return(Json(new { status = "error", error = "Er is een interne fout opgetreden", debuginfo = e.ToString() }));
}
}
}
public IActionResult Serve(string token)
{
using (var context = new OverstagContext())
{
var file = context.Files.FirstOrDefault(f => f.Token == token);
if (file == null)
{
return(Json(new { status = "error", error = "Bestand niet gevonden in database" }));
}
string name = Path.Combine(Directory.GetCurrentDirectory(), "Uploads", file.Token);
if (!System.IO.File.Exists(name))
{
return(Json(new { status = "error", error = "Bestand niet gevonden op server" }));
}
try
{
return(new FileContentResult(System.IO.File.ReadAllBytes(name), file.Mimetype)
{
FileDownloadName = file.Name
});
}
catch (Exception e)
{
return(Json(new { status = "error", error = "Interne fout", debuginfo = e.ToString() }));
}
}
}
/// <summary>
/// Determines whether api has access to this action
/// </summary>
/// <param name="filterContext"></param>
public void OnAuthorization(AuthorizationFilterContext filterContext)
{
var token = filterContext.HttpContext.Request.Headers["Token"].ToString();
if (token == null)
{
filterContext.Result = new JsonResult(new { status = "error", error = "No token provided" });
}
else
{
var auth = new OverstagContext().Auths
.Include(f => f.User)
.FirstOrDefault(g => g.IP == "OVERSTAG_APP" && g.Token == token);
if (auth == null)
{
filterContext.Result = new JsonResult(new { status = "error", error = "Invalid token" });
}
else
{
filterContext.HttpContext.Items.Add("User", auth.User);
filterContext.HttpContext.Items.Add("Auth", auth);
}
}
}
/// <summary>
/// Get statistics about subscriptions
/// </summary>
/// <returns>View with graphs and info</returns>
public IActionResult Stats()
{
using (var context = new OverstagContext())
{
var events = context.Events.Include(f => f.Participators).OrderBy(f => f.When).ToList();
List <SSubEvent> sse = new List <SSubEvent>();
foreach (var e in events)
{
List <SSub> subs = new List <SSub>();
foreach (var s in e.Participators)
{
SSub sssb = new SSub
{
account = context.Accounts.First(f => f.Id == s.UserID),
part = s
};
if (sssb.account.Type == 0)
{
subs.Add(sssb);
}
}
sse.Add(new SSubEvent()
{
Event = e,
Sub = subs.OrderBy(f => f.account.Lastname).ToList()
});
}
return(View(sse));
}
}
public async Task <IActionResult> CancelPayment([FromForm] int id)
{
using (var context = new OverstagContext())
{
var payment = context.Payments.FirstOrDefault(f => f.Id == id);
if (payment == null)
{
return(Json(new { status = "error", error = "Betaling niet gevonden!" }));
}
if (payment.Status == PaymentStatus.Paid)
{
return(Json(new { status = "Paid", error = "Betaling is al betaald." }));
}
context.Payments.Remove(payment);
try
{
await context.SaveChangesAsync();
return(Json(new { status = "success" }));
}
catch (Exception e)
{
return(Json(new { status = "error", error = "Er is een interne fout opgetreden.", debuginfo = e.Message }));
}
}
}
/// <summary>
/// Generate a invoice for all members of the family
/// </summary>
/// <returns>Json (status = success or status = error with details)</returns>
public async Task <IActionResult> GenerateInvoice()
{
List <Exception> exceptions = new List <Exception>();
using (var context = new OverstagContext())
{
foreach (var member in context.Families.Include(f => f.Members).First(g => g.ParentID == currentUser.Id).Members)
{
bool result = await Services.Invoices.Create(member.Id);
if (!result)
{
exceptions.Add(Services.Invoices.error);
}
}
if (exceptions.Count() > 0)
{
return(Json(new { status = "error", error = "Voor " + exceptions.Count() + " leden van de familie facturen mislukt te maken.", debuginfo = string.Join(',', exceptions.Select(x => x.Message)) }));
