public HttpResponseMessage Logout()
{
UserSessionDto userSession = Request.GetUserSession();
if (userSession == null)
{
return(Request.CreateErrorResponse(HttpStatusCode.Forbidden, "User Session not found."));
}
try
{
bool isLogoutSuccess = _loginService.Logout(userSession.SessionId);
if (isLogoutSuccess)
{
HttpResponseMessage response = Request.CreateResponse(HttpStatusCode.OK, "User has logged off successfully.");
CookieHeaderValue cookie = new CookieHeaderValue(Constants.SESSION_KEY, userSession.SessionId)
{
Expires = DateTimeOffset.Now.AddDays(-1),
Domain = Request.RequestUri.Host,
Path = "/"
};
response.Headers.AddCookies(new CookieHeaderValue[] { cookie });
return(response);
}
else
{
HttpResponseMessage response = Request.CreateErrorResponse(HttpStatusCode.InternalServerError, "Could not logoff.");
return(response);
}
}
catch (Exception)
{
HttpResponseMessage response = Request.CreateErrorResponse(HttpStatusCode.InternalServerError, "Could not login.");
return(response);
}
}
public HttpResponseMessage GetCurrentWeekTasks()
{
UserSessionDto userSession = Request.GetUserSession();
if (userSession == null)
{
return(Request.CreateErrorResponse(HttpStatusCode.Forbidden, "User Session not found."));
}
string userId = userSession.User.UserId;
if (string.IsNullOrEmpty(userId))
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "User Id cannot be empty."));
}
try
{
List <WorkItemDto> getCurrentWeekTasks = _workItemSyncService.GetUserCurrentWeekSyncedTasks(userId);
return(Request.CreateResponse(HttpStatusCode.OK, getCurrentWeekTasks));
}
catch (Exception ex)
{
_loggger.Error(ex);
return(Request.CreateErrorResponse(HttpStatusCode.InternalServerError, ex.Message));
}
}
public virtual void Set(string sid, UserSessionDto value)
{
if (!string.IsNullOrEmpty(sid))
{
base.SetData(value, sid);
}
}
public static UserSessionDto GetUserSession(this HttpContext httpContext)
{
if (httpContext == null)
{
throw new ArgumentNullException(nameof(httpContext));
}
UserSessionDto m = httpContext.Items[USER_SESSION_KEY] as UserSessionDto;
if (m == null)
{
var sid = GetSid(httpContext);
if (!string.IsNullOrEmpty(sid))
{
using (var userSessionService = IocUtils.Get <IUserSessionService>())
{
m = userSessionService.Get(sid);
if (m != null)
{
httpContext.Items[USER_SESSION_KEY] = m;
}
}
}
}
return(m);
}
public HttpResponseMessage GetServersByUserId()
{
UserSessionDto userSession = Request.GetUserSession();
if (userSession == null)
{
return(Request.CreateErrorResponse(HttpStatusCode.Forbidden, "User Session not found."));
}
string userId = userSession.User.UserId;
if (string.IsNullOrEmpty(userId))
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "User Id cannot be empty."));
}
try
{
List <UserServerDto> serverList = _userManagementService.GetUserServerList(userId);
HttpResponseMessage response = Request.CreateResponse(HttpStatusCode.OK, serverList);
return(response);
}
catch (Exception ex)
{
_loggger.Error(ex);
return(Request.CreateErrorResponse(HttpStatusCode.InternalServerError, ex.Message));
}
}
public void LoginBlankUserId()
{
string userId = "";
string password = "******";
LoginService loginService = new LoginService();
UserSessionDto userSession = loginService.Login(userId, password);
Assert.IsNotNull(userSession);
}
public void InvalidPassword()
{
string userId = "1111111";
string password = "******";
LoginService loginService = new LoginService();
UserSessionDto userSession = loginService.Login(userId, password);
Assert.IsNotNull(userSession);
}
/// <summary>
/// Invoke web socket method
/// Method can throw Exception !!!
