public async Task <IActionResult> GetCategoriesByUser(string value = "")
{
string user = value;
_logger.LogDebug($"GET categories/system/{user} is completed");
var data = await _dbHandler.ListCategoriesAsync(await _dbHandler.GetUserAsync(user));
if (data == null)
{
_logger.LogDebug($"GET categories/system/{user} is failed");
GeneralMessage ret = new GeneralMessage();
ret.Message = "List is failed";
return(BadRequest(ret));
}
_logger.LogDebug($"GET categories/system/{user} is completed");
return(Ok(data));
}
public async Task <IActionResult> ListTickets(string username = null, bool unassigned = false, string category = null, string system = null, string status = null, string reference = null, string title = null, int skip = -1, int count = -1)
{
TicketFilterTemplate filter = new TicketFilterTemplate();
if (!string.IsNullOrEmpty(category))
{
filter.Category = category;
}
if (!string.IsNullOrEmpty(reference))
{
filter.Reference = reference;
}
if (!string.IsNullOrEmpty(status))
{
filter.Status = status;
}
if (!string.IsNullOrEmpty(system))
{
filter.System = system;
}
if (!string.IsNullOrEmpty(title))
{
filter.Title = title;
}
User user = null;
if (username != null)
{
user = await _dbHandler.GetUserAsync(username);
}
if (unassigned)
{
user = null;
}
List <Ticket> respond;
if (skip != -1 && count != -1)
{
if (username == null && !unassigned)
{
respond = await _dbHandler.ListTicketsAsync(skip, count, filter);
}
else
{
respond = await _dbHandler.ListTicketsAsync(skip, count, filter, user);
}
}
else
{
if (username == null && !unassigned)
{
respond = await _dbHandler.ListTicketsAsync(filter);
}
else
{
respond = await _dbHandler.ListTicketsAsync(filter, user);
}
}
if (respond == null)
{
return(BadRequest(new GeneralMessage()
{
Message = "Ticket listing has failed"
}));
}
return(Ok(respond));
}
public async Task <IActionResult> LoginUser([FromBody] UserLoginInfo user)
{
// Check that user exist
if (user == null)
{
// Login failed
_logger.LogDebug($"Login failed for {user.Username} due missing login credentials");
GeneralMessage ret = new GeneralMessage();
ret.Message = $"Login failed for {user.Username} due missing login credentials";
return(Unauthorized(ret));
}
var checkUsr = await _dbHandler.GetUserAsync(user.Username);
if (checkUsr != null)
{
// Check that password hash are the same
if (DbHandler.HashPassword(user.Password) == checkUsr.Password)
{
// Get the role
var role = checkUsr.Role.ToString();
// Create claims
var authClaims = new List <Claim>
{
new Claim(ClaimTypes.Name, user.Username),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(ClaimTypes.Role, role)
};
if (role == "Admin")
{
authClaims.Add(new Claim(ClaimTypes.Role, UserRole.User.ToString()));
}
// Create authentication token
var authSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["JWT:Secret"]));
var token = new JwtSecurityToken(
issuer: _configuration["JWT:ValidIssuer"],
audience: _configuration["JWT:ValidAudience"],
expires: DateTime.UtcNow.AddMinutes(5),
claims: authClaims,
signingCredentials: new SigningCredentials(authSigningKey, SecurityAlgorithms.HmacSha256)
);
// Create refresh token
var authSigningKey2 = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["JWT:RefSec"]));
var token2 = new JwtSecurityToken(
issuer: _configuration["JWT:ValidIssuer"],
audience: _configuration["JWT:ValidAudience"],
expires: DateTime.UtcNow.AddMinutes(2),
claims: authClaims,
signingCredentials: new SigningCredentials(authSigningKey2, SecurityAlgorithms.HmacSha256)
);
// Return with the token
_logger.LogDebug($"Login done for {user.Username}");
return(Ok(new
{
auth_token = new JwtSecurityTokenHandler().WriteToken(token),
refresh_token = new JwtSecurityTokenHandler().WriteToken(token2),
auth_expiration = token.ValidTo,
refresh_expiration = token2.ValidTo
}));
}
// Login failed
_logger.LogDebug($"Login failed for {user.Username} due to wrong password");
GeneralMessage ret = new GeneralMessage();
ret.Message = "Wrong password";
return(Unauthorized(ret));
}
else
{
// Login failed
_logger.LogDebug($"Login failed for {user.Username} due to user does not exist");
GeneralMessage ret = new GeneralMessage();
ret.Message = "User does not exist";
return(Unauthorized(ret));
}
}