}
else
{
return(Json(new { status = "success" }));
}
}
}
public async Task <IActionResult> List([FromQuery] bool withFactured, [FromQuery] bool withActivity, [FromQuery] DateTime?after)
{
using (var context = new OverstagContext())
{
List <SubscriptionInfo> inf = new List <SubscriptionInfo>();
var user = await context.Accounts.Include(f => f.Subscriptions).ThenInclude(h => h.Event).FirstOrDefaultAsync(g => g.Id == getUserId());
foreach (var item in user.Subscriptions)
{
if (item.Paid && !withFactured)
{
continue;
}
if (after != null && Core.General.DateIsPassed(item.Event.When))
{
continue;
}
inf.Add(item.ToSubscriptionInfo(withActivity));
}
return(Json(new { status = "success", count = inf.Count(), subscriptions = inf }));
}
}
public async Task <IActionResult> GetPayment(int id, [FromQuery] bool htmlOnly, [FromQuery] bool force)
{
try
{
using (var context = new OverstagContext())
{
var payment = await context.Payments.Include(f => f.Invoice).FirstAsync(f => f.Id == id);
payment.Invoice.InvoiceID = Uri.EscapeDataString(payment.Invoice.InvoiceID);
if (force && payment.PayType == PayType.MOLLIE)
{
await UpdatePayment(payment.PaymentId);
}
if (htmlOnly)
{
return(Json(new { status = "success", html = Services.Html.PayStatus(payment.Status), payStatus = (int)payment.Status }));
}
else
{
return(Json(new { status = "success", data = payment, html = Services.Html.PayStatus(payment.Status), payStatus = (int)payment.Status }));
}
}
}
catch (Exception e)
{
return(Json(new { status = "error", error = "Er is intern iets fout gegaan", debuginfo = e }));
}
}
public async Task <IActionResult> Remove([FromForm] int eventId)
{
using (var context = new OverstagContext())
{
var user = await context.Accounts.Include(f => f.Subscriptions).FirstOrDefaultAsync(g => g.Id == getUserId());
var sub = user.Subscriptions.FirstOrDefault(f => f.EventID == eventId);
var eve = await context.Events.FindAsync(eventId);
if (sub == null)
{
return(Json(new { status = "error", error = "Subscription does not exist" }));
}
if (Core.General.DateIsPassed(eve.When))
{
return(Json(new { status = "error", error = "Activity already passed. Can't unsubscribe.", dutchError = "Dit event is al voorbij. U kunt zich hiervoor niet meer uitschrijven" }));
}
user.Subscriptions.Remove(sub);
await context.SaveChangesAsync();
return(Json(new { status = "success" }));
}
}
public IActionResult Unregister()
{
if (!isLoggedIn)
{
ViewBag.RedirectURL = "/Register/Unregister";
return(View("Login"));
}
var account = new OverstagContext().Accounts.Include(g => g.Invoices).Include(i => i.Subscriptions).First(k => k.Id == currentUser.Id);
ViewBag.AllowtoDelete = true;
ViewBag.Name = account.Firstname;
if (account.Invoices.Count(f => !f.Paid) > 0)
{
ViewBag.AllowtoDelete = false;
ViewBag.Message = "Er staan nog onbetaalde facturen open. Zorg er eerst voor dat deze afgerond zijn en kom dan hier terug.";
}
if (account.Subscriptions.Count(f => !f.Paid) > 0)
{
ViewBag.AllowtoDelete = false;
ViewBag.Message = "Er zijn nog ongefactureerde activiteiten of activiteiten waarvoor je nog ingeschreven staat. Zorg er eerst voor dat deze verwijderd/betaald zijn.";
}
return(View());
}
private async Task <string> Vote(int id, bool upvote)
{
using (var context = new OverstagContext())
{
try
{
var user = context.Accounts.Include(f => f.Votes).First(u => u.Id == getUserId());
if (user.Votes.Any(u => u.IdeaID == id))
{
user.Votes.First(u => u.IdeaID == id).Upvote = upvote;
}
else
{
user.Votes.Add(new Models.Vote
{
IdeaID = id,
UserID = user.Id,
Upvote = upvote
});
}
context.Accounts.Update(user);
await context.SaveChangesAsync();
return("OK");
