[Route("~/api/users/chrole")] //suprascrie ruta prestabilita [Route("api/[controller]")]
public IActionResult Post([FromBody] UserUserRolePostModel userUserRolePostModel) //pentru creare de UserUserRole cu legatura manytomany intre User si UserRole
{
User curentUserLogIn = userService.GetCurentUser(HttpContext);
string roleNameLoged = HttpContext.User.Claims.FirstOrDefault(claim => claim.Type == ClaimTypes.Role).Value;
string curentUserRoleName = userUserRolesService.GetUserRoleNameById(userUserRolePostModel.UserId);
if (roleNameLoged.Equals("UserManager"))
{
var anulUserRegistered = curentUserLogIn.DataRegistered; //data inregistrarii
var curentMonth = DateTime.Now; //data curenta
var nrLuni = curentMonth.Subtract(anulUserRegistered).Days / (365.25 / 12); //diferenta in luni dintre datele transmise
if (nrLuni >= 6)
{
string activRoleName = userUserRolesService.GetUserRoleNameById(userUserRolePostModel.UserId);
if (activRoleName.Equals("Admin"))
{
return(Forbid("Nu ai Rolul necesar pentru aceasta operatie !"));
}
if ((activRoleName.Equals("UserManager") | activRoleName.Equals("Regular")) && userUserRolePostModel.UserRoleName.Equals("Admin"))
{
return(Forbid("Nu ai Rolul necesar pentru aceasta operatie !"));
}
}
else
{
return(Forbid("Nu ai Vechimea necesara ca UserManager pentru aceasta operatie !"));
}
}
userUserRolesService.Create(userUserRolePostModel);
return(Ok());
}
public LoginGetModel Authenticate(string username, string password)
{
var user = context.Users
.AsNoTracking()
.FirstOrDefault(u => u.Username == username && u.Password == ComputeSha256Hash(password));
// return null if user not found
if (user == null)
{
return(null);
}
string userRoleName = userUserRolesService.GetUserRoleNameById(user.Id);
// authentication successful so generate jwt token
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(appSettings.Secret);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.Name, user.Username.ToString()),
new Claim(ClaimTypes.Role, userRoleName), //rolul vine ca string
new Claim(ClaimTypes.UserData, user.DateAdded.ToString()) //DateAdded vine ca string
}),
Expires = DateTime.UtcNow.AddDays(7),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
var result = new LoginGetModel
{
Id = user.Id,
Email = user.Email,
UserName = user.Username,
Token = tokenHandler.WriteToken(token)
};
return(result);
}