public async Task <IActionResult> Authenticate()
{
if (!User.Identity.IsAuthenticated)
{
return(Unauthorized());
}
_logger.Info("Authenticating " + User.GetAccountId());
try
{
var q = new GetApplicationList {
AccountId = User.GetAccountId()
};
var result = await _queryBus.QueryAsync(User, q);
var dto = new AuthenticatedUser
{
AccountId = User.GetAccountId(),
UserName = User.Identity.Name,
Applications = result,
IsSysAdmin = User.IsInRole(CoderrRoles.SysAdmin),
};
return(Json(dto));
}
catch (Exception ex)
{
_logger.Error("Failed to authenticate " + User.Identity.Name, ex);
throw;
}
}
/// <summary>
/// Execute the request and generate a reply.
/// </summary>
/// <param name="request">Request to execute</param>
/// <returns>
/// Task which will contain the reply once completed.
/// </returns>
public async Task <ActivateAccountReply> ExecuteAsync(ActivateAccount request)
{
var account = await _repository.FindByActivationKeyAsync(request.ActivationKey);
if (account == null)
{
throw new ArgumentOutOfRangeException("ActivationKey", request.ActivationKey,
"Key was not found.");
}
account.Activate();
await _repository.UpdateAsync(account);
var query = new GetApplicationList();
var apps = await _queryBus.QueryAsync(query);
var roles = apps.Select(x => "Member_" + x.Id).ToArray();
Thread.CurrentPrincipal = new OneTruePrincipal(account.Id, account.UserName, roles);
var evt = new AccountActivated(account.Id, account.UserName)
{
EmailAddress = account.Email
};
await _eventBus.PublishAsync(evt);
return(new ActivateAccountReply(account.Id, account.UserName));
}
protected async Task Init(int maxCount = 0)
{
var query = new GetApplicationList();
var result = await _queryBus.QueryAsync(this.ClaimsUser(), query);
ViewBag.FirstApplication = result.Length <= maxCount;
}
private async Task BuildApplicationList(SessionUser user)
{
var getApps = new GetApplicationList {
AccountId = user.AccountId
};
var apps = await _queryBus.QueryAsync(getApps);
user.Applications = apps.ToDictionary(x => x.Id, x => x.Name);
user.Applications[0] = "Dashboard";
}
public ApplicationListDto GetApplicationList(GetApplicationList getApplicationList)
{
try
{
_unitOfWork.OpenConnection();
return(_applicationService.GetApplicationList(getApplicationList));
}
finally
{
_unitOfWork.CloseConnection();
}
}
private async Task <Dictionary <string, string> > GetMyApplications()
{
var query = new GetApplicationList
{
AccountId = User.GetAccountId(),
FilterAsAdmin = true
};
var items = await _queryBus.QueryAsync(query);
var applications = items.ToDictionary(x => x.Id.ToString(), x => x.Name);
return(applications);
}
public async Task <AuthenticatedUser> Authenticate()
{
var q = new GetApplicationList {
AccountId = User.GetAccountId()
};
var result = await _queryBus.QueryAsync((ClaimsPrincipal)User, q);
return(new AuthenticatedUser
{
AccountId = User.GetAccountId(),
UserName = User.Identity.Name,
Applications = result
});
}
public async Task <ActionResult> UpdateSession()
{
var getApps = new GetApplicationList();
var apps = await _queryBus.QueryAsync(getApps);
var ctx = Request.GetOwinContext();
ctx.Authentication.SignOut(DefaultAuthenticationTypes.ApplicationCookie);
var identity = CreateIdentity(User.GetAccountId(), User.Identity.Name, apps);
SignIn(identity);
return(new EmptyResult());
}
public async Task <ActionResult> Accept(AcceptViewModel model)
{
if (!ModelState.IsValid)
{
return(View(model));
}
var query = new GetInvitationByKey(model.InvitationKey);
var invitation = await _queryBus.QueryAsync(query);
if (invitation == null)
{
return(View("InvitationNotFound"));
}
var cmd = new AcceptInvitation(model.UserName, model.Password, model.InvitationKey)
{
AcceptedEmail = model.Email,
FirstName = model.FirstName,
LastName = model.LastName
};
var reply = await _requestReplyBus.ExecuteAsync(cmd);
if (reply == null)
{
ModelState.AddModelError("",
"Failed to find an invitation with the specified key. You might have already accepted the invitation? If not, ask for a new one.");
_logger.Error("Failed to find invitation " + model.InvitationKey);
return(View(new AcceptViewModel()));
}
var getApps = new GetApplicationList {
AccountId = reply.AccountId
};
var apps = await _queryBus.QueryAsync(getApps);
var identity = CreateIdentity(reply.AccountId, reply.UserName, false, apps);
SignIn(identity);
return(Redirect("~/#/account/accepted"));
}
/// <summary>
/// Execute the request and generate a reply.
