private async Task <User> UpdatePassword(User SelectedUser)
{
/// find the current user details from the database
User userDetails = AppDbContext.Users.Find(SelectedUser.Id);
if (userDetails == null)
{
AppFunc.Error(ref ErrorsList, _localizer["User not found."].Value);
return(null);
}
/// generate new password reset token
string passResetToken = await _UserManager.GeneratePasswordResetTokenAsync(userDetails).ConfigureAwait(false);
/// reset user's password
IdentityResult result = await _UserManager.ResetPasswordAsync(
userDetails, passResetToken, SelectedUser.PasswordHash).ConfigureAwait(false);
/// if result is Failed
if (!result.Succeeded)
{
foreach (var item in result.Errors)
{
ErrorsList.Add(new Error(item.Code, item.Description));
}
return(null);
}
/// else the result is a success.
return(userDetails);
}
//[Authorize(AppConst.AccessPolicies.Secret)] /// First Level Test Pass
public async Task <IActionResult> PostUser([FromBody] User newUser)
{
try
{
//if (string.IsNullOrWhiteSpace(newUser.TempPassword))
// newUser.TempPassword = AppFunc.PasswordGenerator();
/// find the selected role object of the user
newUser.Role = await AppDbContext.Roles.AsTracking()
.SingleOrDefaultAsync(r => r.Id == newUser.Role.Id).ConfigureAwait(false);
IActionResult result = await CreateUser(newUser).ConfigureAwait(false);
//if (isUserCreated)
//{
// await EmailService
// .NewEmployeePasswordAsync(newUser, DateTime.UtcNow.AddYears(2))
// .ConfigureAwait(false);
//}
newUser.TempPassword = string.Empty;
return(result);
}
catch (Exception) // DbUpdateException, DbUpdateConcurrencyException
{
/// Add the error below to the error list and return bad request
AppFunc.Error(ref ErrorsList, AppConst.CommonErrors.ServerError);
return(StatusCode(417, ErrorsList));
}
}
public async Task <IActionResult> PostPatient([FromBody] User newCustomer)
{
try
{
newCustomer.Role = await AppDbContext.Roles
.SingleOrDefaultAsync(r => r.AccessClaim == AccessClaims.Patient.ToString())
.ConfigureAwait(false);
IActionResult result = await CreateUser(newCustomer).ConfigureAwait(false);
if (!isUserCreated)
{
return(StatusCode(412, ErrorsList));
}
newCustomer.TempPassword = string.Empty;
//await EmailService
// .EmailConfirmationAsync(newCustomer, DateTime.UtcNow.AddYears(2))
// .ConfigureAwait(false);
await _SignInManager.SignInAsync(newCustomer, false).ConfigureAwait(false);
return(Created("", newCustomer));
}
catch (Exception) // DbUpdateException, DbUpdateConcurrencyException
{
/// Add the error below to the error list and return bad request
AppFunc.Error(ref ErrorsList, AppConst.CommonErrors.ServerError);
return(StatusCode(417, ErrorsList));
}
}
//[Authorize(oAppConst.AccessPolicies.LevelOne)] /// Ready For Test
public async Task <IActionResult> NewCustomer([FromBody] User newUser)
{
try
{
newUser.Role = await _DbContext.Roles.AsTracking()
.FirstOrDefaultAsync(r => r.AccessClaim.Equals(CoreConst.AccessClaims.Customer))
.ConfigureAwait(false);
IActionResult result = await CreateUser(newUser).ConfigureAwait(false);
if (isUserCreated)
{
//await EmailService
// .EmailConfirmationAsync(newUser, DateTime.UtcNow.AddYears(2))
// .ConfigureAwait(false);
await _AuthManager.SignInAsync(newUser, false).ConfigureAwait(false);
}
else
{
return(result);
}
newUser.TempPassword = string.Empty;
return(Created("", newUser));
}
catch (Exception ee) // DbUpdateException, DbUpdateConcurrencyException
{
/// Add the error below to the error list and return bad request
AppFunc.Error(ref ErrorsList, AppConst.CommonErrors.ServerError);
return(StatusCode(417, ErrorsList));
}
}
public async Task <IActionResult> Silent()
{
try
{
int.TryParse(User.Claims
.FirstOrDefault(c => c.Type == "UserId")?.Value, out int userId);
User user = await _DbContext.Users
.Include(u => u.Role)
.FirstOrDefaultAsync(u => u.Id == userId)
.ConfigureAwait(false);
if (user == null)
{
return(Unauthorized());
}
else
{
return(Ok(user));
}
}
catch (Exception)
{
/// Add the error below to the error list and return bad request
AppFunc.Error(ref ErrorsList, CoreConst.CommonErrors.ServerError);
return(StatusCode(417, ErrorsList));
}
}
//[Authorize(AppConst.AccessPolicies.Secret)] /// Done
public async Task <IActionResult> Delete([FromBody] Role role)
{
try
{
