public ActionResult <Model.Korisnik> Auth()
{
if (!Request.Headers.ContainsKey("Authorization"))
{
return(BadRequest(new { message = "Missing Authorization Header" }));
}
Model.Korisnik user = null;
try
{
var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]);
var credentialBytes = Convert.FromBase64String(authHeader.Parameter);
var credentials = Encoding.UTF8.GetString(credentialBytes).Split(':');
var username = credentials[0];
var password = credentials[1];
user = _userService.Authenticate(username, password);
}
catch
{
return(BadRequest(new { message = "Invalid Authorization Header" }));
}
if (user == null)
{
return(BadRequest(new { message = "Username or password is incorrect" }));
}
return(Ok(user));
}
private async void btnSave_Click(object sender, EventArgs e)
{
KorisnikUpsertRequest request = new KorisnikUpsertRequest();
request.Email = txtEmail.Text;
request.KorisnickoIme = txtUserNAme.Text;
request.Ime = txtName.Text;
request.Prezime = txtSurname.Text;
request.Telefon = txtPhoneNumb.Text;
int id = await _serviceGetID.Get <int>(new KorisnikSearchRequest { KorisnickoIme = APIService.UserName });
Model.Korisnik k = await _service.Update <Korisnik>(id, request);
MessageBox.Show("Changed completed", "Succes", MessageBoxButtons.OK, MessageBoxIcon.Information);
txtEmail.Text = k.Email;
txtName.Text = k.Ime;
txtSurname.Text = k.Prezime;
txtUserNAme.Text = k.KorisnickoIme;
txtPhoneNumb.Text = k.Telefon;
APIService.UserName = k.KorisnickoIme;
if (k.Email.Equals("*****@*****.**") &&
k.Ime.Equals("Unesi ime") &&
k.Prezime.Equals("Unesi prezime") &&
k.Telefon.Equals("000/000-000"))
{
APIService.EditovanProfil = false;
}
else
{
APIService.EditovanProfil = true;
}
}
protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
{
if (!Request.Headers.ContainsKey("Authorization"))
{
return(AuthenticateResult.Fail("Missing authorization header"));
}
Model.Korisnik user = null;
Model.Administrator admin = null;
try
{
var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]);
var credentialBytes = Convert.FromBase64String(authHeader.Parameter);
var credentials = Encoding.UTF8.GetString(credentialBytes).Split(":");
var username = credentials[0];
var password = credentials[1];
user = _userService.Autentificiraj(username, password);
admin = _adminService.Autentificiraj(username, password);
}
catch
{
return(AuthenticateResult.Fail("Invalid authorization header"));
}
if (user == null && admin == null)
{
return(AuthenticateResult.Fail("Invalid username or password"));
}
List <Claim> claims = null;
if (user != null)
{
claims = new List <Claim>
{
new Claim(ClaimTypes.NameIdentifier, user.Username),
new Claim(ClaimTypes.Name, user.Ime),
new Claim(ClaimTypes.Role, user.Uloga)
};
}
else if (admin != null)
{
claims = new List <Claim>
{
new Claim(ClaimTypes.NameIdentifier, admin.Username),
new Claim(ClaimTypes.Name, admin.Ime),
new Claim(ClaimTypes.Role, admin.Uloga)
};
}
var identity = new ClaimsIdentity(claims, Scheme.Name);
var princpal = new ClaimsPrincipal(identity);
var ticket = new AuthenticationTicket(princpal, Scheme.Name);
return(AuthenticateResult.Success(ticket));
}
public Model.Korisnik Authenticate(string username, string password)
{
var user = _context.Korisnik.Where(x => x.KorisnickoIme == username || x.Email == username).Include(y => y.Osoba).Select(y => new Korisnik()
{
KorisnikId = y.KorisnikId,
