//POST : /api/ApplicationUser/Login
public ActionResult Login(LoginModel model)
{
var checkPass = PasswordHash.EncodePassword(model.Password);
var user = _context.HTUsers.Where(x => x.Username == model.UserName && x.PasswordHash == checkPass);
if (user.Count() > 0)
{
var UserId = from list in user
select list;
var Id = UserId.Select(x => x.Id).FirstOrDefault();
var HoTen = UserId.Select(x => x.HoTen).FirstOrDefault();
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim("UserID", Id.ToString()),
new Claim("Name", HoTen.ToString())
}),
Expires = DateTime.UtcNow.AddDays(1),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_appSettings.JWT_Secret)), SecurityAlgorithms.HmacSha256Signature)
};
var tokenHandler = new JwtSecurityTokenHandler();
var securityToken = tokenHandler.CreateToken(tokenDescriptor);
var token = tokenHandler.WriteToken(securityToken);
return(Ok(new { token }));
}
else
{
return(BadRequest(new { message = "Username or password is incorrect." }));
}
}
//POST : /api/ApplicationUser/Register
public async Task <Object> PostApplicationUser(UserModel model)
{
var used = _context.HTUsers.ToList().Where(x => x.Username == model.Username);
if (used.Count() > 0)
{
return(false);
}
var password = PasswordHash.EncodePassword(model.Password);
var applicationUser = new HTUser()
{
Username = model.Username,
PasswordHash = password,
Email = model.Email,
HoTen = model.HoTen
};
try
{
await _context.HTUsers.AddAsync(applicationUser);
await _context.SaveChangesAsync();
return(used);
}
catch (Exception ex)
{
throw ex;
}
}
public ActionResult Create(UserModel model)
{
var used = _context.Htuser.ToList().Where(x => x.Username == model.Username);
if (used.Count() > 0)
{
return(BadRequest());
}
var password = PasswordHash.EncodePassword(model.Password);
model.Id = Guid.NewGuid();
var applicationUser = model.CopyAs <Htuser>();
applicationUser.PasswordHash = password;
try
{
_context.Htuser.Add(applicationUser);
var role = new HtuserRole
{
UserId = model.Id,
RoleId = _context.Htrole.Where(x => x.Code == model.Role).FirstOrDefault().Id
};
_context.HtuserRole.Add(role);
_context.SaveChanges();
return(Ok(applicationUser));
}
catch (Exception e)
{
throw e;
}
}
public ActionResult updateUser(MyProfileModel model)
{
//var user = _context.Htuser.Find(model.Id);
//user.HoTen = model.HoTen;
//user.SoDienThoai = model.SoDienThoai;
//user.TenKhongDau = model.HoTen;
//user.NgaySinh = model.NgaySinh;
//user.GioiThieu = model.GioiThieu;
//user.Email = model.Email;
//user.DiaChi = model.DiaChi;
//user.Username = model.Username;
if (model.Password != "")
{
model.Password = PasswordHash.EncodePassword(model.Password);
}
var role = _context.Htrole.Where(x => x.Code == model.Role).FirstOrDefault();
using (var cnn = (_context as DbContext).Database.GetDbConnection())
{
var cmm = cnn.CreateCommand();
var p = new DynamicParameters();
p.Add("UserId", model.Id);
p.Add("RoleId", role.Id);
p.Add("HoTen", model.HoTen);
p.Add("SoDienThoai", model.SoDienThoai);
p.Add("Email", model.Email);
p.Add("DiaChi", model.DiaChi);
p.Add("Password", model.Password);
cnn.Query("changeRole", p, commandType: CommandType.StoredProcedure);
}
//_context.Htuser.Update(user);
//_context.SaveChanges();
return(NoContent());
}
public ActionResult ChangePassword(PasswordModel model)
{
var user = _context.Htuser.Find(model.Id);
var passOld = PasswordHash.EncodePassword(model.PasswordOld);
var passNew = PasswordHash.EncodePassword(model.PasswordNew);
if (passOld == user.PasswordHash)
{
if (model.PasswordNew == model.PasswordConfirm)
{
user.PasswordHash = passNew;
_context.Htuser.Update(user);
_context.SaveChanges();
}
else
{
return(BadRequest());
}
return(NoContent());
}
return(BadRequest());
}