/// if the Category record with the same id is not found
if (!await AppDbContext.Roles.AnyAsync(d => d.Id == role.Id).ConfigureAwait(false))
{
AppFunc.Error(ref ErrorsList, _localizer["Role not found."].Value);
return(NotFound(ErrorsList));
}
/// If the category is in use by any product then do not allow delete
if (await AppDbContext.Users.AnyAsync(c => c.Role.Id == role.Id).ConfigureAwait(false))
{
AppFunc.Error(ref ErrorsList, _localizer["Failed. Role is in use by at least one user."].Value);
return(StatusCode(412, ErrorsList));
}
/// else the role is found
/// now delete the role record
AppDbContext.Roles.Remove(role);
/// save the changes to the database
await AppDbContext.SaveChangesAsync().ConfigureAwait(false);
/// return 200 OK status
return(Ok(String.Format(_localizer["{0} was deleted"].Value, role.Name)));
}
catch (Exception)
{
/// Add the error below to the error list
AppFunc.Error(ref ErrorsList, AppConst.CommonErrors.ServerError);
return(StatusCode(417, ErrorsList));
}
}
[HttpPut("put/{userId}/{lockoutEnabled}")] /// Ready For Test
public async Task <IActionResult> Put(int userId, bool lockoutEnabled)
{
try
{
/// if the user with the same id is not found
User user = await AppDbContext.Users.FindAsync(userId).ConfigureAwait(false);
if (user == null)
{
AppFunc.Error(ref ErrorsList, _localizer["User not found."].Value);
return(StatusCode(412, ErrorsList));
}
user.LockoutEnabled = lockoutEnabled;
/// update user in the context
AppDbContext.Users.Update(user);
/// save the changes to the database
await AppDbContext.SaveChangesAsync().ConfigureAwait(false);
/// thus return 200 ok status with the updated object
return(Ok(user));
}
catch (Exception) // DbUpdateException, DbUpdateConcurrencyException
{
/// Add the error below to the error list and return bad request
AppFunc.Error(ref ErrorsList, AppConst.CommonErrors.ServerError);
return(StatusCode(417, ErrorsList));
}
}
//[Authorize(AppConst.AccessPolicies.Secret)] /// Ready For Test
public async Task <IActionResult> Delete([FromBody] User thisUser)
{
try
{
/// if the User record with the same id is not found
if (!AppDbContext.Users.Any(u => u.Id == thisUser.Id))
{
AppFunc.Error(ref ErrorsList, _localizer["User not found."].Value);
return(StatusCode(412, ErrorsList));
}
/// else the User is found
/// now delete the user record
AppDbContext.Users.Remove(AppDbContext.Users.Find(thisUser.Id));
/// save the changes to the database
await AppDbContext.SaveChangesAsync().ConfigureAwait(false);
/// return 200 OK status
return(Ok(String.Format(_localizer["User ({0}) was deleted"].Value, thisUser.UserName)));
}
catch (Exception)
{
/// Add the error below to the error list and return bad request
AppFunc.Error(ref ErrorsList, AppConst.CommonErrors.ServerError);
return(StatusCode(417, ErrorsList));
}
}
public async Task <IActionResult> ExternalLogin([FromBody] Core.CSharp.Models.ExternalLoginInfo externalLoginInfo)
{
try
{
if (!TryValidateModel(externalLoginInfo))
{
AppFunc.ExtractErrors(ModelState, ref ErrorsList);
return(UnprocessableEntity(ErrorsList));
}
User returnedUser = new User();
switch (externalLoginInfo.Type)
{
case CoreConst.RegistrationTypes.Google:
returnedUser = await GetGoogleUserInfo(externalLoginInfo).ConfigureAwait(false);
break;
case CoreConst.RegistrationTypes.Facebook:
returnedUser = await GetFacebookUserInfo(externalLoginInfo).ConfigureAwait(false);
break;
case CoreConst.RegistrationTypes.Github:
returnedUser = await GetGithubUserInfo(externalLoginInfo).ConfigureAwait(false);
break;
}
// Try to retrieve the user information from App database
User newUser = await _DbContext.Users
.Include(u => u.Role)
.Include(u => u.RegistrationMethod)
.SingleOrDefaultAsync(u => u.RegistrationMethod.Type == externalLoginInfo.Type && u.RegistrationMethod.ExternalLinkedId == returnedUser.RegistrationMethod.ExternalLinkedId)
.ConfigureAwait(false);
// if the user is already registered
if (newUser != null)
{
// sign the user in without any password
await _AuthManager.SignInAsync(newUser, externalLoginInfo.RememberMe).ConfigureAwait(false);
var test = User;
return(Ok(newUser));
}
// else if the user is not registered
// else return 206 partial content
return(StatusCode(206, returnedUser));
}
catch (Exception ee)
{