KorisnickoIme = y.KorisnickoIme,
Email = y.Email,
Slika = y.Slika,
Osoba = y.Osoba,
KorisnickaSifraHash = y.KorisnickaSifraHash,
Salt = y.Salt
}).FirstOrDefault();
user.KorisnikRola = _context.KorisnikRola.Where(x => x.KorisnikId == user.KorisnikId).Include(x => x.Rola).ToList();
Osoba o = _context.Osoba.Where(x => x.KorisnikId == user.KorisnikId).FirstOrDefault();
var _korisnik = new Model.Korisnik()
{
Email = user.Email,
Ime = o.Ime,
Prezime = o.Prezime,
KorisnickoIme = user.KorisnickoIme,
Slika = user.Slika
};
if (user.KorisnikRola.Select(x => x.Rola.Naziv).Contains(Role.Uposlenik) || user.KorisnikRola.Select(x => x.Rola.Naziv).Contains(Role.Admin))
{
_korisnik.BibliotekaNaziv = _context.Uposlenik.Where(x => x.OsobaId == o.OsobaId).Include(x => x.Biblioteka).Select(y => y.Biblioteka.Naziv).FirstOrDefault();
}
else if (user.KorisnikRola.Select(x => x.Rola.Naziv).Contains(Role.Korisnik))
{
_korisnik.BibliotekaNaziv = _context.Clan.Where(x => x.OsobaId == o.OsobaId).Include(x => x.Biblioteka).Select(y => y.Biblioteka.Naziv).FirstOrDefault();
}
else
{
_korisnik.BibliotekaNaziv = "eBiblioteka";
}
if (user != null)
{
var newHash = GenerateHash(user.Salt, password);
if (newHash == user.KorisnickaSifraHash)
{
// authentication successful so generate jwt token
var jwt = generateJwt(user);
_korisnik.Token = jwt;
// remove password before returning
user.KorisnickaSifraHash = null;
return(_korisnik);
}
}
return(null);
}
private async void btnSpremi_Click(object sender, EventArgs e)
{
if (this.ValidateChildren())
{
var roleList = clbUloge.CheckedItems.Cast <Model.Uloge>().Select(x => x.UlogaId).ToList();
//var request = new KorisnikInsertRequest()
//{
request.Email = txtEmail.Text;
request.BrojTelefona = txtTelefon.Text;
request.Ime = txtIme.Text;
request.Prezime = txtPrezime.Text;
request.KorisnickoIme = txtKorisnickoIme.Text;
request.Password = txtPass.Text;
request.PasswordConfirmation = txtPassPotvrda.Text;
request.Uloge = roleList;
request.DatumRodjenja = dtmDatumRodjenja.Value;
//Slika=profilePicture
//};
if (cmbGrad.SelectedIndex == 0)
{
MessageBox.Show("Unesite grad");
return;
}
var idGrad = cmbGrad.SelectedValue;
if (int.TryParse(idGrad.ToString(), out int gradId))
{
request.GradID = gradId;
}
Model.Korisnik entity = null;
if (_id.HasValue)
{
entity = await _apiService.Update <Model.Korisnik>(_id.Value, request);
}
else
{
entity = await _apiService.Insert <Model.Korisnik>(request);
}
if (entity != null)
{
MessageBox.Show("Uspješno izvršeno");
this.Close();
}
}
}
public Model.Korisnik Insert(KorisnikInsertRequest request)
{
var entity = _mapper.Map <Database.Korisnik>(request);
if (request.Password != request.PasswordPotvrda)
{
throw new Exception("Passwordi se ne slažu");
}
entity.LozinkaSalt = GenerateSalt();
entity.LozinkaHash = GenerateHash(entity.LozinkaSalt, request.Password);
_context.Korisnik.Add(entity);
_context.SaveChanges();
if (request.Uloge.Count() > 0)
{
foreach (var uloga in request.Uloge)
{
Database.KorisnikUloga korisniciUloge = new Database.KorisnikUloga();
korisniciUloge.KorisnikId = entity.KorisnikId;
korisniciUloge.UlogaId = uloga;
korisniciUloge.DatumIzmjene = DateTime.Now;
_context.KorisnikUloga.Add(korisniciUloge);
}
}
else
{
Database.KorisnikUloga korisniciUloge = new Database.KorisnikUloga();
korisniciUloge.KorisnikId = entity.KorisnikId;
korisniciUloge.UlogaId = request.Uloga;
