public async Task <IActionResult> CreateUser([FromBody] Common.DataSvc.Models.UserDo entity) { return(await this.ControllerResult(async (Web.Models.ResultData result) => { Web.Models.User.ApplicationUser exist = await this._userManager.FindByNameAsync(entity.UserName); if (exist != null) { result.AddError("CLE011"); } else { entity.CreateDate = Utils.IOUtil.GetCurrentDateTimeTH; entity.CreateUser = this.User.Identity.Name; Web.Models.User.ApplicationUser user = new Web.Models.User.ApplicationUser { UserName = entity.UserName, GroupID = entity.GroupID, FlagActive = true, FlagSystemAdmin = entity.FlagSystemAdmin, PasswordAge = entity.PasswordAge, LastUpdatePasswordDate = entity.LastUpdatePasswordDate, Remark = entity.Remark }; var res = await this._userManager.CreateAsync(user, entity.Password); if (res.Succeeded) { user = await this._userManager.FindByNameAsync(entity.UserName); entity.UserID = user.Id; Common.DataSvc.Models.UserCriteriaDo criteria = new DataSvc.Models.UserCriteriaDo(); criteria.UserName = entity.UserName; result.Data = await Task.Run(() => { this._commonSvcDbContext.CreateUserInfo(entity); DataSvc.Models.UserDo nuser = this._commonSvcDbContext.GetUser(criteria); nuser.Password = FAKE_PASSWORD; return new { User = nuser, Permissions = this._commonSvcDbContext.GetUserPermission(criteria) }; }); } else { foreach (var error in res.Errors) { result.AddError(error.Code, error.Description); } } } })); }
public async Task <IActionResult> IsUserInRole([FromBody] Models.UserInRoleDo role) { return(await this.ControllerResult(async (Web.Models.ResultData result) => { if (User.Identity.IsAuthenticated) { Web.Models.User.ApplicationUser user = await _userManager.GetUserAsync(this.User); if (user != null && role != null) { foreach (Models.UserInRoleDo.ScreenPermissionDo scn in role.permissions) { Web.Models.ScreenDo scnc = Web.Constants.SCREEN_LIST.Find(x => x.ScreenID == scn.screenID); if (scnc != null) { foreach (Models.UserInRoleDo.ScreenPermissionDo.PermissionDo permission in scn.permissions) { if (scnc.ViewOnly && (permission.permissionID == 2 || permission.permissionID == 3 || permission.permissionID == 4 || permission.permissionID == 6)) { permission.hasPermission = false; } else { permission.hasPermission = await _userManager.IsInRoleAsync(user, string.Format("{0}:{1}", scn.screenID, permission.permissionID)); } } } } result.Data = role; } } })); }
public async Task <IActionResult> ChangePassword([FromBody] Web.Models.User.UserPasswordDo userDo) { return(await this.ControllerResult(async (Web.Models.ResultData result) => { userDo.LastUpdatePasswordDate = Utils.IOUtil.GetCurrentDateTimeTH; Web.Models.User.ApplicationUser user = await this._userManager.FindByNameAsync(userDo.Username); if (user != null) { var res = await this._userManager.ChangePasswordAsync(user, userDo.OldPassword, userDo.NewPassword); if (!res.Succeeded) { foreach (var error in res.Errors) { result.AddError(error.Code, error.Description); } } else { user.LastUpdatePasswordDate = userDo.LastUpdatePasswordDate; res = await this._userManager.UpdateAsync(user); if (!res.Succeeded) { foreach (var error in res.Errors) { result.AddError(error.Code, error.Description); } } else { result.Data = true; } } } })); }
public async Task <IActionResult> GetUser([FromBody] Web.Models.User.UserLoginDo userDo) { return(await this.ControllerResult(async (Web.Models.ResultData result) => { Web.Models.User.ApplicationUser user = await this._userManager.FindByNameAsync(userDo.Username); if (user != null) { bool hasPermission = true; if (Utils.CommonUtil.IsNullOrEmpty(userDo.WithPermissionID) == false) { IList <string> roles = await this._userManager.GetRolesAsync(user); if (roles.Contains(userDo.WithPermissionID) == false) { hasPermission = false; } } if (hasPermission) { bool flagActive = user.FlagActive; if (flagActive == true) { flagActive = this._appDbContext.IsUserGroupActive(user.GroupID); } if (flagActive == true) { result.Data = new { UserName = user.UserName, DisplayName = this._appDbContext.GetUserDisplayName(user.Id), GroupID = user.GroupID }; } } } })); }
