public ActionResult Delete(Trainning entity) { var userId = User.Identity.Name; try { // TODO: Add disable logic here if (CheckDelete(entity)) { dbContext.Trainnings.DeleteOne(m => m.Id == entity.Id); #region Activities var activity = new TrackingUser { UserId = userId, Function = "Đào tạo", Action = Constants.Action.Delete, Value = entity.Name, Content = entity.Name + Constants.Flag + entity.Type }; dbContext.TrackingUsers.InsertOne(activity); #endregion return(Json(new { entity, result = true, message = "Xóa thành công." })); } else { return(Json(new { entity, result = false, message = entity.Name + " chỉnh sửa bởi người khác." })); } } catch (Exception ex) { return(Json(new { entity, result = false, message = ex.Message })); } }
public async Task <IActionResult> Edit(int id, [Bind("UserId,UserName,Password,Nume,Prenume,Rol,IsEnable")] TrackingUser trackingUser) { if (id != trackingUser.UserId) { return(NotFound()); } if (ModelState.IsValid) { try { _context.Update(trackingUser); await _context.SaveChangesAsync(); } catch (DbUpdateConcurrencyException) { if (!TrackingUserExists(trackingUser.UserId)) { return(NotFound()); } else { throw; } } return(RedirectToAction(nameof(Index))); } return(View(trackingUser)); }
public ActionResult Create(Trainning entity) { var userId = User.Identity.Name; try { if (CheckExist(entity)) { dbContext.Trainnings.InsertOne(entity); #region Activities var activity = new TrackingUser { UserId = userId, Function = "Đào tạo", Action = Constants.Action.Create, Value = entity.Alias, Content = entity.Alias + Constants.Flag + entity.Type }; dbContext.TrackingUsers.InsertOne(activity); #endregion return(Json(new { entity, result = true, message = "Tạo mới thành công." })); } else { return(Json(new { entity, result = false, message = entity.Name + " đã tồn tại. Đặt tên khác hoặc liên hệ IT hỗ trợ." })); } } catch (Exception ex) { return(Json(new { entity, result = false, message = ex.Message })); } }
public async Task <IActionResult> Create([Bind("UserId,UserName,Password,Nume,Prenume,Rol,IsEnable")] TrackingUser trackingUser) { if (ModelState.IsValid) { _context.Add(trackingUser); await _context.SaveChangesAsync(); return(RedirectToAction(nameof(Index))); } return(View(trackingUser)); }
/// <summary> /// Add a user to the database, providing at least an e-mail address. Name is mandatory. /// </summary> /// <param name="user"></param> public void Add(TrackingUser user) { if (user == null || (string.IsNullOrWhiteSpace(user.Username) && string.IsNullOrWhiteSpace(user.Email))) { throw new ArgumentException("The user must contain a username or at least a valid e-mail address"); } if (string.IsNullOrWhiteSpace(user.Username)) { user.Username = user.Email; } _dataStore.Save(user); }
/// <summary> /// Add a user to the database, providing at least an e-mail address. Name is mandatory. /// </summary> /// <param name="username"></param> /// <param name="password"></param> /// <param name="salt"></param> /// <param name="email"></param> /// <param name="name"></param> /// <returns></returns> public TrackingUser Add(string username, byte[] password, byte[] salt, string email = null, string name = null) { if (string.IsNullOrWhiteSpace(username)) { throw new ArgumentException("The user must contain at least a username, password and salt."); } var user = new TrackingUser(username, password, salt) { Email = email, Name = name, }; _dataStore.Save(user); return(user); }
public async Task <IActionResult> Register([FromBody] RegistrationDto user) { if (!ModelState.IsValid) { return(BadRequest(new AuthResult() { Success = false, Errors = new List <string>() { "Invalid payload." } })); } var userExists = await _userManager.FindByEmailAsync(user.Email); if (userExists is not null) { return(BadRequest(new AuthResult() { Success = false, Errors = new List <string>() { "Email already exists." } })); } var newUser = new TrackingUser() { Email = user.Email, UserName = user.Name }; var createResult = await _userManager.CreateAsync(newUser, user.Password); if (createResult.Succeeded) { var jwtToken = await GenerateJwtTokenAsync(newUser, null, null); return(Ok(jwtToken)); } return(BadRequest(new AuthResult() { Success = false, Errors = createResult.Errors.Select(x => x.Description).ToList() })); }