/// </summary>
/// <param name="request">Request to execute</param>
/// <returns>
/// Task which will contain the reply once completed.
/// </returns>
public async Task <ActivateAccountReply> ExecuteAsync(ActivateAccount request)
{
var account = await _repository.FindByActivationKeyAsync(request.ActivationKey);
if (account == null)
{
throw new ArgumentOutOfRangeException("ActivationKey", request.ActivationKey,
"Key was not found.");
}
account.Activate();
await _repository.UpdateAsync(account);
var query = new GetApplicationList {
AccountId = account.Id
};
var apps = await _queryBus.QueryAsync(query);
var claims =
apps.Select(x => new Claim(OneTrueClaims.Application, x.Id.ToString(), ClaimValueTypes.Integer32))
.ToArray();
if (ClaimsPrincipal.Current.IsAccount(account.Id))
{
var context = new PrincipalFactoryContext(account.Id, account.UserName, new string[0])
{
Claims = claims
};
var identity = await PrincipalFactory.CreateAsync(context);
identity.AddUpdateCredentialClaim();
Thread.CurrentPrincipal = identity;
}
var evt = new AccountActivated(account.Id, account.UserName)
{
EmailAddress = account.Email
};
await _eventBus.PublishAsync(evt);
return(new ActivateAccountReply(account.Id, account.UserName));
}
public async Task <ActionResult> Activate(string id)
{
try
{
var reply = await _requestReplyBus.ExecuteAsync(new ActivateAccount(id));
var getApps = new GetApplicationList();
var apps = await _queryBus.QueryAsync(getApps);
var identity = CreateIdentity(reply.AccountId, reply.UserName, apps);
SignIn(identity);
return(Redirect("~/#/welcome"));
}
catch (Exception err)
{
ModelState.AddModelError("", err.Message);
return(View());
}
}
public async Task <IActionResult> Authenticate()
{
if (!User.Identity.IsAuthenticated)
{
return(Unauthorized());
}
var q = new GetApplicationList {
AccountId = User.GetAccountId()
};
var result = await _queryBus.QueryAsync(User, q);
var dto = new AuthenticatedUser
{
AccountId = User.GetAccountId(),
UserName = User.Identity.Name,
Applications = result
};
return(Json(dto));
}
public async Task <ActionResult> UpdateSession(string returnUrl = null)
{
var getApps = new GetApplicationList {
AccountId = User.GetAccountId()
};
var apps = await _queryBus.QueryAsync(getApps);
var ctx = Request.GetOwinContext();
ctx.Authentication.SignOut(DefaultAuthenticationTypes.ApplicationCookie);
var identity = CreateIdentity(User.GetAccountId(), User.Identity.Name, User.IsSysAdmin(), apps);
SignIn(identity);
if (returnUrl != null)
{
return(Redirect(returnUrl));
}
return(new EmptyResult());
}
public async Task <ActionResult> Accept(AcceptViewModel model)
{
if (!ModelState.IsValid)
{
return(View(model));
}
var cmd = new AcceptInvitation(model.UserName, model.Password, model.InvitationKey)
{
Email = model.Email,
FirstName = model.FirstName,
LastName = model.LastName
};
var reply = await _requestReplyBus.ExecuteAsync(cmd);
if (reply == null)
{
ModelState.AddModelError("",
"Failed to find an invitation with the specified key. You might have already accepted the invitation? If not, ask for a new one.");
_logger.Error("Failed to find invitation " + model.InvitationKey);
return(View(new AcceptViewModel()));