korisniciUloge.DatumIzmjene = DateTime.Now;
_context.KorisnikUloga.Add(korisniciUloge);
}
_context.SaveChanges();
// -------- dodano posebno
var korisnik = new Model.Korisnik()
{
Ime = entity.Ime,
Prezime = entity.Prezime,
KorisnickoIme = entity.KorisnickoIme,
Email = entity.Email,
Telefon = entity.Telefon,
KorisnikId = entity.KorisnikId
};
//-----
// return _mapper.Map<Model.Korisnici>(entity);
return(korisnik);
}
protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
{
if (!Request.Headers.ContainsKey("Authorization"))
{
return(AuthenticateResult.Fail("Missing Authorization Header"));
}
Model.Korisnik user = null;
try
{
var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]);
var credentialBytes = Convert.FromBase64String(authHeader.Parameter);
var credentials = Encoding.UTF8.GetString(credentialBytes).Split(':');
var username = credentials[0];
var password = credentials[1];
user = _userService.Authenticate(username, password);
}
catch
{
return(AuthenticateResult.Fail("Invalid Authorization Header"));
}
if (user == null)
{
return(AuthenticateResult.Fail("Invalid Username or Password"));
}
var claims = new List <Claim> {
new Claim(ClaimTypes.NameIdentifier, user.KorisnickoIme),
new Claim(ClaimTypes.Name, user.Ime),
};
if (user.KorisnikUloge == null)
{
throw new UserException("Greska u ucitavanju uloga");
}
else
{
foreach (var role in user.KorisnikUloge)
{
claims.Add(new Claim(ClaimTypes.Role, role.Uloga.Naziv));
}
}
var identity = new ClaimsIdentity(claims, Scheme.Name);
var principal = new ClaimsPrincipal(identity);
var ticket = new AuthenticationTicket(principal, Scheme.Name);
return(AuthenticateResult.Success(ticket));
}
private async void buttonLogin_Click(object sender, EventArgs e)
{
if (ValidateChildren())
{
try
{
APIService.Username = textBoxUsername.Text;
APIService.Password = textBoxLozinka.Text;
var korisnik = await _service.Get <List <Model.Korisnik> >(new KorisniciSearchRequest
{
Username = APIService.Username
});
Model.Korisnik provjera = korisnik[0];
List <KorisnikUloga> uloge = provjera.KorisnikUloge.ToList();
bool nadjen = false;
foreach (var uloga in uloge)
{
if (uloga.Uloga.Naziv == "Administrator")
{
nadjen = true;
}
}
if (!nadjen)
{
MessageBox.Show("Neka se na admin panel loguje samo admninistrator");
return;
}
FormIndex frm = new FormIndex();
Dispose(false);
frm.Show();
MessageBox.Show("Uspjesan login!");
}
catch (FlurlHttpException er)
{
if (er.Call.Response.StatusCode == System.Net.HttpStatusCode.Unauthorized)
{
MessageBox.Show("Pogrešan password ili lozinka!", "Authentication", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
else
{
MessageBox.Show("Server error!", "Authentication", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
catch (Exception ex)
{
MessageBox.Show("Error", "Info", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
}
private async void FormKorisnikDetalji_Load(object sender, EventArgs e)
{
try
{
if (_selected_id.HasValue)
{
korisnik = await _service.GetById <Model.Korisnik>(_selected_id);
if (korisnik.KorisnikId != 0)
{
textBoxIme.Text = korisnik.Ime;
textBoxPrezime.Text = korisnik.Prezime;
textBoxEmail.Text = korisnik.Email;
textBoxTelefon.Text = korisnik.Telefon;
textBoxUsername.Text = korisnik.KorisnickoIme;
textBoxUsername.Enabled = false;
List <int> indexi = new List <int>();
foreach (Model.KorisnikUloga uloga in korisnik.KorisnikUloge)