}
catch (Exception e)
{
return(e.ToString());
}
}
}
public JsonResult postMailreset([FromForm] string Email)
{
using (var context = new OverstagContext())
{
try
{
var account = context.Accounts.Where(e => e.Email == Email).FirstOrDefault();
if (account != null)
{
var mail = new Services.PassresetMail(account);
if (mail.SendAsync().Result)
{
return(Json(new { status = "success" }));
}
else
{
return(Json(new { status = "error", error = "Er is een interne fout opgetreden.", debuginfo = mail.error.ToString() }));
}
}
else
{
return(Json(new { status = "error", error = "Dit mailadres is niet bekend in ons systeem" }));
}
}
catch (Exception e) { return(Json(new { status = "error", error = "Er is een interne fout opgetreden", debuginfo = e.ToString() })); }
}
}
public static async Task <bool> Create(int userId)
{
try
{
using (var context = new OverstagContext())
{
var user = await context.Accounts.Include(f => f.Subscriptions).ThenInclude(f => f.Event)
.Include(g => g.Invoices).FirstOrDefaultAsync(h => h.Id == userId);
if (user == null)
{
throw new ArgumentException("User not found");
}
int total = 0;
int additions = 0;
List <int> eventIDS = new List <int>();
var subs = user.Subscriptions.Where(f => !f.Paid && Core.General.DateIsPassed(f.Event.When));
if (subs.Count() == 0)
{
return(true);
}
foreach (var sub in subs)
{
additions += sub.AdditionsCost;
total += (sub.Event.Cost * (sub.FriendCount + 1));
sub.Paid = true;
eventIDS.Add(sub.EventID);
}
invoiceId = Encryption.Random.rHash(user.Token + DateTime.Now.ToLongTimeString());
await context.Invoices.AddAsync(new Invoice()
{
Amount = total + additions,
AdditionsCost = additions,
EventIDs = string.Join(',', eventIDS),
Paid = false,
Payment = null,
Timestamp = DateTime.Now,
User = user,
InvoiceID = invoiceId
});
context.Accounts.Update(user);
await context.SaveChangesAsync();
}
return(true);
}
catch (Exception e)
{
error = e;
return(false);
}
}
public static XInvoice GetXInvoice(int id)
{
var invoice = new OverstagContext().Invoices
.Include(f => f.Payment)
.Include(g => g.User).ThenInclude(h => h.Subscriptions).ThenInclude(i => i.Event)
.First(j => j.Id == id);
return(GetXInvoice(invoice));
}
public async Task <IActionResult> Logout()
{
using (var context = new OverstagContext())
{
context.Auths.Remove((Auth)HttpContext.Items["Auth"]);
await context.SaveChangesAsync();
}
return(Json(new { status = "success" }));
}
public IActionResult loginAs(string token)
{
using (var context = new OverstagContext())
{
var user = context.Accounts.First(f => f.Token == Uri.UnescapeDataString(token));
HttpContext.Session.SetString("CurrentUser", JsonSerializer.Serialize(user));
HttpContext.Response.Redirect("/User");
return(Content("OK"));
}
}
public async Task <IActionResult> postDeleteAccount([FromForm] string password)
{
if (!isLoggedIn)
{
return(Json(new { status = "error", error = "Je bent niet ingelogd. Log opnieuw in a.u.b." }));
}
using (var context = new OverstagContext())
{
var account = context.Accounts.Include(f => f.Auths).Include(g => g.Invoices).Include(h => h.Payments).Include(i => i.Subscriptions).Include(j => j.Votes).Include(x => x.Transactions).First(k => k.Id == currentUser.Id);
if (!Encryption.PBKDF2.Verify(account.Password, password))
{
return(Json(new { status = "error", error = "Wachtwoord is onjuist" }));
}
if (account.Invoices.Count(f => !f.Paid) > 0)
{
return(Json(new { status = "error", error = "Er staan nog onbetaalde facturen open." }));
}
if (account.Subscriptions.Count(f => !f.Paid) > 0)
{
return(Json(new { status = "error", error = "Er staan nog activiteiten open." }));
}
try
{
//All data is removed thanks to cascade and the includes