}
FormsAuthentication.SetAuthCookie(reply.UserName, false);
var user = new SessionUser(reply.AccountId, reply.UserName);
SessionUser.Current = user;
var getApps = new GetApplicationList();
var apps = await _queryBus.QueryAsync(getApps);
SessionUser.Current.Applications = apps.ToDictionary(x => x.Id, x => x.Name);
SessionUser.Current.Applications[0] = "Dashboard";
return(Redirect("~/#/account/accepted"));
}
public async Task <ActionResult> UpdateSession(string returnUrl = null)
{
var getApps = new GetApplicationList {
AccountId = User.GetAccountId()
};
var apps = await _queryBus.QueryAsync(User, getApps);
var currentClaims = User.Claims
.Where(x => x.Type != CoderrClaims.Application && x.Type != CoderrClaims.ApplicationAdmin)
.ToList();
await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
foreach (var app in apps)
{
var claim = new Claim(CoderrClaims.Application, app.Id.ToString());
currentClaims.Add(claim);
if (app.IsAdmin)
{
claim = new Claim(CoderrClaims.ApplicationAdmin, app.Id.ToString());
currentClaims.Add(claim);
}
}
var identity = new ClaimsIdentity(currentClaims, "Cookies");
await SignInAsync(identity);
if (returnUrl != null)
{
return(Redirect(returnUrl));
}
return(new EmptyResult());
}
public async Task <ActionResult> Activate(string id)
{
try
{
var reply = await _requestReplyBus.ExecuteAsync(new ActivateAccount(id));
FormsAuthentication.SetAuthCookie(reply.UserName, false);
var user = new SessionUser(reply.AccountId, reply.UserName);
SessionUser.Current = user;
var getApps = new GetApplicationList();
var apps = await _queryBus.QueryAsync(getApps);
SessionUser.Current.Applications = apps.ToDictionary(x => x.Id, x => x.Name);
SessionUser.Current.Applications[0] = "Dashboard";
return(Redirect("~/#/welcome"));
}
catch (Exception err)
{
ModelState.AddModelError("", err.Message);
return(View());
}
}
public static async Task <int> EnsureApplication(this ServerApiClient client, string name)
{
var query = new GetApplicationList();
var result = await client.QueryAsync(query);
var app = result.FirstOrDefault(x => x.Name == name);
if (app != null)
{
return(app.Id);
}
var cmd = new CreateApplication(name, TypeOfApplication.DesktopApplication)
{
ApplicationKey = Guid.NewGuid().ToString("N"),
UserId = 1
};
await client.SendAsync(cmd);
var query2 = new GetApplicationIdByKey(cmd.ApplicationKey);
var retriesLeft = 3;
while (retriesLeft-- > 0)
{
var app2 = await client.QueryAsync(query2);
if (app2 != null)
{
return(app2.Id);
}
await Task.Delay(500);
}
throw new TestFailedException("Could not create application.");
}
public ApplicationListDto GetApplicationList(GetApplicationList getApplicationList)
{
return(_applicationRepository.GetApplicationList(getApplicationList));
}
public async Task <ActionResult> Login(LoginViewModel model)
{
if (!ModelState.IsValid)
{
return(View(model));
}
try
{
var login = new Login(model.UserName, model.Password);
var reply = await _requestReplyBus.ExecuteAsync(login);
if (reply == null)
{
_logger.Error("Result is NULL :(");
ModelState.AddModelError("",
"Internal error.");
model.Password = "";
return(View(model));
}
if (reply.Result != LoginResult.Successful)