AppFunc.Error(ref ErrorsList, AppConst.CommonErrors.ServerError);
return(StatusCode(417, ErrorsList));
}
}
public async Task <IActionResult> PutPasswordToken([FromBody] dynamic tokenPassword)
{
try
{
string passwordString = tokenPassword.password;
string tokenString = tokenPassword.token;
Token token = await AppDbContext.Tokens
.Include(t => t.User)
.ThenInclude(u => u.Role)
.SingleOrDefaultAsync(t => t.Value.Equals(tokenString))
.ConfigureAwait(false);
if (token == null)
{
/// Add the error below to the error list and return bad request
AppFunc.Error(ref ErrorsList, _localizer["Token Not Found."].Value);
return(StatusCode(417, ErrorsList));
}
if (token.ExpiaryDateTime < DateTime.UtcNow)
{
/// Add the error below to the error list and return bad request
AppFunc.Error(ref ErrorsList, _localizer["Token Expired."].Value);
return(StatusCode(417, ErrorsList));
}
token.User.PasswordHash = passwordString;
User result = await UpdatePassword(token.User).ConfigureAwait(false);
if (result == null)
{
return(StatusCode(412, ErrorsList));
}
result.Role = token.User.Role;
token.User = null;
AppDbContext.Entry(token).State = EntityState.Deleted;
await AppDbContext.SaveChangesAsync().ConfigureAwait(false);
await _SignInManager.SignInAsync(result, false).ConfigureAwait(false);
return(Ok(result));
}
catch (Exception) // DbUpdateException, DbUpdateConcurrencyException
{
/// Add the error below to the error list and return bad request
AppFunc.Error(ref ErrorsList, AppConst.CommonErrors.ServerError);
return(StatusCode(417, ErrorsList));
}
}
// [Authorize(AppConst.AccessPolicies.Secret)] /// Done
public async Task <IActionResult> Post([FromBody] Role newRole)
{
try
{
int langId = AppFunc.GetLanguageId();
/// if model validation failed
if (!TryValidateModel(newRole))
{
AppFunc.ExtractErrors(ModelState, ref ErrorsList);
/// return Unprocessable Entity with all the errors
return(UnprocessableEntity(ErrorsList));
}
/// check the database to see if a role with the same name exists
if (await AppDbContext.Roles.Include(r => r.RoleTranslates).Select(p => new Role
{
Name = p.RoleTranslates.FirstOrDefault(e => e.LangId == langId).Name,
AccessClaim = p.AccessClaim,
Id = p.Id
}).AnyAsync(d => d.Name.Equals(newRole.Name) && d.AccessClaim.Equals(newRole.AccessClaim)).ConfigureAwait(false))
{
/// extract the errors and return bad request containing the errors
AppFunc.Error(ref ErrorsList, _localizer["Role already exists."].Value);
return(StatusCode(412, ErrorsList));
}
foreach (string lang in AppConst.SupportLanguages)
{
newRole.RoleTranslates.Add(new RoleTranslate()
{
LangId = AppFunc.GetLanguageId(lang), Name = newRole.Name
});
}
/// else role object is made without any errors
/// Add the new role to the EF context
await AppDbContext.Roles.AddAsync(newRole).ConfigureAwait(false);
/// save the changes to the data base
await AppDbContext.SaveChangesAsync().ConfigureAwait(false);
/// return 201 created status with the new object
/// and success message
return(Created(_localizer["Success"].Value, newRole));
}
catch (Exception) // DbUpdateException, DbUpdateConcurrencyException
{
/// Add the error below to the error list and return bad request
AppFunc.Error(ref ErrorsList, AppConst.CommonErrors.ServerError);
return(StatusCode(417, ErrorsList));
}
}
//[Authorize(AppConst.AccessPolicies.Secret)] /// First Level Test Pass
public async Task <IActionResult> Put([FromBody] User modifiedUser)
{
try
{
int langId = AppFunc.GetLanguageId();
/// Try to validate the model
TryValidateModel(modifiedUser);
/// remove the passwordHash and confrimPassword since
/// the password update gets handled by another method in this class
ModelState.Remove("PasswordHash");
if (!ModelState.IsValid)
{
/// extract the errors and return bad request containing the errors
AppFunc.ExtractErrors(ModelState, ref ErrorsList);
return(UnprocessableEntity(ErrorsList));
}
/// if the user record with the same id is not found
if (!AppDbContext.Users.Any(u => u.Id == modifiedUser.Id))
{
AppFunc.Error(ref ErrorsList, _localizer["User not found."].Value);
return(StatusCode(412, ErrorsList));
}
/// find the current user details from the database
User userDetails = AppDbContext.Users.Find(modifiedUser.Id);
userDetails.UserTranslates = await AppDbContext.UserTranslate.AsTracking().Where(ut => ut.User.Id == userDetails.Id)
