public async Task <ActionResult <List <Users> > > GetUsers( [FromQuery(Name = "limit")] string limit = "1000", [FromQuery(Name = "offset")] string offset = "0", [FromQuery(Name = "search")] string search = "" ) { if (!_authorizationService.ValidateJWTToken(Request)) { return(Unauthorized(new { errors = new { Token = new string[] { "Invalid token" } }, status = 401 })); } if (limit != null && offset != null) { if (!int.TryParse(limit, out _) || !int.TryParse(offset, out _)) { var response = new JsonResponse { Message = "Invalid request", Status = 400, Errors = new Dictionary <string, string[]> { { "Queries", new string[] { "Invalid queries" } } } }; return(BadRequest(response.FormatResponse())); } } List <Users> users = await _usersContext.Browse(limit, offset, search); return(Ok(new { users })); }
public async Task <IActionResult> SignIn([FromBody] AuthenticatedUserModel user) { if (string.IsNullOrWhiteSpace(Request.Headers["Origin"])) { var response = new JsonResponse { Message = "Invalid request", Status = 401, Errors = new Dictionary <string, string[]> { { "Origin", new string[] { "Invalid request origin" } } } }; return(Unauthorized(response.FormatResponse())); } // Authenticate user var authenticatedUser = await _authenticationService.Authenticate(user.UserNameOrEmail, user.UserPassword); if (authenticatedUser == null) { // User isn't registered Response.Headers.Append("Access-Control-Allow-Origin", Request.Headers["Origin"]); return(Unauthorized(new { errors = new { Authentication = new string[] { "Invalid username, email and/or password" } }, status = 401 })); } // Return 200 OK with token in cookie var existingUser = await _context.Users.Where(u => u.Id == authenticatedUser.Id).FirstOrDefaultAsync(); authenticatedUser.BaseUser = existingUser; _authorizationService.SetAuthCookie(Request, Response, authenticatedUser.Token); Response.Headers.Append("X-Authorization-Token", authenticatedUser.Token); return(Ok(authenticatedUser.BaseUser.WithoutPassword())); }