{
foreach (Model.Uloga item in clbRole.Items)
{
if (item.UlogaId == uloga.UlogaId)
{
indexi.Add(clbRole.Items.IndexOf(item));
}
}
}
foreach (int index in indexi)
{
clbRole.SetItemChecked(index, true);
}
clbRole.Enabled = false;
//load slika
if (korisnik.KorisnikSlika != null)
{
Image image = ByteToImage(korisnik.KorisnikSlika.ProfilnaSlika);
pictureBox.Image = image;
}
}
}
}
catch
{
MessageBox.Show("Problem prilikom učitavanja korisnika");
Dispose(false);
}
}
private async void FormUrediPonudu_Load(object sender, EventArgs e)
{
ponuda = await _servicePonude.GetById <Model.Ponuda>(id_ponude);
ekspert = await _serviceEksperti.GetById <Model.Ekspert>(ponuda.EkspertId);
projekt = await _serviceProjekti.GetById <Model.Projekt>(ponuda.ProjektId);
korisnik = await _serviceKorisnici.GetById <Model.Korisnik>(ekspert.KorisnikUloga.KorisnikId);
textBoxEkspert.Text = korisnik.KorisnickoIme;
textBoxProjekt.Text = projekt.Naziv;
textBoxOpis.Text = ponuda.OpisPonude;
numericUpDownCijena.Value = int.Parse(ponuda.Cijena.ToString());
}
protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
{
if (!Request.Headers.ContainsKey("Authorization"))
{
return(AuthenticateResult.Fail("Missing Authorization Header"));
}
Model.Korisnik CurrentUser = null;
try
{
var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]);
var credentialBytes = Convert.FromBase64String(authHeader.Parameter);
var credentials = Encoding.UTF8.GetString(credentialBytes).Split(':');
var username = credentials[0];
var password = credentials[1];
CurrentUser = _korisnikService.Authenticate(username, password);
}
catch
{
return(AuthenticateResult.Fail("Invalid Authorization Header"));
}
if (CurrentUser == null)
{
return(AuthenticateResult.Fail("Invalid Username or Password"));
}
_korisnikService.SetCurrentUser(CurrentUser);
var claims = new List <Claim> {
new Claim(ClaimTypes.NameIdentifier, CurrentUser.KorisnickoIme),
new Claim(ClaimTypes.Name, CurrentUser.Ime + " " + CurrentUser.Prezime),
};
claims.Add(new Claim(ClaimTypes.Role, CurrentUser.Uloga));
var identity = new ClaimsIdentity(claims, Scheme.Name);
var principal = new ClaimsPrincipal(identity);
var ticket = new AuthenticationTicket(principal, Scheme.Name);
return(AuthenticateResult.Success(ticket));
}
public static async Task <Model.Korisnik> GetCurrentUser()
{
if (CurrentUser != null)
{
return(CurrentUser);
}
if (!string.IsNullOrEmpty(APIService.Username) && !string.IsNullOrEmpty(APIService.Password))
{
APIService _service = new APIService("Users");
CurrentUser = await _service.Get <Model.Korisnik>(null, "MyProfile");
if (CurrentUser != null)
{
return(CurrentUser);
}
}
await Application.Current.MainPage.DisplayAlert("Failure", "Failed to retrieve user profile.", "OK");
return(default);
private async void btnSpremi_Click(object sender, EventArgs e)
{
Model.Korisnik korisnik = null;
KorisniciSearchRequest korisniciSearchRequest = new KorisniciSearchRequest
{
BrojKartice = txtBrojKartice.Text
};
List <Model.Korisnik> korisnici = await _korisnikService.Get <List <Model.Korisnik> >(korisniciSearchRequest);
if (korisnici.Count == 1)
{
korisnik = korisnici[0];
}
if (korisnik == null)
{
MessageBox.Show("Korisnik sa unesenom karticom ne postoji!");
return;
}
ClanarinaSearchRequest clanarinaSearchRequest = new ClanarinaSearchRequest
{
KorisnikId = korisnik.Id
};
Model.PrisutnostClana prisutnostClana;