/// <summary> /// Generates JWT token and creates a refresh token for it. /// </summary> /// <remarks>If you're creating a new token (ie. at login), leave <paramref name="oldRefreshToken"/> and <paramref name="oldJti"/> null. Otherwise you must to provide /// the old token.</remarks> /// <param name="oldRefreshToken">If null, new refresh token will be created. Provide the old token only if you're refreshing a token.</param> /// <param name="oldJti">If null, new JTI will be created. Provide the old JTI only if you're refreshing a token.</param> private async Task <AuthResult> GenerateJwtTokenAsync(TrackingUser user, string oldRefreshToken, string oldJti) { var jwtTokenHandler = new JwtSecurityTokenHandler(); var signingKey = Encoding.ASCII.GetBytes(_jwtConfig.SigningKey); var signingCreds = new SigningCredentials( new SymmetricSecurityKey(signingKey), SecurityAlgorithms.HmacSha512Signature ); var encryptionKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(_jwtConfig.Secret)); var encryptionCreds = new EncryptingCredentials( encryptionKey, SecurityAlgorithms.Aes256KeyWrap, SecurityAlgorithms.Aes256CbcHmacSha512 ); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new[] {
public TrackingUser Add(string username, string password, string email = null, string name = null) { if (string.IsNullOrWhiteSpace(username)) { throw new ArgumentException("The user must contain at least a username, password and salt."); } var salt = Encoding.UTF8.GetBytes(Guid.NewGuid().ToString()); var hashPassword = _passwordManager.HashPassword(password, salt); var user = new TrackingUser(username, hashPassword, salt) { Email = email, Name = name, }; _dataStore.Save(user); return(user); }
public ActionResult Active(Trainning entity) { var userId = User.Identity.Name; try { // TODO: Add disable logic here if (CheckActive(entity)) { var filter = Builders <Trainning> .Filter.Eq(d => d.Id, entity.Id); var update = Builders <Trainning> .Update .Set(c => c.Enable, true); dbContext.Trainnings.UpdateOne(filter, update); #region Activities var activity = new TrackingUser { UserId = userId, Function = "Đào tạo", Action = Constants.Action.Active, Value = entity.Name, Content = entity.Name + Constants.Flag + entity.Type }; dbContext.TrackingUsers.InsertOne(activity); #endregion return(Json(new { entity, result = true, message = entity.Name + " khôi phục thành công." })); } else { return(Json(new { entity, result = false, message = entity.Name + " đã tồn tại." })); } } catch (Exception ex) { return(Json(new { entity, result = false, message = ex.Message })); } }
public ActionResult Edit(Trainning entity) { var userId = User.Identity.Name; try { if (CheckUpdate(entity)) { entity.Timestamp = DateTime.Now.ToString("yyyyMMddHHmmssfff"); dbContext.Trainnings.ReplaceOne(m => m.Id == entity.Id, entity); #region Activities var activity = new TrackingUser { UserId = userId, Function = "Đào tạo", Action = Constants.Action.Edit, Value = entity.Name, Content = entity.Name + Constants.Flag + entity.Type, }; dbContext.TrackingUsers.InsertOne(activity); #endregion return(Json(new { entity, result = true, message = "Cập nhật thành công." })); //return RedirectToAction("Index", "Trainning"); } else { return(Json(new { entity, result = false, message = entity.Name + " đã thay đổi nội dung bởi 1 người khác. Tải lại trang hoặc thoát." })); } } catch (Exception ex) { return(Json(new { entity, result = false, message = ex.Message })); } }
public void TestSaveLoadDelete() { const string connectionString = "mongodb://localhost"; var client = new MongoClient(connectionString); var server = client.GetServer(); var database = server.GetDatabase("test"); var dataStore = new MongoDataStore(database); var name1 = Guid.NewGuid().ToString(); var name2 = Guid.NewGuid().ToString(); var user = new TrackingUser { Name = name1, Email = "*****@*****.**" }; dataStore.Save(user); var loadedUser = dataStore.Query <TrackingUser>().FirstOrDefault(x => x.Name == name1); Assert.That(loadedUser != null && user.Name.Equals(loadedUser.Name)); user.Name = name2; user.Email = "*****@*****.**"; dataStore.Save(user); loadedUser = dataStore.Query <TrackingUser>().FirstOrDefault(x => x.Name == name1); Assert.That(loadedUser == null); loadedUser = dataStore.Query <TrackingUser>().FirstOrDefault(x => x.Name == name2); Assert.That(loadedUser != null && user.Name.Equals(loadedUser.Name)); dataStore.Delete <TrackingUser>(loadedUser.Id); loadedUser = dataStore.Query <TrackingUser>().FirstOrDefault(x => x.Name == name2); Assert.That(loadedUser == null); }
