public async Task <IActionResult> CreateUser([FromBody] Common.DataSvc.Models.UserDo entity)
{
return(await this.ControllerResult(async (Web.Models.ResultData result) =>
{
Web.Models.User.ApplicationUser exist = await this._userManager.FindByNameAsync(entity.UserName);
if (exist != null)
{
result.AddError("CLE011");
}
else
{
entity.CreateDate = Utils.IOUtil.GetCurrentDateTimeTH;
entity.CreateUser = this.User.Identity.Name;
Web.Models.User.ApplicationUser user = new Web.Models.User.ApplicationUser
{
UserName = entity.UserName,
GroupID = entity.GroupID,
FlagActive = true,
FlagSystemAdmin = entity.FlagSystemAdmin,
PasswordAge = entity.PasswordAge,
LastUpdatePasswordDate = entity.LastUpdatePasswordDate,
Remark = entity.Remark
};
var res = await this._userManager.CreateAsync(user, entity.Password);
if (res.Succeeded)
{
user = await this._userManager.FindByNameAsync(entity.UserName);
entity.UserID = user.Id;
Common.DataSvc.Models.UserCriteriaDo criteria = new DataSvc.Models.UserCriteriaDo();
criteria.UserName = entity.UserName;
result.Data = await Task.Run(() =>
{
this._commonSvcDbContext.CreateUserInfo(entity);
DataSvc.Models.UserDo nuser = this._commonSvcDbContext.GetUser(criteria);
nuser.Password = FAKE_PASSWORD;
return new
{
User = nuser,
Permissions = this._commonSvcDbContext.GetUserPermission(criteria)
};
});
}
else
{
foreach (var error in res.Errors)
{
result.AddError(error.Code, error.Description);
}
}
}
}));
}
public async Task <IActionResult> IsUserInRole([FromBody] Models.UserInRoleDo role)
{
return(await this.ControllerResult(async (Web.Models.ResultData result) =>
{
if (User.Identity.IsAuthenticated)
{
Web.Models.User.ApplicationUser user = await _userManager.GetUserAsync(this.User);
if (user != null && role != null)
{
foreach (Models.UserInRoleDo.ScreenPermissionDo scn in role.permissions)
{
Web.Models.ScreenDo scnc = Web.Constants.SCREEN_LIST.Find(x => x.ScreenID == scn.screenID);
if (scnc != null)
{
foreach (Models.UserInRoleDo.ScreenPermissionDo.PermissionDo permission in scn.permissions)
{
if (scnc.ViewOnly &&
(permission.permissionID == 2 ||
permission.permissionID == 3 ||
permission.permissionID == 4 ||
permission.permissionID == 6))
{
permission.hasPermission = false;
}
else
{
permission.hasPermission =
await _userManager.IsInRoleAsync(user, string.Format("{0}:{1}",
scn.screenID, permission.permissionID));
}
}
}
}
result.Data = role;
}
}
}));
}
public async Task <IActionResult> ChangePassword([FromBody] Web.Models.User.UserPasswordDo userDo)
{
return(await this.ControllerResult(async (Web.Models.ResultData result) =>
{
userDo.LastUpdatePasswordDate = Utils.IOUtil.GetCurrentDateTimeTH;
Web.Models.User.ApplicationUser user = await this._userManager.FindByNameAsync(userDo.Username);
if (user != null)
{
var res = await this._userManager.ChangePasswordAsync(user, userDo.OldPassword, userDo.NewPassword);
if (!res.Succeeded)
{
foreach (var error in res.Errors)
{
result.AddError(error.Code, error.Description);
}
}
else
{
user.LastUpdatePasswordDate = userDo.LastUpdatePasswordDate;
res = await this._userManager.UpdateAsync(user);
if (!res.Succeeded)
{
foreach (var error in res.Errors)
{
result.AddError(error.Code, error.Description);
}
}
else
{
result.Data = true;
}
}
}
}));
}
public async Task <IActionResult> GetUser([FromBody] Web.Models.User.UserLoginDo userDo)
{
return(await this.ControllerResult(async (Web.Models.ResultData result) =>
{
Web.Models.User.ApplicationUser user = await this._userManager.FindByNameAsync(userDo.Username);
if (user != null)
{
bool hasPermission = true;
if (Utils.CommonUtil.IsNullOrEmpty(userDo.WithPermissionID) == false)
{
IList <string> roles = await this._userManager.GetRolesAsync(user);
if (roles.Contains(userDo.WithPermissionID) == false)
{
hasPermission = false;
}
}
if (hasPermission)
{
bool flagActive = user.FlagActive;
if (flagActive == true)
{
flagActive = this._appDbContext.IsUserGroupActive(user.GroupID);
}
if (flagActive == true)
{
result.Data = new
{