.ToListAsync().ConfigureAwait(false);
UserTranslate userTranslate = userDetails.UserTranslates.SingleOrDefault(ut => ut.LangId == langId);
/// update the user details with the new details
userTranslate.FirstName = modifiedUser.FirstName;
userTranslate.Surname = modifiedUser.Surname;
userDetails.Email = modifiedUser.Email;
userDetails.PhoneNumber = modifiedUser.PhoneNumber;
userDetails.Role = modifiedUser.Role;
/// thus update user in the context
AppDbContext.Users.Update(userDetails);
/// save the changes to the database
await AppDbContext.SaveChangesAsync().ConfigureAwait(false);
/// thus return 200 ok status with the updated object
return(Ok(userDetails));
}
catch (Exception) // DbUpdateException, DbUpdateConcurrencyException
{
/// Add the error below to the error list and return bad request
AppFunc.Error(ref ErrorsList, AppConst.CommonErrors.ServerError);
return(StatusCode(417, ErrorsList));
}
}
// [Authorize(AppConst.AccessPolicies.Secret)] /// Done
public async Task <IActionResult> Put([FromBody] Role modifiedRole)
{
try
{
int langId = AppFunc.GetLanguageId();
/// if model validation failed
if (!TryValidateModel(modifiedRole))
{
AppFunc.ExtractErrors(ModelState, ref ErrorsList);
/// return Unprocessable Entity with all the errors
return(UnprocessableEntity(ErrorsList));
}
/// check the database to see if a Category with the same name exists
if (await AppDbContext.Roles.Include(r => r.RoleTranslates).Select(p => new Role
{
Name = p.RoleTranslates.FirstOrDefault(e => e.LangId == langId).Name,
AccessClaim = p.AccessClaim,
Id = p.Id
}).AnyAsync(d => d.Name == modifiedRole.Name &&
d.AccessClaim.Equals(modifiedRole.AccessClaim) &&
d.Id != modifiedRole.Id).ConfigureAwait(false))
{
/// extract the errors and return bad request containing the errors
AppFunc.Error(ref ErrorsList, _localizer["Role already exists."].Value);
return(StatusCode(412, ErrorsList));
}
modifiedRole.RoleTranslates = await AppDbContext.RolesTranslate
.Where(rt => rt.Role.Id == modifiedRole.Id).ToListAsync().ConfigureAwait(false);
modifiedRole.RoleTranslates.SingleOrDefault(rt => rt.LangId == langId).Name = modifiedRole.Name;
/// else Role object is made without any errors
/// Update the current Role on EF context
AppDbContext.Roles.Update(modifiedRole);
/// save the changes to the data base
await AppDbContext.SaveChangesAsync().ConfigureAwait(false);
/// return 200 OK (Update) status with the modified object
/// and success message
return(Ok(modifiedRole));
}
catch (Exception) // DbUpdateException, DbUpdateConcurrencyException
{
/// Add the error below to the error list and return bad request
AppFunc.Error(ref ErrorsList, AppConst.CommonErrors.ServerError);
return(StatusCode(417, ErrorsList));
}
}
public async Task <IActionResult> Logout()
{
try
{
/// try to sign-out the user and return ok
await _AuthManager.SignOutAsync().ConfigureAwait(false);
return(Ok(new { isAuthenticated = false }));
}
catch (Exception ee)
{
/// Add the error below to the error list and return bad request
AppFunc.Error(ref ErrorsList, AppConst.CommonErrors.ServerError);
return(StatusCode(417, ErrorsList));
}
}
// [Authorize(AppConst.AccessPolicies.Secret)] /// Done
public async Task <IActionResult> Get(
int selectedPage,
int maxItemsPerPage,
string searchValue = "",
string filterAccessClaim = "",
bool isSortAsce = true,
string sortName = "Role.Name")
{
try
{
int langId = AppFunc.GetLanguageId();
int totalCount = await AppDbContext.Roles.Where(r => filterAccessClaim.Equals(AppConst.GetAllRecords)?true : r.AccessClaim.Equals(filterAccessClaim))
.Include(r => r.RoleTranslates).Select(p => new Role
{
Name = p.RoleTranslates.FirstOrDefault(e => e.LangId == langId).Name,
AccessClaim = p.AccessClaim,
Id = p.Id
})
.CountAsync(r => searchValue.Equals(AppConst.GetAllRecords) ? true : (r.Name.Contains(searchValue)))
.ConfigureAwait(false);
List <Role> list = await AppDbContext.Roles
.Where(r => filterAccessClaim.Equals(AppConst.GetAllRecords)?true : r.AccessClaim.Equals(filterAccessClaim)).Include(r => r.RoleTranslates).Select(p => new Role
{
Name = p.RoleTranslates.FirstOrDefault(e => e.LangId == langId).Name,
AccessClaim = p.AccessClaim,
Id = p.Id
})
.Where(r => searchValue.Equals(AppConst.GetAllRecords) ? true : (r.Name.Contains(searchValue)))
