public async Task <IActionResult> AddUserToRole(string roleId, string userId)
{
RomiRole role = null;
RomiUser user = null;
using (var uow = new UnitOfWork <RomiRole>(new RomiDbContext()))
{
role = await uow.Repository().SingleOrDefaultAsync(t => t.Id == roleId);
if (role == null)
{
return(this.BadRequest(new { Message = $"RoleId '{roleId}' not found" }));
}
}
using (var uow = new UnitOfWork <RomiUser>(new RomiDbContext()))
{
user = await uow.Repository().SingleOrDefaultAsync(t => t.Id == userId);
if (user == null)
{
return(this.BadRequest(new { Message = $"UserId '{userId}' not found" }));
}
}
await this._userManager.AddToRoleAsync(user, role.Name);
return(this.Ok());
}
public IActionResult Authenticate([FromBody] RomiUser user)
{
var authenticatedUser = this._signInManager.SignInAsync(user, false);
if (authenticatedUser == null)
{
return(this.BadRequest(new { message = "Username or password is incorrect" }));
}
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(secret);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject =
new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Name, user.Id) }),
Expires = DateTime.UtcNow.AddDays(7),
SigningCredentials = new SigningCredentials(
new SymmetricSecurityKey(key),
SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
var tokenString = tokenHandler.WriteToken(token);
// return basic user info (without password) and token to store client side
return(this.Ok(
new UserInfo()
{
Id = user.Id,
Username = user.UserName,
FirstName = user.FirstName,
LastName = user.LastName,
Token = tokenString
}));
}
public IActionResult Register([FromBody] RomiUser user)
{
try
{
// save
this._userManager.CreateAsync(user);
return(this.Ok());
}
catch (Exception ex)
{
// return error message if there was an exception
return(this.BadRequest(new { message = ex.Message }));
}
}