UserName = user.UserName,
DisplayName = this._appDbContext.GetUserDisplayName(user.Id),
GroupID = user.GroupID
};
}
}
}
}));
}
public async Task <IActionResult> Login([FromBody] Web.Models.User.UserLoginDo userDo)
{
return(await this.ControllerResult(async (Web.Models.ResultData result) =>
{
Web.Models.User.ApplicationUser user = await this._userManager.FindByNameAsync(userDo.Username);
if (user == null)
{
result.AddError("CLE006");
}
else
{
if (Utils.CommonUtil.IsNullOrEmpty(userDo.WithPermissionID) == false)
{
IList <string> roles = await this._userManager.GetRolesAsync(user);
if (roles.Contains(userDo.WithPermissionID) == false)
{
result.AddError("CLE005");
}
}
if (result.Errors.Count == 0)
{
bool flagActive = user.FlagActive;
if (flagActive == true)
{
flagActive = this._appDbContext.IsUserGroupActive(user.GroupID);
}
if (flagActive == false)
{
result.AddError("CLE006");
}
else
{
var res = await this._signInManager.PasswordSignInAsync(userDo.Username, userDo.Password, false, true);
if (res.Succeeded)
{
bool isExpired = false;
if (user.PasswordAge != null)
{
if (user.LastUpdatePasswordDate == null)
{
isExpired = true;
}
else
{
int diff = user.LastUpdatePasswordDate.Value.AddDays(user.PasswordAge.Value).CompareTo(Utils.IOUtil.GetCurrentDateTimeTH);
if (diff < 0)
{
isExpired = true;
}
}
}
if (isExpired)
{
result.AddError("CLE007");
result.Data = new
{
IsPasswordExpired = true
};
}
else
{
this._appDbContext.UpdateUserLoginDate(user.Id);
var token = this.GenerateToken(user.UserName, user.Id);
var refresh_token = Guid.NewGuid().ToString().Replace("-", "");
result.Data = new
{
UserName = user.UserName,
DisplayName = this._appDbContext.GetUserDisplayName(user.Id),
GroupID = user.GroupID,
Token = token,
RefreshToken = refresh_token,
Timeout = Convert.ToDouble(this._configuration["JwtExpireMinutes"])
};
this.WriteRefreshToken(refresh_token, user.Id);
}
}
else if (res.IsLockedOut)
{
result.AddError("CLE009", Web.Constants.LOGIN_WAITING_TIME.ToString("N0"));
}
else
{
int accessFailedCount = await this._userManager.GetAccessFailedCountAsync(user);
int attemptsLeft = Web.Constants.MAXIMUM_LOGIN_FAIL - accessFailedCount;
result.AddError("CLE008", attemptsLeft.ToString("N0"));
}
}
}
}
}));
}
public async Task <IActionResult> UpdateUser([FromBody] Common.DataSvc.Models.UserDo entity)
{
return(await this.ControllerResult(async (Web.Models.ResultData result) =>
{
bool currentUser = this.User.Identity.Name == entity.UserName;
bool changePassword = (entity.Password != FAKE_PASSWORD);
entity.UpdateDate = Utils.IOUtil.GetCurrentDateTimeTH;
entity.UpdateUser = this.User.Identity.Name;
Web.Models.User.ApplicationUser user = await this._userManager.FindByNameAsync(entity.UserName);
if (user != null)
{
user.GroupID = entity.GroupID;
user.FlagActive = entity.FlagActive;
user.FlagSystemAdmin = entity.FlagSystemAdmin;
user.PasswordAge = entity.PasswordAge;
user.Remark = entity.Remark;
if (changePassword && entity.Password != null)
{
user.LastUpdatePasswordDate = entity.UpdateDate;
Web.Validator.UserPasswordValidator <Web.Models.User.ApplicationUser> validator
= new Web.Validator.UserPasswordValidator <Web.Models.User.ApplicationUser>();
Microsoft.AspNetCore.Identity.IdentityResult pres = await validator.ValidateAsync(_userManager, user, entity.Password);
if (!pres.Succeeded)
{
foreach (var error in pres.Errors)
{
result.AddError(error.Code, error.Description);
}
}
else
{
await this._userManager.RemovePasswordAsync(user);
pres = await this._userManager.AddPasswordAsync(user, entity.Password);
if (!pres.Succeeded)
{
foreach (var error in pres.Errors)
{
result.AddError(error.Code, error.Description);
}
}
}
}
if (result.Errors.Count == 0)
{
var res = await this._userManager.UpdateAsync(user);
if (!res.Succeeded)
{
foreach (var error in res.Errors)
{
result.AddError(error.Code, error.Description);
}
}
else
{
entity.UserID = user.Id;
Common.DataSvc.Models.UserCriteriaDo criteria = new DataSvc.Models.UserCriteriaDo();