public UserModule(IDataStore dataStore, TrackingUsers trackingUsers, ErrorCodes errorCodes, PasswordManager passwordManager) : base("/user", dataStore, trackingUsers, errorCodes) { _trackingUsers = trackingUsers; _passwordManager = passwordManager; Get["/{page?}/{take?}"] = parameters => { int page; int take; page = int.TryParse(parameters.Page, out page) ? page : 0; take = int.TryParse(parameters.Take, out take) ? take : 10; var currentUser = Context.CurrentUser as UserIdentity; if (currentUser == null) { return(HttpStatusCode.Unauthorized); } this.RequiresClaims(new[] { "Admin" }); var users = _trackingUsers.Query().Skip(page * take).Take(take).ToList(); return(currentUser.Claims.All(x => x != "Admin") ? HttpStatusCode.Unauthorized : Response.AsJson(users)); }; Get["/{userId}"] = parameters => { var currentUser = Context.CurrentUser as UserIdentity; if (currentUser == null || currentUser.AccessToken == null || string.IsNullOrWhiteSpace(currentUser.AccessToken.Token)) { return(HttpStatusCode.Unauthorized); } string userId = parameters.UserId; var accessToken = currentUser.AccessToken; this.RequiresClaims(new[] { "Admin" }); var user = _trackingUsers.Get(userId); if (currentUser.Claims.All(x => x != "Admin")) { if (user == null || user.AccessToken == null || user.AccessToken.Token != accessToken.Token) { return(HttpStatusCode.Unauthorized); } } return(user == null ? (dynamic) new BasicResponseModel((int)HttpStatusCode.NotFound, "User not found!") : Response.AsJson(user)); }; Get["/availability/{username}"] = parameters => { string username = parameters.Username; var user = _trackingUsers.Query().FirstOrDefault(x => x.Username == username); var response = user == null ? new BasicResponseModel(0, "") : new BasicResponseModel(0, "User already exists!"); return(Response.AsJson(response)); }; Get["/availability/email/{email}"] = parameters => { string email = parameters.Email; var user = _trackingUsers.Query().FirstOrDefault(x => x.Email == email); var response = user == null ? new BasicResponseModel(0, "") : new BasicResponseModel(0, "Email is already registered!"); return(Response.AsJson(response)); }; Post["/"] = _ => { var model = this.Bind <UserModel>(); if (model == null) { return(ErrorResponse(HttpStatusCode.BadRequest, "Unknown request. Please provide a username and password.")); } var existingUser = _trackingUsers.Query().FirstOrDefault(x => x.Username == model.Username); if (existingUser != null) { return(ErrorResponse(HttpStatusCode.Conflict, "Username already exists!")); } existingUser = _trackingUsers.Query().FirstOrDefault(x => x.Email == model.Email); if (existingUser != null) { return(ErrorResponse(HttpStatusCode.Conflict, "E-mail is already registered!")); } var salt = Encoding.UTF8.GetBytes(Guid.NewGuid().ToString()); var hashPassword = _passwordManager.HashPassword(model.Password, salt); var user = new TrackingUser(model.Username, hashPassword, salt) { Name = model.Name, Email = model.Email, }; _trackingUsers.Add(user); return(Response.AsJson(new UserModel(user), HttpStatusCode.Created)); }; Delete["/{id}"] = parameters => { string id = parameters.Id; var currentUser = Context.CurrentUser as UserIdentity; if (currentUser == null) { return(HttpStatusCode.Unauthorized); } var accessToken = currentUser.AccessToken; this.RequiresClaims(new[] { "Admin" }); var user = _trackingUsers.Get(id); if (currentUser.Claims.All(x => x != "Admin")) { if (user.AccessToken == null || user.AccessToken.Token != accessToken.Token) { return(HttpStatusCode.Unauthorized); } } if (user == null) { return(HttpStatusCode.NotFound); } _trackingUsers.Delete(id); return(HttpStatusCode.OK); }; }
/// <summary> /// Delete the provided entity from the database. /// </summary> /// <param name="user"></param> public void Delete(TrackingUser user) { _dataStore.Delete(user); }
/// <summary> /// Update the database with the provided user entity. /// </summary> /// <param name="user"></param> public void Update(TrackingUser user) { _dataStore.Save(user); }
public UserModel(TrackingUser user) { Username = user.Username; }