PrisutnostClanaSearchRequest request = new PrisutnostClanaSearchRequest
{
BrojKartice = txtBrojKartice.Text
};
List <Model.PrisutnostClana> result = await _service.Get <List <Model.PrisutnostClana> >(request);
if (result.Count == 0)
{
PrisutnostClanaInsertRequest insertRequest = new PrisutnostClanaInsertRequest
{
Date = DateTime.Today,
KorisnikId = korisnik.Id,
VrijemeDolaska = DateTime.Now.TimeOfDay
};
prisutnostClana = await _service.Insert <Model.PrisutnostClana>(insertRequest);
if (prisutnostClana != null)
{
MessageBox.Show("Uspjesno dodan clan na listu prisutnih!");
}
}
else
{
prisutnostClana = new Model.PrisutnostClana
{
Id = result[0].Id,
KorisnikId = result[0].KorisnikId,
VrijemeDolaska = result[0].VrijemeDolaska,
VrijemeOdlaska = DateTime.Now.TimeOfDay
};
Model.PrisutnostClana entity;
entity = await _service.Update <Model.PrisutnostClana>(result[0].Id, prisutnostClana);
if (entity != null)
{
MessageBox.Show("Uspjesno ste uklonili clana sa liste prisutnih!");
}
}
await LoadPrisutne();
}
private async void btnSacuvaj_Click(object sender, EventArgs e)
{
if (this.ValidateChildren())
{
var roleList = clbRole.CheckedItems.Cast <Model.Uloga>().Select(x => x.UlogaId).ToList();
var request = new KorisnikInsertRequest
{
Email = txtEmail.Text,
Ime = txtIme.Text,
KorisnickoIme = txtKorisnickoIme.Text,
Password = txtPassword.Text,
PasswordPotvrda = txtPassPotvrda.Text,
Prezime = txtPrezime.Text,
Telefon = txtTelefon.Text,
Uloge = roleList
};
Model.Korisnik entity = null;
if (!_id.HasValue)
{
try
{
await _service.Insert <Model.Korisnik>(request);
MessageBox.Show("Uspješno sačuvani podaci");
this.Close();
}
catch (Exception)
{
DialogResult r = MessageBox.Show("Nemate pravo pristupa");
if (r == DialogResult.OK)
{
this.Close();
}
}
}
else
{
try
{
await _service.Update <Model.Korisnik>(_id.Value, request);
MessageBox.Show("Uspješno sačuvani podaci");
this.Close();
}
catch (Exception)
{
DialogResult r = MessageBox.Show("Nemate pravo pristupa");
if (r == DialogResult.OK)
{
this.Close();
}
}
}
if (entity != null)
{
MessageBox.Show("Uspješno izvršeno");
}
}
else
{
MessageBox.Show("Operacija nije uspjela");
this.Close();
}
}
public async void ExecuteAsync()
{
Model.Korisnik result = null;
try
{
result = await _auth.Auth <Model.Korisnik>(Email, Password);
}
catch (Exception e)
{
IsDialogOpen = true;
DialogText = e.Message;
}
if (result != null)
{
if (!result.Token.Equals(""))
{
APIService.Session.JWT = result.Token;
var jwt = APIService.Session.JWT;
var handler = new JwtSecurityTokenHandler();
var jsonToken = handler.ReadJwtToken(jwt);
if (jsonToken.ValidTo.ToLocalTime().CompareTo(DateTime.Now.ToLocalTime()) < 1)
{
APIService.Session.JWT = "";
APIService.Session.Role = null;
return;
}
APIService.Session.BibliotekaNaziv = result.BibliotekaNaziv;
APIService.Session.ImePrezime = result.Ime + " " + result.Prezime;
APIService.Session.Slika = result.Slika;
APIService.Session.Role = new List <string>();
foreach (var claim in jsonToken.Claims)
{
if (claim.Type.Equals("role"))
{
APIService.Session.Role.Add(claim.Value);
}
}
if (APIService.Session.Role.Contains("Korisnik"))
{
IsDialogOpen = true;
DialogText = "Niste authentificirani";
return;
}
if (RememberMe)
{
Properties.Settings.Default.Element2 = EncryptionHelper.Encrypt(Password);
Properties.Settings.Default.RememberMe = true;
