public async Task <IActionResult> Register([FromBody] UserResultDto userResultDto)
{
// map dto to entity
var user = _mapper.Map <UserModel>(userResultDto);
try
{
IActionResult response = Unauthorized();
// save
var userSave = await _userService.Create(user, userResultDto.Password);
var tokenString = _userService.GenerateJWTToken(user);
response = Ok(new
{
Id = user.Id,
Email = user.UserEmail,
Role = user.UserRole,
Token = tokenString
});
return(response);
}
catch (Exception ex)
{
// return error message if there was an exception
return(BadRequest(new { message = ex.Message }));
}
}
public async Task <IActionResult> Authenticate([FromBody] UserResultDto userResultDto)
{
try
{
IActionResult response = Unauthorized();
var user = await _userService.Authenticate(userResultDto.UserEmail, userResultDto.Password);
if (user == null)
{
return(BadRequest(new { message = "Email or password is incorrect" }));
}
var tokenString = _userService.GenerateJWTToken(user);
response = Ok(new
{
Id = user.Id,
Email = user.UserEmail,
Role = user.UserRole,
Token = tokenString
});
return(response);
}
catch (Exception ex)
{
return(BadRequest(ex.Message));
}
}
public IActionResult GetUserClaims()
{
var identityClaims = (ClaimsIdentity)User.Identity;
IEnumerable <Claim> claims = identityClaims.Claims;
UserResultDto model = new UserResultDto()
{
Email = identityClaims.FindFirst("Email").Value,
FirstName = identityClaims.FindFirst("FirstName").Value,
LastName = identityClaims.FindFirst("LastName").Value
};
return(Ok(model));
}
//problem 08
public static string GetUsersWithProducts(ProductShopContext context)
{
var users = context
.Users
.Where(u => u.ProductsSold.Count > 0)
.OrderByDescending(u => u.ProductsSold.Count)
.Select(u => new UserDto
{
FirstName = u.FirstName,
LastName = u.LastName,
Age = u.Age,
SoldProducts = new CountAndProductsDto
{
Count = u.ProductsSold.Count,
Products = u.ProductsSold.Select(ps => new SoldProductDto
{
Name = ps.Name,
Price = ps.Price,
})
.OrderByDescending(p => p.Price)
.ToArray()
}
})
.Take(10)
.ToArray();
UserResultDto result = new UserResultDto()
{
Count = context.Users.Count(u => u.ProductsSold.Any()),
ResultUserDto = users,
};
XmlSerializer serializer = new XmlSerializer(typeof(UserResultDto),
new XmlRootAttribute("Users"));
var namespaces = new XmlSerializerNamespaces();
namespaces.Add("", "");
var sb = new StringBuilder();
using (var writer = new StringWriter(sb))
{
serializer.Serialize(writer, result, namespaces);
}
return(sb.ToString().TrimEnd());
}
public static UserResultDto Authorize(string userName, string passwordHash)
{
var result = new UserResultDto();
using (var connection = DbContext.SimpleDbConnection())
{
var query = "SELECT * FROM Users u inner join UsersPasswords p on p.UserId = u.UserId where u.UserName = @username and p.PasswordHash = @passwordhash LIMIT 1";
var any = connection.Query <UserDto>(query, new { username = userName, passwordhash = passwordHash }).AsList();
if (any.Count == 0)
{
result.SetStatus(BSRBankingDataContract.Enums.eOperationStatus.AccessDenied);
}
else
{
result.SetSuccess(any.FirstOrDefault());
}
return(result);
}
}
public UserResultDto AuthenticateUser(string userName, string passwordHash)
{
var result = new UserResultDto();
try
{
var user = Authorization.Authorize(userName, passwordHash);
if (user.Success())
{
result.SetSuccess(user.Data);
}
else
{
result.SetErrors(user.Result.ExceptionMessage);
}
}
catch (Exception ex)
{
result.SetErrors(ex);
}
return(result);
}