.OrderByDynamic(sortName, isSortAsce)
.Skip((selectedPage - 1) * maxItemsPerPage)
.Take(maxItemsPerPage)
.ToListAsync()
.ConfigureAwait(false);
/// return the list of Roles
return(Ok(new { list, totalCount }));
}
catch (Exception) //ArgumentNullException
{
/// in the case any exceptions return the following error
AppFunc.Error(ref ErrorsList, AppConst.CommonErrors.ServerError);
return(StatusCode(417, ErrorsList));
}
}
// [Authorize(AppConst.AccessPolicies.Secret)] /// Done
public async Task <IActionResult> Get()
{
try
{
int langId = AppFunc.GetLanguageId();
/// return the list of All Roles
return(Ok(await AppDbContext.Roles.Include(r => r.RoleTranslates).Select(p => new Role
{
Name = p.RoleTranslates.FirstOrDefault(e => e.LangId == langId).Name,
AccessClaim = p.AccessClaim,
Id = p.Id
}).ToListAsync().ConfigureAwait(false)));
}
catch (Exception) //ArgumentNullException
{
/// in the case any exceptions return the following error
AppFunc.Error(ref ErrorsList, AppConst.CommonErrors.ServerError);
return(StatusCode(417, ErrorsList));
}
}
[HttpPut("PutMyPassword/{currentPassword}/{password}")] /// Ready For Test
public async Task <IActionResult> PutMyPassword(string currentPassword, string password)
{
try
{
int.TryParse(User.Claims.FirstOrDefault(c => c.Type == "UserId").Value, out int userId);
User user = AppDbContext.Users.Find(userId);
IdentityResult result = await _UserManager.ChangePasswordAsync(user, currentPassword, password);
if (!result.Succeeded)
{
AppFunc.ExtractErrors(result.Errors, ref ErrorsList);
return(StatusCode(412, ErrorsList));
}
return(Ok(result));
}
catch (Exception) // DbUpdateException, DbUpdateConcurrencyException
{
/// Add the error below to the error list and return bad request
AppFunc.Error(ref ErrorsList, AppConst.CommonErrors.ServerError);
return(StatusCode(417, ErrorsList));
}
}
[HttpPost("[action]")] // Login Method
public async Task <IActionResult> Login([FromBody] LoginInfo loginInfo)
{
try
{
/// If email parameter is empty
/// return "unauthorized" response (stop code execution)
if (string.IsNullOrWhiteSpace(loginInfo.Email))
{
/// in the case any exceptions return the following error
AppFunc.Error(ref ErrorsList, "Email is required!");
return(BadRequest(ErrorsList));
}
/// Find the user with the provided email address
User user = await _UserManager.Users.Include(u => u.RegistrationMethod)
.SingleOrDefaultAsync(u => u.Email.EqualCurrentCultureIgnoreCase(loginInfo.Email))
.ConfigureAwait(false);
/// if no user is found on the database
// return "unauthorized" response (stop code execution)
if (user == null)
{
/// in the case any exceptions return the following error
AppFunc.Error(ref ErrorsList, "Email not registered");
return(BadRequest(ErrorsList));
}
/// Check if user's account is locked
if (user.LockoutEnabled)
{
/// get the current lockout end dateTime
var currentLockoutDate =
await _UserManager.GetLockoutEndDateAsync(user).ConfigureAwait(false);
/// if the user's lockout is not expired (stop code execution)
if (user.LockoutEnd > DateTimeOffset.UtcNow)
{
/// in the case any exceptions return the following error
AppFunc.Error(ref ErrorsList, string.Format("Account Locked for {0}"
, AppFunc.CompareWithCurrentTime(user.LockoutEnd)));
return(BadRequest(ErrorsList));
}
/// else lockout time has expired
// disable user lockout
await _UserManager.SetLockoutEnabledAsync(user, false).ConfigureAwait(false);
await _UserManager.ResetAccessFailedCountAsync(user).ConfigureAwait(false);
}
/// else user account is not locked
// Attempt to sign in the user
var SignInResult = await _AuthManager
.PasswordSignInAsync(user,
loginInfo.Password,
loginInfo.RememberMe,
false).ConfigureAwait(false);
/// If password sign-in succeeds
// responded ok 200 status code with
//the user's role attached (stop code execution)
if (!SignInResult.Succeeded)
{
switch (user.RegistrationMethod.Type)
{
case CoreConst.RegistrationTypes.Google:
AppFunc.Error(ref ErrorsList, "Password not set or incorrect. Please Use Google login.");
return(Unauthorized(ErrorsList));
case CoreConst.RegistrationTypes.Facebook:
AppFunc.Error(ref ErrorsList, "Password not set or incorrect. Please Use Facebook login.");
return(Unauthorized(ErrorsList));
