public IActionResult Login(LoginRequest request)
{
Console.WriteLine(request.Login);
Console.WriteLine(request.Haslo);
var student = _dbService.GetStudent(request.Login);
var claims = new[]
{
new Claim(ClaimTypes.NameIdentifier, student.IndexNumber),
new Claim(ClaimTypes.Name, student.FirstName),
new Claim(ClaimTypes.Surname, student.LastName),
new Claim(ClaimTypes.Role, "employee")
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["SecretKey"]));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken
(
issuer: "s18014",
audience: "Students",
claims: claims,
expires: DateTime.Now.AddMinutes(10),
signingCredentials: creds
);
return(Ok(new
{
token = new JwtSecurityTokenHandler().WriteToken(token),
refreshToken = Guid.NewGuid()
}));
}
public IActionResult GetStudent(string id)
{
if (_dbService.GetStudent(id) != null)
{
return(Ok(_dbService.GetStudent(id)));
}
return(NotFound("Nie znaleziono studenta"));
}
public IActionResult GetStudent(string id)
{
if (_dbService.GetStudent(id) != null)
{
return(Ok(_dbService.GetStudent(id)));
}
return(NotFound("Nie ma studenta o tym id"));
}
public IActionResult GetStudent(string indexnumber)
{
//
List <Enrollment> lista = _IsDbService.GetStudent(indexnumber);
return(Ok(lista));
/*var resultEnr = new List<Enrollment>();
*
* using (SqlConnection con = new SqlConnection(ConnString))
* using (SqlCommand com = new SqlCommand())
* {
* com.Connection = con;
*
* com.CommandText = "select * from enrollment where IdEnrollment = (select IdEnrollment from student where indexnumber = @indexnumber)";
* com.Parameters.AddWithValue("indexnumber", indexnumber);
* con.Open();
* SqlDataReader dr = com.ExecuteReader();
* while (dr.Read())
* {
* var enh = new Enrollment();
* enh.IdEnrollment = (int)dr["IdEnrollment"];
* enh.IdStudy = (int)dr["IdStudy"];
* enh.Semester = (int)dr["Semester"];
* enh.StartDate = (DateTime)dr["StartDate"];
* resultEnr.Add(enh);
* }
*
* }
* return Ok(resultEnr);*/
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env, IStudentsDbService service)
{
app.UseMiddleware <LoggingMiddleware>();
app.Use(async(context, next) =>
{
if (!context.Request.Headers.ContainsKey("Index"))
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
await context.Response.WriteAsync("Improper request: Index number is required in the Headers");
return;
}
string index = context.Request.Headers["Index"].ToString();
var stud = service.GetStudent(index);
if (stud == null)
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
await context.Response.WriteAsync("Improper request: Index number is not in the database");
return;
}
await next();
});
app.UseHttpsRedirection();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env, IStudentsDbService service)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
//Obs³uga b³êdów
app.UseMiddleware <ExeptionMiddleware>();
app.UseSwagger();
app.UseSwaggerUI(config =>
{
config.SwaggerEndpoint("/swagger/v1/swagger.json", "Students App API");
});
app.UseMiddleware <LoggingMiddleware>();
app.UseWhen(context => context.Request.Path.ToString().Contains("secured"), app =>
{
app.Use(async(context, next) =>
{
if (!context.Request.Headers.ContainsKey("Index"))
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
await context.Response.WriteAsync("Index number missing");
return;
}
var index = context.Request.Headers["Index"].ToString();
var stud = service.GetStudent(index);
if (stud == null)
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
await context.Response.WriteAsync($"User ({index}) not found");
return;
}
await next();
});
});
app.UseHttpsRedirection();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
}
public IActionResult GetStudent(string id)
{
var result = _dbService.GetStudent(id);
if (result != null)
{
return(Ok(result));
}
return(NotFound());
}
public IActionResult GetStudent(string IndexNumber)
{
var student = _studentsDbService.GetStudent(IndexNumber);
if (student == null)
{
return(BadRequest("Nie znaleziono studenta"));;
}
return(Ok(student));
}
public IActionResult GetStudent(string id)
{
var student = _studentsDbService.GetStudent(id);
if (student == null)
{
return(NotFound("Nie znaleziono studenta"));;
}
return(Ok(student));
}
public IActionResult RegisterNewUser(LoginRequestDto request)
{
Console.WriteLine("Register new user");
var student = _studentsDbService.GetStudent(request.Login);
if (student.HashedPassword.Equals(""))
{
// We are good to go, we can register new student - he haven't registered before
Console.WriteLine("New user will be registered. Saving his credentials to DB");
}
else
{
return(BadRequest("Student is already registered. "));
}
//saving student's password in DB (hashed + salt)
_studentsDbService.RegisterNewStudent(student, request.Password);
return(Ok("Your password has been saved"));
}
public IActionResult GetStudent(string index)
{
var listOfEnrollments = new List <Enrollment>(_dbService.GetStudent(index));
if (listOfEnrollments.Count > 0)
{
return(Ok(listOfEnrollments[0]));
}
return(NotFound("Enrollment not found"));
}
public IActionResult GetStudent(string id)
{
try
{
return(Ok(_dbService.GetStudent(id)));
}
catch (Exception e)
{
return(BadRequest("Exception: " + e.Message + "\n" + e.StackTrace));
}
}
public IActionResult GetStudent(String index)
{
try
{
return(Ok(_dbService.GetStudent(index)));
}
catch (Exception e)
{
return(NotFound(e.Message));
}
}
public IActionResult GetStudent(string id)
{
Enrollment en = _service.GetStudent(id);
if (en == null)
{
return(NotFound());
}
else
{
return(Ok(en));
}
}
public IActionResult GetStudent(string indexNumber)
{
var student = _dbService.GetStudent(indexNumber);
if (student == null)
{
return(NotFound($"No students with provided index number ({indexNumber})"));
}
else
{
return(Ok(student));
}
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env, IStudentsDbService service)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseMiddleware <LoggingMiddleware>();
app.UseSwagger();
