public async Task <IActionResult> Promote([FromBody] UserPromoteRequest promote) { // This method can be executed by any registered user if there is NO admin account. // This should only be used during setup. // Otherwise, only admins can promote other users to admin if (!User.IsInRole(UserRoles.Admin)) { var admins = await userManager.GetUsersInRoleAsync(UserRoles.Admin); if (admins.Count != 0) { return(Unauthorized(responseFactory.Error("Only admins can promote users"))); } } var user = await userManager.FindByNameAsync(promote.Username); if (user == null) { return(BadRequest(responseFactory.Error("User does not exist!"))); } if (!await roleManager.RoleExistsAsync(UserRoles.Admin)) { await roleManager.CreateAsync(new IdentityRole(UserRoles.Admin)); } var result = await userManager.AddToRoleAsync(user, UserRoles.Admin); if (!result.Succeeded) { return(StatusCode(StatusCodes.Status500InternalServerError, responseFactory.Error("Failed to assign admin role!", result.ToString()))); } // Generate new token with updated credentials JwtSecurityToken token = await GenerateAuthToken(user); return(Ok(responseFactory.Success(new AuthResponse() { Token = new JwtSecurityTokenHandler().WriteToken(token), ValidTo = token.ValidTo }))); }
public async Task <(ApiResponse <AuthResponse>, HttpResponseMessage)> Promote(UserPromoteRequest promote) { using var scope = serviceProvider.CreateScope(); var backend = scope.ServiceProvider.GetRequiredService <BackendService>(); var(result, httpResponse) = await backend.AuthPromote(promote); await UpdateToken(scope, result, httpResponse); return(result, httpResponse); }