case CoreConst.RegistrationTypes.Github:
AppFunc.Error(ref ErrorsList, "Password not set or incorrect. Please Use Github login.");
return(Unauthorized(ErrorsList));
}
/// else login attempt failed
/// increase and update the user's failed login attempt by 1
await _UserManager.AccessFailedAsync(user).ConfigureAwait(false);
/// if failed login attempt is less than/ equal to 5 (stop code execution)
if (user.AccessFailedCount <= 5)
{
/// in the case any exceptions return the following error
AppFunc.Error(ref ErrorsList, "Incorrect Password!");
return(Unauthorized(ErrorsList));
}
/// else user has tried their password more than 15 times
// lock the user and ask them to reset their password
user.LockoutEnabled = true;
user.LockoutEnd = DateTimeOffset.UtcNow.AddMinutes(user.AccessFailedCount);
/// in the case any exceptions return the following error
AppFunc.Error(ref ErrorsList, string.Format("Account Locked for {0}"
, AppFunc.CompareWithCurrentTime(user.LockoutEnd)));
return(Unauthorized(ErrorsList));
}
user.Role = (await _DbContext.Users
.Include(u => u.Role)
.FirstOrDefaultAsync(u => u.Id == user.Id)
.ConfigureAwait(false))
?.Role;
return(Ok(user));
}
catch (Exception ee)
{
/// Add the error below to the error list and return bad request
AppFunc.Error(ref ErrorsList, AppConst.CommonErrors.ServerError);
return(StatusCode(417, ErrorsList));
}
}
/// <summary>
/// Create a new User
/// </summary>
private async Task <IActionResult> CreateUser(User newUser)
{
try
{
newUser.PasswordHash = newUser.TempPassword;
if (newUser.RegistrationMethod.Type != CoreConst.RegistrationTypes.Application)
{
newUser.PasswordHash = CoreFunc.PasswordGenerator(20, 5, 5, 5, 5);
}
ModelState.Clear();
/// if model validation failed
if (!TryValidateModel(newUser))
{
AppFunc.ExtractErrors(ModelState, ref ErrorsList);
/// return bad request with all the errors
return(UnprocessableEntity(ErrorsList));
}
/// check the database to see if a user with the same email exists
if (_DbContext.Users.Any(d => d.Email == newUser.Email))
{
/// extract the errors and return bad request containing the errors
AppFunc.Error(ref ErrorsList, "Email already exists.");
return(StatusCode(412, ErrorsList));
}
/// Create the new user
IdentityResult newUserResult = await _UserManager.CreateAsync(newUser, newUser.PasswordHash)
.ConfigureAwait(false);
/// If result failed
if (!newUserResult.Succeeded)
{
/// Add the error below to the error list and return bad request
foreach (var error in newUserResult.Errors)
{
AppFunc.Error(ref ErrorsList, error.Description, error.Code);
}
return(StatusCode(417, ErrorsList));
}
/// else result is successful the try to add the access claim for the user
IdentityResult addedClaimResult = await _UserManager.AddClaimAsync(
newUser,
new Claim(AppConst.AccessClaims.Type, newUser.Role.AccessClaim)
).ConfigureAwait(false);
/// if claim failed to be created
if (!addedClaimResult.Succeeded)
{
/// remove the user account and return appropriate error
_DbContext.Users.Remove(newUser);
await _DbContext.SaveChangesAsync().ConfigureAwait(false);
AppFunc.Error(ref ErrorsList, AppConst.CommonErrors.ServerError);
return(StatusCode(417, ErrorsList));
}
isUserCreated = true;
/// return 201 created status with the new object
/// and success message
return(Created("Success", newUser));
}
catch (Exception ee) // DbUpdateException, DbUpdateConcurrencyException
{
/// Add the error below to the error list and return bad request
AppFunc.Error(ref ErrorsList, AppConst.CommonErrors.ServerError);
return(StatusCode(417, ErrorsList));
}
}
public async Task <IActionResult> LoginAsync([FromBody] LoginInfo loginInfo)
{
try
{
///// If email parameter is empty
///// return "unauthorized" response (stop code execution)
//if (string.IsNullOrWhiteSpace(loginInfo.UserName))
// /// in the case any exceptions return the following error
// AppFunc.Error(ref ErrorsList, "UserName is required!", "UserName");
//if (string.IsNullOrWhiteSpace(loginInfo.Password))
// AppFunc.Error(ref ErrorsList, "Password is required!", "Password");
//if (ErrorsList.Count > 0)
// return BadRequest(ErrorsList);
/// if model validation failed
if (!TryValidateModel(loginInfo))
{
AppFunc.ExtractErrors(ModelState, ref ErrorsList);
/// return Unprocessable Entity with all the errors