//Remove mollie integration
try
{
if (!string.IsNullOrEmpty(account.MollieID))
{
CustomerClient customerClient = new CustomerClient(Core.General.Credentials.mollieApiToken);
await customerClient.DeleteCustomerAsync(account.MollieID);
}
}
catch (Exception e)
{
return(Json(new { status = "warning", warning = "Mollie integratie verwijderen mislukt", debuginfo = e.ToString() }));
}
//Remove account
context.Accounts.Remove(account);
await context.SaveChangesAsync();
return(Json(new { status = "success" }));
}
catch (Exception e)
{
return(Json(new { status = "error", error = "Er is een interne fout opgetreden", debuginfo = e.ToString() }));
}
}
}
/// <summary>
/// Update user type
/// </summary>
/// <param name="id">The user's id</param>
/// <param name="type">The new type</param>
/// <returns>JSON(status=success)</returns>
public IActionResult saveType([FromQuery] int id, [FromQuery] byte type)
{
using (var context = new OverstagContext())
{
var user = context.Accounts.Find(id);
user.Type = type;
context.Accounts.Update(user);
context.SaveChanges();
return(Json(new { status = "success" }));
}
}
[RequestSizeLimit(1000000000)] //1GB MAX
public async Task <IActionResult> UploadFiles(IList <IFormFile> files)
{
List <string> fileIDS = new List <string>();
if (Request.ContentLength > 1000000000)
{
return(Json(new { status = "error", error = "Bestand is te groot" }));
}
if (files.Count() <= 0)
{
return(Json(new { status = "error", error = "Geen bestanden" }));
}
using (var context = new OverstagContext())
{
foreach (var file in files)
{
if (file.Length > 0 && file != null)
{
string filehash = Encryption.Random.rHash(file.FileName + file.Name);
Console.WriteLine($"{file.Name} - {file.FileName} - {file.Length} - {file.ContentType}");
var path = Path.Combine(Directory.GetCurrentDirectory(), "Uploads", filehash);
using (var stream = new FileStream(path, FileMode.Create))
{
await file.CopyToAsync(stream);
}
context.Files.Add(new Models.File()
{
Mimetype = file.ContentType,
Name = file.FileName,
Token = filehash
});
fileIDS.Add(filehash);
}
else
{
return(Json(new { status = "error", error = "Interne fout", debuginfo = "Een van de bestanden is NULL" }));
}
}
await context.SaveChangesAsync();
return(Json(new { status = "success", fileIDS }));
/*
* string contentType;
* new FileExtensionContentTypeProvider().TryGetContentType(FileName, out contentType);
* return contentType ?? "application/octet-stream";
*/
}
}
/// <summary>
/// Get unPaid events per user
/// </summary>
/// <returns>View</returns>
public IActionResult Billing()
{
using (var context = new OverstagContext())
{
var family = context.Families
.Include(f => f.Members).ThenInclude(g => g.Subscriptions).ThenInclude(h => h.Event)
//.Include(f => f.Members).ThenInclude(g => g.Invoices) <-- This is how you also include invoices
.First(i => i.ParentID == currentUser.Id);
return(View(family.Members));
}
}
/// <summary>
/// Get an array with random codes
/// </summary>
/// <param name="amount">The amount of codes</param>
/// <returns>string[] with codes</returns>
public static string[] GenerateBackupCodes(int amount = 10)
{
using (var context = new OverstagContext())
{
List <string> Codes = new List <string>();
for (int i = 0; i < amount; i++)
{
Codes.Add(Encryption.Random.rCode(10));
}
return(Codes.ToArray());
}
}
public async Task <IActionResult> ListVotes([FromQuery] bool withIdeas)
{
using (var context = new OverstagContext())
{
List <Idea> ideas = await context.Ideas.ToListAsync();
var user = await context.Accounts.Include(f => f.Votes).ThenInclude(h => h.Idea).FirstOrDefaultAsync(g => g.Id == getUserId());
List <VoteInfo> votes = new List <VoteInfo>();