public async Task <IActionResult> Login([FromBody] Web.Models.User.UserLoginDo userDo) { return(await this.ControllerResult(async (Web.Models.ResultData result) => { Web.Models.User.ApplicationUser user = await this._userManager.FindByNameAsync(userDo.Username); if (user == null) { result.AddError("CLE006"); } else { if (Utils.CommonUtil.IsNullOrEmpty(userDo.WithPermissionID) == false) { IList <string> roles = await this._userManager.GetRolesAsync(user); if (roles.Contains(userDo.WithPermissionID) == false) { result.AddError("CLE005"); } } if (result.Errors.Count == 0) { bool flagActive = user.FlagActive; if (flagActive == true) { flagActive = this._appDbContext.IsUserGroupActive(user.GroupID); } if (flagActive == false) { result.AddError("CLE006"); } else { var res = await this._signInManager.PasswordSignInAsync(userDo.Username, userDo.Password, false, true); if (res.Succeeded) { bool isExpired = false; if (user.PasswordAge != null) { if (user.LastUpdatePasswordDate == null) { isExpired = true; } else { int diff = user.LastUpdatePasswordDate.Value.AddDays(user.PasswordAge.Value).CompareTo(Utils.IOUtil.GetCurrentDateTimeTH); if (diff < 0) { isExpired = true; } } } if (isExpired) { result.AddError("CLE007"); result.Data = new { IsPasswordExpired = true }; } else { this._appDbContext.UpdateUserLoginDate(user.Id); var token = this.GenerateToken(user.UserName, user.Id); var refresh_token = Guid.NewGuid().ToString().Replace("-", ""); result.Data = new { UserName = user.UserName, DisplayName = this._appDbContext.GetUserDisplayName(user.Id), GroupID = user.GroupID, Token = token, RefreshToken = refresh_token, Timeout = Convert.ToDouble(this._configuration["JwtExpireMinutes"]) }; this.WriteRefreshToken(refresh_token, user.Id); } } else if (res.IsLockedOut) { result.AddError("CLE009", Web.Constants.LOGIN_WAITING_TIME.ToString("N0")); } else { int accessFailedCount = await this._userManager.GetAccessFailedCountAsync(user); int attemptsLeft = Web.Constants.MAXIMUM_LOGIN_FAIL - accessFailedCount; result.AddError("CLE008", attemptsLeft.ToString("N0")); } } } } })); }
public async Task <IActionResult> UpdateUser([FromBody] Common.DataSvc.Models.UserDo entity) { return(await this.ControllerResult(async (Web.Models.ResultData result) => { bool currentUser = this.User.Identity.Name == entity.UserName; bool changePassword = (entity.Password != FAKE_PASSWORD); entity.UpdateDate = Utils.IOUtil.GetCurrentDateTimeTH; entity.UpdateUser = this.User.Identity.Name; Web.Models.User.ApplicationUser user = await this._userManager.FindByNameAsync(entity.UserName); if (user != null) { user.GroupID = entity.GroupID; user.FlagActive = entity.FlagActive; user.FlagSystemAdmin = entity.FlagSystemAdmin; user.PasswordAge = entity.PasswordAge; user.Remark = entity.Remark; if (changePassword && entity.Password != null) { user.LastUpdatePasswordDate = entity.UpdateDate; Web.Validator.UserPasswordValidator <Web.Models.User.ApplicationUser> validator = new Web.Validator.UserPasswordValidator <Web.Models.User.ApplicationUser>(); Microsoft.AspNetCore.Identity.IdentityResult pres = await validator.ValidateAsync(_userManager, user, entity.Password); if (!pres.Succeeded) { foreach (var error in pres.Errors) { result.AddError(error.Code, error.Description); } } else { await this._userManager.RemovePasswordAsync(user); pres = await this._userManager.AddPasswordAsync(user, entity.Password); if (!pres.Succeeded) { foreach (var error in pres.Errors) { result.AddError(error.Code, error.Description); } } } } if (result.Errors.Count == 0) { var res = await this._userManager.UpdateAsync(user); if (!res.Succeeded) { foreach (var error in res.Errors) { result.AddError(error.Code, error.Description); } } else { entity.UserID = user.Id; Common.DataSvc.Models.UserCriteriaDo criteria = new DataSvc.Models.UserCriteriaDo(); criteria.UserName = entity.UserName; result.Data = await Task.Run(() => { this._commonSvcDbContext.UpdateUserInfo(entity); DataSvc.Models.UserDo nuser = this._commonSvcDbContext.GetUser(criteria); nuser.Password = FAKE_PASSWORD; return new { IsCurrentUser = currentUser, User = nuser, Permissions = this._commonSvcDbContext.GetUserPermission(criteria) }; }); } } } })); }