return(UnprocessableEntity(ErrorsList));
}
/// Find the user with the provided email address
User user = await _UserManager
.FindByNameAsync(loginInfo.UserName).ConfigureAwait(false);
/// if no user is found on the database
// return "unauthorized" response (stop code execution)
if (user == null)
{
/// in the case any exceptions return the following error
AppFunc.Error(ref ErrorsList, "UserName not registered", "UserName");
return(BadRequest(ErrorsList));
}
/// Check if user's account is locked
if (user.LockoutEnabled)
{
/// get the current lockout end dateTime
var currentLockoutDate =
await _UserManager.GetLockoutEndDateAsync(user).ConfigureAwait(false);
/// if the user's lockout is not expired (stop code execution)
if (user.LockoutEnd > DateTimeOffset.UtcNow)
{
/// in the case any exceptions return the following error
AppFunc.Error(ref ErrorsList, string.Format("Account Locked for {0}"
, AppFunc.CompareWithCurrentTime(user.LockoutEnd)));
return(BadRequest(ErrorsList));
}
/// else lockout time has expired
// disable user lockout
await _UserManager.SetLockoutEnabledAsync(user, false).ConfigureAwait(false);
await _UserManager.ResetAccessFailedCountAsync(user).ConfigureAwait(false);
}
/// else user account is not locked
// Attempt to sign in the user
var SignInResult = await _SignInManager
.PasswordSignInAsync(user,
loginInfo.Password,
loginInfo.RememberMe,
false).ConfigureAwait(false);
/// If password sign-in succeeds
// responded ok 200 status code with
//the user's role attached (stop code execution)
if (!SignInResult.Succeeded)
{
/// else login attempt failed
/// increase and update the user's failed login attempt by 1
await _UserManager.AccessFailedAsync(user).ConfigureAwait(false);
/// if failed login attempt is less than/ equal to 5 (stop code execution)
if (user.AccessFailedCount <= 5)
{
/// in the case any exceptions return the following error
AppFunc.Error(ref ErrorsList, "Incorrect Password!", "password");
return(Unauthorized(ErrorsList));
}
/// else user has tried their password more than 15 times
// lock the user and ask them to reset their password
user.LockoutEnabled = true;
user.LockoutEnd = DateTimeOffset.UtcNow.AddMinutes(user.AccessFailedCount);
/// in the case any exceptions return the following error
AppFunc.Error(ref ErrorsList, string.Format("Account Locked for {0}"
, AppFunc.CompareWithCurrentTime(user.LockoutEnd)));
return(Unauthorized(ErrorsList));
}
user.Role = (await AppDbContext.Users.Include(u => u.Role)
.FirstOrDefaultAsync(u => u.Id == user.Id)
.ConfigureAwait(false))
?.Role;
return(Ok(user));
}
catch (Exception)
{
/// Add the error below to the error list and return bad request
AppFunc.Error(ref ErrorsList, AppConst.CommonErrors.ServerError);
return(StatusCode(417, ErrorsList));
}
}
//[Authorize(AppConst.AccessPolicies.Secret)] /// First Level Test Pass
public async Task <IActionResult> Get(
int selectedPage = 1,
int maxItemsPerPage = 5,
string searchValue = AppConst.GetAllRecords,
string filterRole = AppConst.GetAllRecords,
bool isSortAsce = true,
string sortName = "Name"
)
{
try
{
//1.Check the search parameter and filters and return the appropriate user list
// a.If search value is empty or null then return the filtered users
// Note(Default value for parameters)
// searchValue = null
//ALL OTHER PARAMETERS = ***GET - ALL ***
int.TryParse(filterRole, out int filterRoleId);
int langId = AppFunc.GetLanguageId();
int totalCount = await AppDbContext.Users.Include(r => r.UserTranslates).Include(u => u.Role).Select(u => new User
{
Id = u.Id,
FirstName = u.UserTranslates.FirstOrDefault(e => e.LangId == langId).FirstName,
Surname = u.UserTranslates.FirstOrDefault(e => e.LangId == langId).Surname,
Email = u.Email,
UserName = u.UserName,
PhoneNumber = u.PhoneNumber,
Role = u.Role
})
.Where(u => filterRole.Equals(AppConst.GetAllRecords) ? true : u.Role.Id == filterRoleId)
.CountAsync(u => searchValue.Equals(AppConst.GetAllRecords) ? true :
u.FirstName.Contains(searchValue) ||
u.Surname.Contains(searchValue) ||
u.Email.Contains(searchValue) ||
u.UserName.Contains(searchValue) ||
u.PhoneNumber.Contains(searchValue)
).ConfigureAwait(false);
List <User> list = await AppDbContext.Users.Include(r => r.UserTranslates).Include(u => u.Role).
