public async Task AuthenticateAsync(string issuer, string audience, DateTime expiration, AuthorizationLevel expectedLevel)
{
using (var tempEnvironment = new TestScopedEnvironmentVariable("AzureWebEncryptionKey", TestKeyValue))
{
// Create an expired test token
var token = JwtGenerator.GenerateToken(issuer, audience, notBefore: DateTime.UtcNow.AddHours(-1), expires: expiration);
var controllerContext = new HttpControllerContext()
{
Request = new HttpRequestMessage(HttpMethod.Get, new Uri("http://localhost/admin/test"))
};
controllerContext.Request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", token);
var actionContext = new HttpActionContext()
{
ControllerContext = controllerContext
};
var attribute = new JwtAuthenticationAttribute();
await attribute.AuthenticateAsync(new HttpAuthenticationContext(actionContext, null), CancellationToken.None);
Assert.Equal(expectedLevel, controllerContext.Request.GetAuthorizationLevel());
}
}
public IHttpActionResult Get(int acesso)
{
JwtAuthenticationAttribute jwt = new JwtAuthenticationAttribute();
var email = jwt.RetornaEmailToken(Request.Headers.Authorization.Parameter);
if (!string.IsNullOrEmpty(email))
{
Usuario usuario = _usuarioIntermediador.GetAll().Where(u => u.Email == email).FirstOrDefault();
if (usuario != null)
{
if (usuario.Acessos != null)
{
foreach (var a in usuario.Acessos)
{
if (a.AcessoId == acesso && a.Ativo)
{
return(Ok(usuario));
}
}
}
throw new HttpResponseException(HttpStatusCode.Forbidden);
}
else
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
}
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
public async Task <HttpResponseMessage> ConfirmEmailAsync(string token)
{
try
{
if (JwtAuthenticationAttribute.ValidateToken(token, out string userEmail))
{
UserIdentityDto user = await userService.GetByEmailAsync(userEmail);
if (user == null)
{
return(Request.CreateErrorResponse(HttpStatusCode.NoContent, "User not found"));
}
if (await userService.ConfirmEmailByIdAsync(user.Id))
{
return(Request.CreateResponse(HttpStatusCode.OK, "Email confirmed"));
}
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Confirmation error"));
}
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Token no longer valid"));
}
catch (EntityException e)
{
return(Request.CreateErrorResponse(HttpStatusCode.InternalServerError, e));
}
}
private void ExecuteAuthenticate(HttpAuthenticationContext authContext)
{
JwtAuthenticationAttribute attrib = new JwtAuthenticationAttribute();
var task = Task.Run(async() =>
{
await attrib.AuthenticateAsync(authContext, new CancellationToken());
});
task.Wait();
}
public HttpResponseMessage VerifyToken(string token)
{
try
{
if (JwtAuthenticationAttribute.ValidateToken(token, out string userEmail))
{
var user = userService.GetByEmail(userEmail);
if (user == null)
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "User not found"));
}
return(Request.CreateResponse(HttpStatusCode.OK, user.Id));
}
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Token no longer valid"));
}
catch (EntityException e)
{
return(Request.CreateErrorResponse(HttpStatusCode.InternalServerError, e));
}
}
public IHttpActionResult Checkout(int?stoId, [FromBody] CartIndexVM cart)
{
var korisnik = JwtAuthenticationAttribute.GetKorisnik(this.Request.Headers.Authorization);
if (cart.Jela.Count == 0 && cart.Pica.Count == 0)
{
return(BadRequest());
}
if (korisnik.TipKorisnika != TipKorisnika.Konobar && korisnik.TipKorisnika != TipKorisnika.Klijent)
{
return(NotFound());
}
Narudzba narudzba = new Narudzba();
int zaposlenikId = 0;
int klijentId = 0;
if (stoId != null)
{
narudzba.StoId = (int)stoId;
}
ctx.Narudzbe.Add(narudzba);
ctx.SaveChanges();
if (korisnik.TipKorisnika == TipKorisnika.Konobar)
{
zaposlenikId = korisnik.Id;
narudzba.ZaposlenikId = zaposlenikId;
narudzba.Sifra = "Z" + zaposlenikId + "N" + narudzba.Id;
}
if (korisnik.TipKorisnika == TipKorisnika.Klijent)
{
klijentId = korisnik.Id;
narudzba.KlijentId = klijentId;
narudzba.Sifra = "K" + klijentId + "N" + narudzba.Id;
}
narudzba.StatusJela = statusNarudzbe.U_Pripremi;
narudzba.StatusPica = statusNarudzbe.U_Pripremi;
ctx.Narudzbe.AddOrUpdate(narudzba);
ctx.SaveChanges();
List <NarudzbaStavke> narudzbaStavke = new List <NarudzbaStavke>();
double racunTotal = 0;
if (cart.Jela.Count != 0)
{
narudzbaStavke = cart.Jela.Select(x => new NarudzbaStavke
{
NarudzbaId = narudzba.Id,
JeloId = x.Id,
Kolicina = x.Kolicina
}).ToList();
foreach (var x in cart.Jela)
{
racunTotal += ctx.Jelo.Where(y => y.Id == x.Id).SingleOrDefault().Cijena *x.Kolicina;
List <JelaStavke> proizvodi = ctx.JelaStavke.Where(y => y.JeloId == x.Id).ToList();
foreach (var stavka in proizvodi)
{
ctx.Proizvodi.Where(y => y.Id == stavka.ProizvodId).SingleOrDefault().Kolicina -= stavka.Kolicina * x.Kolicina;
ctx.SaveChanges();
}
}
}
if (cart.Pica.Count != 0)
{
narudzbaStavke.AddRange(cart.Pica.Select(x => new NarudzbaStavke
{
NarudzbaId = narudzba.Id,
ProizvodId = x.Id,
Kolicina = x.Kolicina
}).ToList());
foreach (var x in cart.Pica)
{
racunTotal += ctx.Proizvodi.Where(y => y.Id == x.Id).SingleOrDefault().Cijena *x.Kolicina;
ctx.Proizvodi.Where(y => y.Id == x.Id).SingleOrDefault().Kolicina -= x.Kolicina;
ctx.SaveChanges();
}
}
ctx.NarudzbaStavke.AddRange(narudzbaStavke);
ctx.SaveChanges();
NarudzbaRacun racun = new NarudzbaRacun();
racun.DatumIzdavanja = DateTime.Now;
racun.Sifra = narudzba.Sifra;
if (korisnik.TipKorisnika == TipKorisnika.Konobar)
{
racun.ZaposlenikId = korisnik.Id;
}
if (korisnik.TipKorisnika == TipKorisnika.Klijent)
{
racun.KlijentId = korisnik.Id;
}
racun.Iznos = racunTotal;
racun.Id = narudzba.Id;
ctx.Racuni.Add(racun);
ctx.SaveChanges();
return(Ok());
}