user.Votes.ForEach(f => votes.Add(f.ToVoteInfo(withIdeas)));
return(Json(new { status = "success", count = votes.Count, votes }));
}
}
/// <summary>
/// Get parent index page with family info or create new family if not exist
/// </summary>
/// <returns>View with info</returns>
public IActionResult Index()
{
using (var context = new OverstagContext())
{
bool has = (context.Families.FirstOrDefault(f => (f.ParentID == currentUser.Id)) != null);
if (!has)
{
CreateFamily();
}
return(View(context.Families.Include(f => f.Members).First(f => f.ParentID == currentUser.Id)));
}
}
public IActionResult Passreset(string token)
{
using (var context = new OverstagContext())
{
try
{
return(View(context.Accounts.First(w => w.Token == Uri.UnescapeDataString(token))));
}
catch
{
string[] error = { "Account niet gevonden. Is de link onjuist?", "Controleer de link die we je hebben gestuurd via de mail en plak deze in de adresbalk." };
return(View("~/Views/Error/Custom.cshtml", error));
}
}
}
public async Task <JsonResult> MergeInvoices()
{
using (var context = new OverstagContext())
{
var user = context.Accounts.Include(f => f.Invoices).First(f => f.Id == currentUser.Id);
var invoices = user.Invoices.Where(f => !f.Paid).ToList();
if (invoices.Count() > 1)
{
Invoice i = new Invoice();
int additions = 0;
int bill = 0;
List <string> EventIDS = new List <string>();
foreach (var invoice in invoices)
{
additions += invoice.AdditionsCost;
bill += invoice.Amount;
i.InvoiceID = invoice.InvoiceID;
EventIDS.AddRange(invoice.EventIDs.Split(',').ToList());
user.Invoices.Remove(invoice);
}
i.EventIDs = string.Join(',', EventIDS);
i.Amount = bill;
i.AdditionsCost = additions;
i.Paid = false;
i.Timestamp = DateTime.Now;
try
{
user.Invoices.Add(i);
context.Accounts.Update(user);
await context.SaveChangesAsync();
return(Json(new { status = "success" }));
}
catch (Exception e)
{
return(Json(new { status = "error", error = "Er is iets fout gegaan", debuginfo = e.ToString() }));
}
}
else
{
return(Json(new { status = "error", error = "Om samen te voegen heb je meer dan 1 openstaande factuur nodig" }));
}
}
}
public IActionResult Declaration(int id)
{
using (var context = new OverstagContext())
{
var declaration = context.Transactions.Include(f => f.User).FirstOrDefault(f => f.Id == id);
string[] error = { "Declaratie niet gevonden", "Probeer een andere." };
if (declaration != null)
{
return(View("~/Views/Mentor/Accountancy/Declaration.cshtml", declaration));
}
else
{
return(View("~/Views/Error/Custom.cshtml", error));
}
}
}
public async Task <IActionResult> postInfoChange(Account a)
{
using (var context = new OverstagContext())
{
var cuser = context.Accounts.First(f => f.Id == currentUser.Id);
cuser.Firstname = a.Firstname;
cuser.Lastname = a.Lastname;
cuser.Adress = a.Adress;
cuser.Residence = a.Residence;
cuser.Postalcode = a.Postalcode;
cuser.Phone = a.Phone;
//Check if email is in use
var x = context.Accounts.FirstOrDefault(f => f.Email == a.Email);
if (x != null && x.Token != cuser.Token)
{
return(Json(new { status = "error", error = "Emailadres is al in gebruik!" }));
}
else
{
cuser.Email = a.Email;
}
//Check if username is in use
var y = context.Accounts.FirstOrDefault(f => f.Username == a.Username);
if (y != null && y.Token != cuser.Token)
{
return(Json(new { status = "error", error = "Gebruikersnaam is al in gebruik!" }));
}
else
{
cuser.Username = a.Username;
}
try
{
context.Accounts.Update(cuser);
await context.SaveChangesAsync();
return(Json(new { status = "success" }));
}
catch (Exception e)
{
return(Json(new { status = "error", error = "Er is een interne fout opgetreden.", debuginfo = e.ToString() }));
}
}
}