criteria.UserName = entity.UserName;
result.Data = await Task.Run(() =>
{
this._commonSvcDbContext.UpdateUserInfo(entity);
DataSvc.Models.UserDo nuser = this._commonSvcDbContext.GetUser(criteria);
nuser.Password = FAKE_PASSWORD;
return new
{
IsCurrentUser = currentUser,
User = nuser,
Permissions = this._commonSvcDbContext.GetUserPermission(criteria)
};
});
}
}
}
}));
}
public async Task <IActionResult> GetScreenMenu()
{
return(await this.ControllerResult(async (Web.Models.ResultData result) =>
{
Web.Models.User.ApplicationUser user = await _userManager.GetUserAsync(this.User);
List <ClientScreenDo> menus = new List <ClientScreenDo>();
foreach (Web.Models.ScreenDo scn in Web.Constants.SCREEN_LIST)
{
if (Utils.CommonUtil.IsNullOrEmpty(scn.Path))
{
continue;
}
if (scn.FlagPermission &&
await _userManager.IsInRoleAsync(user, string.Format("{0}:1", scn.ScreenID)) == false)
{
continue;
}
if (!scn.FlagMenu)
{
ClientScreenDo m = new ClientScreenDo();
m.screenID = scn.ScreenID;
m.url = scn.Path;
m.nameEN = scn.NameEN;
m.nameLC = scn.NameLC;
m.icon = scn.ImageIcon;
m.isMenu = false;
menus.Add(m);
}
else
{
if (Utils.CommonUtil.IsNullOrEmpty(scn.GroupID) == false)
{
ClientScreenDo mg = getMenuFromGroup(menus, scn.GroupID);
if (mg == null)
{
mg = new ClientScreenDo();
mg.groupID = scn.GroupID;
mg.nameEN = scn.GroupNameEN;
mg.nameLC = scn.GroupNameLC;
mg.icon = scn.GroupImageIcon;
mg.isMenu = true;
mg.childrens = new List <ClientScreenDo>();
menus.Add(mg);
}
ClientScreenDo smg = null;
if (Utils.CommonUtil.IsNullOrEmpty(scn.SubGroupID) == false)
{
if (mg.childrens == null)
{
mg.childrens = new List <ClientScreenDo>();
}
smg = mg.childrens.Find(x => x.groupID == scn.SubGroupID);
if (smg == null)
{
smg = new ClientScreenDo();
smg.groupID = scn.SubGroupID;
smg.nameEN = scn.SubGroupNameEN;
smg.nameLC = scn.SubGroupNameLC;
smg.icon = scn.SubGroupImageIcon;
smg.isMenu = true;
smg.childrens = new List <ClientScreenDo>();
mg.childrens.Add(smg);
}
}
ClientScreenDo m = new ClientScreenDo();
m.screenID = scn.ScreenID;
m.url = scn.Path;
m.nameEN = scn.NameEN;
m.nameLC = scn.NameLC;
m.icon = scn.ImageIcon;
m.isMenu = true;
if (smg != null)
{
smg.childrens.Add(m);
}
else
{
mg.childrens.Add(m);
}
}
else
{
ClientScreenDo m = new ClientScreenDo();
m.screenID = scn.ScreenID;
m.url = scn.Path;
m.nameEN = scn.NameEN;
m.nameLC = scn.NameLC;
m.icon = scn.ImageIcon;
m.isMenu = true;
menus.Add(m);
}
}
}
updateMenu1Children(menus);
result.Data = menus;
}));
}
public async Task <IActionResult> RefreshToken([FromBody] Models.TokenDo t)
{
return(await this.ControllerResult(async (Web.Models.ResultData result) =>
{
if (User.Identity.IsAuthenticated)
{
Web.Models.User.ApplicationUser user = await _userManager.GetUserAsync(this.User);
if (user != null)
{
string path = Utils.Constants.TEMP_PATH;
path = System.IO.Path.Combine(path, "token_storage");
if (System.IO.Directory.Exists(path) == false)
{
System.IO.Directory.CreateDirectory(path);
}
path = System.IO.Path.Combine(path, t.Value);
if (System.IO.File.Exists(path))
{
using (System.IO.StreamReader rd = new System.IO.StreamReader(path, true))
{
string id = rd.ReadLine();
if (id == user.Id)
{
var token = this.GenerateToken(user.UserName, user.Id);
var refresh_token = Guid.NewGuid().ToString().Replace("-", "");
result.Data = new
{
UserName = user.UserName,
DisplayName = this._appDbContext.GetUserDisplayName(user.Id),
GroupID = user.GroupID,
Token = token,
RefreshToken = refresh_token,
Timeout = Convert.ToDouble(this._configuration["JwtExpireMinutes"])
};
string npath = Utils.Constants.TEMP_PATH;
npath = System.IO.Path.Combine(npath, "token_storage");
if (System.IO.Directory.Exists(npath) == false)
{
System.IO.Directory.CreateDirectory(npath);
}
npath = System.IO.Path.Combine(npath, refresh_token);
if (System.IO.File.Exists(npath))
{
System.IO.File.Delete(npath);
}
using (System.IO.StreamWriter wr = new System.IO.StreamWriter(npath, true))
{
wr.WriteLine(user.Id);
}
}
}
System.IO.File.Delete(path);
}
}
}
}));
}