ThenInclude(r => r.RoleTranslates).Select(u => new User
{
Id = u.Id,
FirstName = u.UserTranslates.FirstOrDefault(e => e.LangId == langId).FirstName,
Surname = u.UserTranslates.FirstOrDefault(e => e.LangId == langId).Surname,
Email = u.Email,
UserName = u.UserName,
PhoneNumber = u.PhoneNumber,
Role = new Role()
{
Id = u.Role.Id,
AccessClaim = u.Role.AccessClaim,
Name = u.Role.RoleTranslates.FirstOrDefault(e => e.LangId == langId).Name
}
})
.Where(u => filterRole.Equals(AppConst.GetAllRecords) ? true : u.Role.Id == filterRoleId)
.Where(u => searchValue.Equals(AppConst.GetAllRecords) ? true :
u.FirstName.Contains(searchValue) ||
u.Surname.Contains(searchValue) ||
u.Email.Contains(searchValue) ||
u.UserName.Contains(searchValue) ||
u.PhoneNumber.Contains(searchValue)
)
.OrderByDynamic(sortName, isSortAsce)
.Skip((selectedPage - 1) * maxItemsPerPage)
.Take(maxItemsPerPage)
.ToListAsync()
.ConfigureAwait(false);
/// return the list of Role ordered by name
return(Ok(new { list, totalCount }));
}
catch (Exception) //ArgumentNullException
{
/// in the case any exceptions return the following error
AppFunc.Error(ref ErrorsList, AppConst.CommonErrors.ServerError);
return(StatusCode(417, ErrorsList));
}
}
/// <summary>
/// Create a new User
/// </summary>
private async Task <IActionResult> CreateUser(User newUser)
{
try
{
newUser.PasswordHash = newUser.TempPassword;
newUser.TempPassword = string.Empty;
ModelState.Clear();
TryValidateModel(newUser);
ModelState.Remove("Role.Name");
/// if model validation failed
if (!ModelState.IsValid)
{
AppFunc.ExtractErrors(ModelState, ref ErrorsList);
/// return bad request with all the errors
return(UnprocessableEntity(ErrorsList));
}
/// check the database to see if a user with the same email exists
if (AppDbContext.Users.AsNoTracking().Any(d => d.UserName == newUser.UserName))
{
/// extract the errors and return bad request containing the errors
AppFunc.Error(ref ErrorsList, _localizer["UserName already exists."].Value, "UserName");
return(StatusCode(412, ErrorsList));
}
/// Create the new user
IdentityResult newUserResult = await _UserManager.CreateAsync(newUser, newUser.PasswordHash)
.ConfigureAwait(false);
/// If result failed
if (!newUserResult.Succeeded)
{
/// Add the error below to the error list and return bad request
foreach (var error in newUserResult.Errors)
{
AppFunc.Error(ref ErrorsList, error.Description, error.Code);
}
return(StatusCode(417, ErrorsList));
}
/// else result is successful the try to add the access claim for the user
IdentityResult addedClaimResult = await _UserManager.AddClaimAsync(
newUser,
new Claim(AppConst.AccessClaimType, newUser.Role.AccessClaim)
).ConfigureAwait(false);
/// if claim failed to be created
if (!addedClaimResult.Succeeded)
{
/// remove the user account and return appropriate error
AppDbContext.Users.Remove(newUser);
await AppDbContext.SaveChangesAsync().ConfigureAwait(false);
AppFunc.Error(ref ErrorsList, AppConst.CommonErrors.ServerError);
return(StatusCode(417, ErrorsList));
}
foreach (string lang in AppConst.SupportLanguages)
{
await AppDbContext.UserTranslate.AddAsync(new UserTranslate()
{
LangId = AppFunc.GetLanguageId(lang),
User = newUser,
FirstName = newUser.FirstName,
Surname = newUser.Surname
});
}
/// save the changes to the data base
await AppDbContext.SaveChangesAsync().ConfigureAwait(false);
isUserCreated = true;
/// return 201 created status with the new object
/// and success message
return(Created(_localizer["Success"].Value, newUser));
}
catch (Exception) // DbUpdateException, DbUpdateConcurrencyException
{
/// Add the error below to the error list and return bad request
AppFunc.Error(ref ErrorsList, AppConst.CommonErrors.ServerError);
return(StatusCode(417, ErrorsList));
}
}
