Example #1
0
        public IActionResult Post([FromBody] User_UserRolePostModel user_userRolePostModel)
        {
            User   curentUserLogIn = userService.GetCurrentUser(HttpContext);
            string roleNameLoged   = HttpContext.User.Claims.FirstOrDefault(claim => claim.Type == ClaimTypes.Role).Value;

            string curentUserRoleName = user_userRoleService.GetUserRoleNameById(user_userRolePostModel.UserId);


            if (roleNameLoged.Equals("UserManager"))
            {
                var anulUserRegistered = curentUserLogIn.DataRegistered;                                //data inregistrarii
                var curentMonth        = DateTime.Now;                                                  //data curenta
                var nrLuni             = curentMonth.Subtract(anulUserRegistered).Days / (365.25 / 12); //diferenta in luni dintre datele transmise

                if (nrLuni >= 6)
                {
                    string currentRoleName = user_userRoleService.GetUserRoleNameById(user_userRolePostModel.UserId);

                    if (currentRoleName.Equals("Admin"))
                    {
                        return(Forbid("You don`t have the right role for this action!"));
                    }

                    if ((currentRoleName.Equals("UserManager") | currentRoleName.Equals("Regular")) && user_userRolePostModel.UserRoleName.Equals("Admin"))
                    {
                        return(Forbid("You don`t have the right role for this action!"));
                    }
                }
                else
                {
                    return(Forbid("Your UserManager is not more than 6 month"));
                }
            }
            user_userRoleService.Create(user_userRolePostModel);
            return(Ok());
        }
Example #2
0
        public LoginGetModel Authenticate(string username, string password)
        {
            var user = context.Users
                       .Include(u => u.User_UserRoles)
                       .ThenInclude(u_ur => u_ur.UserRole)
                       .AsNoTracking()
                       .FirstOrDefault(u => u.Username == username && u.Password == ComputeSha256Hash(password));


            // return null if user not found
            if (user == null)
            {
                return(null);
            }

            string RoleName = user_userRoleService.GetUserRoleNameById(user.Id);  //imi aduc numele rolului

            // authentication successful so generate jwt token
            var tokenHandler    = new JwtSecurityTokenHandler();
            var key             = Encoding.ASCII.GetBytes(appSettings.Secret);
            var tokenDescriptor = new SecurityTokenDescriptor
            {
                Subject = new ClaimsIdentity(new Claim[]
                {
                    new Claim(ClaimTypes.Name, user.Username.ToString()),
                    new Claim(ClaimTypes.Role, RoleName),                               //DataRegistered si rolul imi vin ca string
                    new Claim(ClaimTypes.UserData, user.DataRegistered.ToString())
                }),
                Expires            = DateTime.UtcNow.AddDays(7),
                SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
            };
            var token = tokenHandler.CreateToken(tokenDescriptor);

            var result = new LoginGetModel
            {
                Id       = user.Id,
                Email    = user.Email,
                Username = user.Username,
                Token    = tokenHandler.WriteToken(token),
                UserRole = user.User_UserRoles.First().UserRole.Name
            };

            return(result);
        }