app.UseSwaggerUI(config =>
{
config.SwaggerEndpoint("/swagger/v1/swagger.json", "STUDENT API");
});
app.UseMiddleware <LoggingMiddleware>();
app.Use(async(context, next) =>
{
if (!context.Request.Headers.ContainsKey("Index"))
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
await context.Response.WriteAsync("No index number present on headers");
return;
}
string index = context.Request.Headers["Index"].ToString();
string checkIndex = service.GetStudent(index);
if (checkIndex == null)
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
await context.Response.WriteAsync("No such student");
return;
}
await next();
});
app.UseHttpsRedirection();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints => { endpoints.MapControllers(); });
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env, IStudentsDbService dbService)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseMiddleware <LoggingMiddleware>();
app.Use(async(context, next) =>
{
if (!context.Request.Headers.ContainsKey("IndexNumber"))
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
await context.Response.WriteAsync("Nie poda³eœ indeksu");
return;
}
string index = context.Request.Headers["IndexNumber"].ToString();
if (!dbService.CheckIfExists(index))
{
context.Response.StatusCode = Microsoft.AspNetCore.Http.StatusCodes.Status401Unauthorized;
await context.Response.WriteAsync("bledny index");
return;
}
Student student = dbService.GetStudent(index);
if (student == null)
{
await context.Response.WriteAsync("Nie ma takiego studenta.");
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
return;
}
await context.Response.WriteAsync(student.ToString());
await next();
});
app.UseHttpsRedirection();
app.UseRouting();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env, IStudentsDbService dbService)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseSwagger();
app.UseSwaggerUI(c =>
{
c.SwaggerEndpoint("/swagger/v1/swagger.json", "Student API V1");
});
app.UseHttpsRedirection();
app.UseMiddleware <LoggingMiddleware>();
app.Use(async(context, next) =>
{
if (!context.Request.Headers.ContainsKey("Index"))
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
await context.Response.WriteAsync("Nie podano indeksu");
return;
}
string index = context.Request.Headers["Index"].ToString();
var stud = dbService.GetStudent(index);
if (stud == null)
{
context.Response.StatusCode = StatusCodes.Status404NotFound;
await context.Response.WriteAsync("Student not found");
return;
}
await next();
});
app.UseRouting();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env, IStudentsDbService service)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseMiddleware <LoggingMiddleware>();
app.Use(async(context, next) =>
{
if (!context.Request.Headers.ContainsKey("Index"))
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
await context.Response.WriteAsync("Musisz podac numer indeksu");
return;
}
string index = context.Request.Headers["Index"].ToString();
var student = service.GetStudent(index);
if (student == null)
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
await context.Response.WriteAsync("Nieprawidlowy numer indeksu");
return;
}
await next();
});
app.UseHttpsRedirection();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env, IStudentsDbService service)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseMiddleware <LoggingMiddleware>();
app.Use(async(context, next) =>
{
if (!context.Request.Headers.ContainsKey("Index"))
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
await context.Response.WriteAsync("You have to give your index number!");
return; // short-circuit
}
string index = context.Request.Headers["Index"].ToString();
var student = service.GetStudent(index);
if (student == null)
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
await context.Response.WriteAsync("This index number does not exist!");
return;
}
await next();
});
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
}
protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
{
if (!Request.Headers.ContainsKey("Authorization"))
{
return(AuthenticateResult.Fail("Missing authorization header"));
}
var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]);
var credentialsBytes = Convert.FromBase64String(authHeader.Parameter);
var credentials = Encoding.UTF8.GetString(credentialsBytes).Split(":");
if (credentials.Length != 2)
{
return(AuthenticateResult.Fail("Incorrect authorization header value"));
}
Student student = _dbService.GetStudent(credentials[0]);
if (student == null || !student.Password.Equals(credentials[1]))
{
return(AuthenticateResult.Fail("Incorrect authorization password"));
}
var claims = new[]
{
new Claim(ClaimTypes.NameIdentifier, student.IndexNumber),
new Claim(ClaimTypes.Name, student.FirstName),
new Claim(ClaimTypes.Surname, student.LastName),
new Claim(ClaimTypes.Role, "employee")
};
var identity = new ClaimsIdentity(claims, Scheme.Name); //Basic, ...
var principal = new ClaimsPrincipal(identity);
var ticket = new AuthenticationTicket(principal, Scheme.Name);
return(AuthenticateResult.Success(ticket));
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env, IStudentsDbService service)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseMiddleware <LoggingMiddleware>();
app.Use(async(context, next) =>
{
if (!context.Request.Headers.ContainsKey("Index"))
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
await context.Response.WriteAsync("Nie poda³eœ indeksu");
return;
}
string index = context.Request.Headers["Index"].ToString();
//check in db
if (service.GetStudent(index) == null)
{
await context.Response.WriteAsync("Student o podanym indeksie nie istnieje w bazie danych");
return;
}
await next();
});
app.UseRouting();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
}
public IActionResult GetStudent(string id)
{
return(Ok(_dbService.GetStudent(id)));
}
public IActionResult GetStudent()
{
return(Ok(_dbService.GetStudent()));
}