public async Task <IActionResult> GetScreenMenu() { return(await this.ControllerResult(async (Web.Models.ResultData result) => { Web.Models.User.ApplicationUser user = await _userManager.GetUserAsync(this.User); List <ClientScreenDo> menus = new List <ClientScreenDo>(); foreach (Web.Models.ScreenDo scn in Web.Constants.SCREEN_LIST) { if (Utils.CommonUtil.IsNullOrEmpty(scn.Path)) { continue; } if (scn.FlagPermission && await _userManager.IsInRoleAsync(user, string.Format("{0}:1", scn.ScreenID)) == false) { continue; } if (!scn.FlagMenu) { ClientScreenDo m = new ClientScreenDo(); m.screenID = scn.ScreenID; m.url = scn.Path; m.nameEN = scn.NameEN; m.nameLC = scn.NameLC; m.icon = scn.ImageIcon; m.isMenu = false; menus.Add(m); } else { if (Utils.CommonUtil.IsNullOrEmpty(scn.GroupID) == false) { ClientScreenDo mg = getMenuFromGroup(menus, scn.GroupID); if (mg == null) { mg = new ClientScreenDo(); mg.groupID = scn.GroupID; mg.nameEN = scn.GroupNameEN; mg.nameLC = scn.GroupNameLC; mg.icon = scn.GroupImageIcon; mg.isMenu = true; mg.childrens = new List <ClientScreenDo>(); menus.Add(mg); } ClientScreenDo smg = null; if (Utils.CommonUtil.IsNullOrEmpty(scn.SubGroupID) == false) { if (mg.childrens == null) { mg.childrens = new List <ClientScreenDo>(); } smg = mg.childrens.Find(x => x.groupID == scn.SubGroupID); if (smg == null) { smg = new ClientScreenDo(); smg.groupID = scn.SubGroupID; smg.nameEN = scn.SubGroupNameEN; smg.nameLC = scn.SubGroupNameLC; smg.icon = scn.SubGroupImageIcon; smg.isMenu = true; smg.childrens = new List <ClientScreenDo>(); mg.childrens.Add(smg); } } ClientScreenDo m = new ClientScreenDo(); m.screenID = scn.ScreenID; m.url = scn.Path; m.nameEN = scn.NameEN; m.nameLC = scn.NameLC; m.icon = scn.ImageIcon; m.isMenu = true; if (smg != null) { smg.childrens.Add(m); } else { mg.childrens.Add(m); } } else { ClientScreenDo m = new ClientScreenDo(); m.screenID = scn.ScreenID; m.url = scn.Path; m.nameEN = scn.NameEN; m.nameLC = scn.NameLC; m.icon = scn.ImageIcon; m.isMenu = true; menus.Add(m); } } } updateMenu1Children(menus); result.Data = menus; })); }
public async Task <IActionResult> RefreshToken([FromBody] Models.TokenDo t) { return(await this.ControllerResult(async (Web.Models.ResultData result) => { if (User.Identity.IsAuthenticated) { Web.Models.User.ApplicationUser user = await _userManager.GetUserAsync(this.User); if (user != null) { string path = Utils.Constants.TEMP_PATH; path = System.IO.Path.Combine(path, "token_storage"); if (System.IO.Directory.Exists(path) == false) { System.IO.Directory.CreateDirectory(path); } path = System.IO.Path.Combine(path, t.Value); if (System.IO.File.Exists(path)) { using (System.IO.StreamReader rd = new System.IO.StreamReader(path, true)) { string id = rd.ReadLine(); if (id == user.Id) { var token = this.GenerateToken(user.UserName, user.Id); var refresh_token = Guid.NewGuid().ToString().Replace("-", ""); result.Data = new { UserName = user.UserName, DisplayName = this._appDbContext.GetUserDisplayName(user.Id), GroupID = user.GroupID, Token = token, RefreshToken = refresh_token, Timeout = Convert.ToDouble(this._configuration["JwtExpireMinutes"]) }; string npath = Utils.Constants.TEMP_PATH; npath = System.IO.Path.Combine(npath, "token_storage"); if (System.IO.Directory.Exists(npath) == false) { System.IO.Directory.CreateDirectory(npath); } npath = System.IO.Path.Combine(npath, refresh_token); if (System.IO.File.Exists(npath)) { System.IO.File.Delete(npath); } using (System.IO.StreamWriter wr = new System.IO.StreamWriter(npath, true)) { wr.WriteLine(user.Id); } } } System.IO.File.Delete(path); } } } })); }