{
if (reply.Result == LoginResult.IncorrectLogin)
{
ModelState.AddModelError("", "Incorrect username or password.");
}
else
{
ModelState.AddModelError("",
"Your account is locked or have not been activated (check your mailbox). Contact [email protected] if you need assistance.");
}
model.Password = "";
return(View(model));
}
var getApps = new GetApplicationList {
AccountId = reply.AccountId
};
var apps = await _queryBus.QueryAsync(getApps);
var identity = CreateIdentity(reply.AccountId, reply.UserName, apps);
SignIn(identity);
return(Redirect("~/#/"));
}
catch (AuthenticationException err)
{
_logger.Error("Failed to authenticate", err);
ModelState.AddModelError("", err.Message);
return(View());
}
catch (Exception exception)
{
_logger.Error("Failed to authenticate", exception);
ModelState.AddModelError("", "Failed to authenticate");
return(View());
}
}
public async Task <ActionResult> CookieLogin(string returnTo)
{
if (string.IsNullOrEmpty(returnTo) && !string.IsNullOrEmpty(Request.QueryString["ReturnTo"]))
{
Debugger.Break();
returnTo = Request.QueryString["ReturnTo"];
}
try
{
var authCookie = Request.Cookies[FormsAuthentication.FormsCookieName];
if (authCookie == null)
{
return(RedirectToAction("Login", new { ReturnTo = returnTo }));
}
var ticket = FormsAuthentication.Decrypt(authCookie.Value);
if (ticket == null || (ticket.Expired && ticket.IsPersistent))
{
return(RedirectToAction("Login", new { ReturnTo = returnTo }));
}
var login = new Login(ticket.Name, null);
var reply = await _requestReplyBus.ExecuteAsync(login);
if (reply == null)
{
_logger.Error("Result is NULL :(");
ModelState.AddModelError("",
"Internal error.");
return(RedirectToAction("Login", new { ReturnTo = returnTo }));
}
if (reply.Result != LoginResult.Successful)
{
var config = ConfigurationStore.Instance.Load <BaseConfiguration>();
var errorMessage = reply.Result == LoginResult.IncorrectLogin
? "Incorrect username or password."
: string.Format(
"Your account have not been activated (check your email account). Contact {0} if you need assistance.",
config.SupportEmail);
ModelState.AddModelError("", errorMessage);
return(RedirectToAction("Login", new { ReturnTo = returnTo }));
}
var user = new SessionUser(reply.AccountId, reply.UserName);
SessionUser.Current = user;
var getApps = new GetApplicationList();
var apps = await _queryBus.QueryAsync(getApps);
SessionUser.Current.Applications = apps.ToDictionary(x => x.Id, x => x.Name);
SessionUser.Current.Applications[0] = "Dashboard";
if (string.IsNullOrEmpty(returnTo))
{
return(Redirect("~/#/"));
}
return(Redirect(returnTo));
}
catch (AuthenticationException err)
{
_logger.Error("Failed to authenticate", err);
ModelState.AddModelError("", err.Message);
return(View("Login"));
}
catch (Exception exception)
{
_logger.Error("Failed to authenticate", exception);
ModelState.AddModelError("", "Failed to authenticate");
return(View("Login"));
}
}
public ApplicationListDto GetApplicationList(GetApplicationList getApplicationList)
{
return(_applicationService.GetApplicationList(getApplicationList));
}
public ApplicationListDto GetApplicationList(GetApplicationList getApplicationList)
{