Properties.Settings.Default.Element1 = EncryptionHelper.Encrypt(Email);
Properties.Settings.Default.Save();
}
var mv = new MainWindow();
mv.Show();
Application.Current.MainWindow.Close();
}
}
}
public void SetCurrentUser(Model.Korisnik user)
{
_currentUser = user;
}
async Task Login()
{
IsBusy = true;
APIService.Username = KorisnickoIme;
APIService.Password = Lozinka;
Model.Korisnik k = new Model.Korisnik();
var username = APIService.Username;
try
{
await _service.Get <dynamic>(null);
if (string.IsNullOrWhiteSpace(this._korisnickoIme))
{
await Application.Current.MainPage.DisplayAlert("Greška", "Morate upisati korisničko ime!", "OK");
}
if (string.IsNullOrWhiteSpace(this._lozinka))
{
await Application.Current.MainPage.DisplayAlert("Greška", "Morate upisati lozinku!", "OK");
}
Pacijent pacijent = null;
List <Pacijent> lista = await _servicePacijent.Get <List <Pacijent> >(null);
foreach (var item in lista)
{
if (item.KorisnickoIme == KorisnickoIme)
{
pacijent = item;
break;
}
}
if (pacijent != null)
{
var newHash = GenerateHash(pacijent.PasswordSalt, _lozinka);
if (newHash == pacijent.PasswordHash)
{
Application.Current.MainPage = new MainPage();
}
else
{
await Application.Current.MainPage.DisplayAlert("Greška", "Niste autentificirani", "OK");
}
}
else
{
Korisnik korisnik = null;
List <Korisnik> listaKorisnika = await _service.Get <List <Korisnik> >(null);
foreach (var item in listaKorisnika)
{
if (item.KorisnickoIme == KorisnickoIme)
{
korisnik = item;
break;
}
}
if (korisnik != null)
{
var newHash = GenerateHash(korisnik.PasswordSalt, _lozinka);
if (newHash == korisnik.PasswordHash)
{
Application.Current.MainPage = new MainPageAdmin();
}
else
{
await Application.Current.MainPage.DisplayAlert("Greška", "Niste autentificirani", "OK");
}
}
}
}
catch (Exception ex)
{
}
finally
{
IsBusy = false;
}
}
public Model.Korisnik Insert(KorisnikInsertRequest request)
{
var getAll = _context.Korisnici.ToList();
foreach (var k in getAll)
{
if (k.KorisnickoIme == request.KorisnickoIme)
{
throw new UserException("Korisničko ime već postoji!");
}
if (k.Email == request.Email)
{
throw new UserException("Već postoji profil registrovan na " + request.Email);
}
}
var entity = _mapper.Map <Database.Korisnik>(request);
if (request.Password != request.PasswordConfirmation)
{
throw new UserException("Passwordi se ne slazu");
}
entity.LozinkaSalt = GenerateSalt();
entity.LozinkaHash = GenerateHash(entity.LozinkaSalt, request.Password);
entity.IsVozac = false;
_context.Korisnici.Add(entity);
_context.SaveChanges();
if (request.Uloge.Count != 0)
{
foreach (var uloga in request.Uloge)
{
entity.KorisniciUloge.Add(new Database.KorisniciUloge
{
KorisnikId = entity.KorisnikID,
DatumIzmjene = DateTime.Now,
UlogaId = uloga
});
}
}
_context.SaveChanges();
var model = new Model.Korisnik
{
KorisnikID = entity.KorisnikID,
BrojTelefona = entity.BrojTelefona,
DatumRodjenja = entity.DatumRodjenja,
Email = entity.Email,
GradID = entity.GradID,
Ime = entity.Ime,
IsVozac = entity.IsVozac,
KorisnickoIme = entity.KorisnickoIme,
Prezime = entity.Prezime,
Slika = entity.Slika
};
model.KorisniciUloge = new List <Model.KorisniciUloge>();
foreach (var item in entity.KorisniciUloge)
{
model.KorisniciUloge.Add(new Model.KorisniciUloge
{
DatumIzmjene = item.DatumIzmjene,
KorisnikId = item.KorisnikId,
KorisnikUlogaId = item.KorisnikUlogaId,
UlogaId = item.UlogaId
});
}
return(model);
}