int intGlobalStatus = getApplicationList.status;
int intGlobalAgency = getApplicationList.agency;
int countToSkip = (getApplicationList.page - 1) * 50;
int userId = _userContextRepository.GetCurrentUserId();
int process = (int)getApplicationList.process;
string query = $@"
select r.{nameof(Applications.Id)} as {nameof(ApplicationListItemDbDto.ApplicationId)}
, r.{nameof(Applications.ApplicationDate)} as {nameof(ApplicationListItemDbDto.ApplicationDate)}
, r.{nameof(Applications.CAT_RECORD_TYPE)} as {nameof(ApplicationListItemDbDto.CAT_RECORD_TYPE)}
, r.{nameof(Applications.CAT_RECORD_NUM)} as {nameof(ApplicationListItemDbDto.CAT_RECORD_NUM)}
, r.{nameof(Applications.DOCUMENT_OUT_DATE)} as {nameof(ApplicationListItemDbDto.DOCUMENT_OUT_DATE)}
, r.{nameof(Applications.DOCUMENT_OUT_NUM)} as {nameof(ApplicationListItemDbDto.DOCUMENT_OUT_NUM)}
, r.{nameof(Applications.Process)} as {nameof(ApplicationListItemDbDto.Process)}
, r.{nameof(Applications.REESTR_NUM)} as {nameof(ApplicationListItemDbDto.REESTR_NUM)}
, r.{nameof(Applications.Status)} as {nameof(ApplicationListItemDbDto.Status)}
, aa.{nameof(Applications_Assessment.OTI_EXPERTIES_TYPE)} as {nameof(ApplicationListItemDbDto.OTI_EXPERTIES_TYPE)}
, aa.{nameof(Applications_Assessment.OTI_EXPERTIES_DATE)} as {nameof(ApplicationListItemDbDto.OTI_EXPERTIES_DATE)}
, u.{nameof(Users.ScopeUser)}
from {nameof(Applications)} r
join {nameof(Applications_Assessment)} aa on r.{nameof(Applications.Id)} = aa.{nameof(Applications_Assessment.Application_Id)}
left join {nameof(Users)} u on r.{nameof(Applications.User_Id)} = u.{nameof(Users.Id)}
join (
SELECT {nameof(Applications.Id)} FROM
( SELECT {nameof(Applications.Id)}, MAX({nameof(Applications.ApplicationDate)}) as LastDate
from {nameof(Applications)}
WHERE
{nameof(Applications.Status)} = @{nameof(intGlobalStatus)}
and {nameof(Applications.Agency)} = @{nameof(intGlobalAgency)}
and {nameof(Applications.User_Id)} = @{nameof(userId)}
and {nameof(Applications.Process)} = @{nameof(process)}
group by {nameof(Applications.Id)}
) SubQueryAlias
order by LastDate desc
OFFSET @{nameof(countToSkip)} ROWS -- skip
FETCH NEXT 50 ROWS ONLY -- take
) t
on r.{nameof(Applications.Id)} = t.{nameof(Applications.Id)}
";
string countQuery = $@"
SELECT COUNT({nameof(Applications.Id)})
from {nameof(Applications)}
WHERE
{nameof(Applications.Status)} = @{nameof(intGlobalStatus)}
and {nameof(Applications.Agency)} = @{nameof(intGlobalAgency)}
and {nameof(Applications.User_Id)} = @{nameof(userId)}
and {nameof(Applications.Process)} = @{nameof(process)}
";
var resultDb = _unitOfWork.DbConnection.Query <ApplicationListItemDbDto>(query, new { intGlobalStatus, intGlobalAgency, countToSkip, userId, process }, transaction: _unitOfWork.DbTransaction);
var result = resultDb.Select(x => _listItemMapper.Map(x));
ApplicationListDto applicationListDto = new ApplicationListDto();
applicationListDto.TotalCount = _unitOfWork.DbConnection.QuerySingleOrDefault <int>(countQuery, new { intGlobalStatus, intGlobalAgency, userId, process }, transaction: _unitOfWork.DbTransaction);
applicationListDto.SelectedElements = result.ToArray();
return(applicationListDto);
}