/// </summary>
/// <param name="methodName"></param>
/// <param name="dto"></param>
/// <returns></returns>
private async Task <bool> InvokeSocketMethod(string methodName, UserSessionDto dto)
{
await _connection.StartAsync();
await _connection.InvokeAsync("SyncSession", JsonConvert.SerializeObject(dto));
await _connection.StopAsync();
return(true);
}
public async Task <bool> Sync(UserSessionDto sessionDto)
{
try
{
return(await InvokeSocketMethod("SyncSession", sessionDto));
}
catch
{
return(false);
}
}
public virtual UserSessionDto Get(string sid)
{
UserSessionDto value = null;
if (!string.IsNullOrEmpty(sid))
{
value = base.GetData <UserSessionDto>(sid);
}
return(value);
}
internal static UserSession ToUserSession(this UserSessionDto userSessionDto)
{
return(new UserSession
{
UserId = userSessionDto.UserSessionId,
Email = userSessionDto.Email,
FullName = userSessionDto.FullName,
Password = userSessionDto.Password,
Role = userSessionDto.Role,
UserImage = userSessionDto.UserImage,
});
}
public async Task <bool> SyncProcesses(UserSessionDto sessionDto)
{
try
{
sessionDto.Applications = null;
return(await InvokeSocketMethod("SynProcesses", sessionDto));
}
catch
{
return(false);
}
}
public async Task <IActionResult> UpsertUserSessionAsync([FromBody] UserSessionDto userSessionDto)
{
try
{
var userSession = UserSession.CreateUserSession(userSessionDto.Isbn, userSessionDto.Description, userSessionDto.ModifiedById);
var userSessionResult = await _userSessionService.UpsertUserSessionAsync(userSession).ConfigureAwait(false);
return(Ok(userSessionResult));
}
catch (Exception ex)
{
return(BadRequest(ex));
}
}
/// <summary>
/// Execute rest api method
/// Method can throw exception !!!
/// </summary>
/// <param name="endPoint"></param>
/// <param name="dto"></param>
/// <returns></returns>
private async Task <bool> ExecuteRestApiMethod(string endPoint, UserSessionDto dto)
{
var response = await Post(endPoint, dto, _tokenService.GetValidToken());
if (TimeOccurred) //Timeout occurred
{
return(false);
}
if (response.IsSuccessStatusCode)
{
return(true);
}
return(false);
}
public virtual void Set(string sid, UserSessionDto vm)
{
if (string.IsNullOrEmpty(sid))
{
throw new ApiParamNullException("sid");
}
if (vm == null)
{
repository.Remove(sid);
}
else
{
vm.Sid = sid;
repository.Set(sid, vm);
}
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
if (filterContext == null)
{
throw new ArgumentNullException("filterContext");
}
//获取访问路径
var path = filterContext.HttpContext.Request.Path.ToLower();
//判断用户Session是否超时
UserSessionDto userSession = filterContext.HttpContext.Session["UserBase"] as UserSessionDto;
if (userSession == null && path != "/home/index")
{
filterContext.Result = new RedirectResult("/Home/Index");
}
}
public async Task AuthenticateAsync(HttpAuthenticationContext context, CancellationToken cancellationToken)
{
HttpRequestMessage request = context.Request;
if (request != null)
{
UserSessionDto session = request.GetUserSession();
if (session == null)
{
context.ErrorResult = new AuthenticationFailureResult("User Session not found", request);
return;
}
else
{
context.Principal = new ClaimsPrincipal();
return;
}
}
}
public async Task <HttpResponseMessage> Login(UserSessionDto userSession)
{
try
{
HttpResponseMessage response;
UserEntity userEntity = _UserLogic.Login(userSession.UserName, userSession.Password);
if (userEntity != null)
{
int timeExpireSession = _secCarFleet.GetTimeExpireSession();
string token = String.Empty;
if (userSession.StaySession && !string.IsNullOrEmpty(userSession.Token))
{
token = _ConfigUserLoginLogic.LoginByToken(userEntity.Id, userSession.Token, userSession.DeviceUUID, timeExpireSession);
}
else
{
token = _ConfigUserLoginLogic.Insert(userEntity.Id, userSession.DeviceUUID, timeExpireSession);
}
if (!string.IsNullOrEmpty(token))
{
userSession.IdUser = userEntity.Id;
userSession.IdCompany = userEntity.Id_company;
userSession.IdLanguage = userEntity.Id_language;
userSession.Token = token;
response = Request.CreateResponse(HttpStatusCode.OK, userSession);
}
else
{
response = Request.CreateResponse(HttpStatusCode.PreconditionFailed, new { Message = "Falló la generación del token en la aplicación" });
}
}
else
{
response = Request.CreateResponse(HttpStatusCode.PreconditionFailed, new { Message = "Nombre de usuario o password incorrectos" });
}
return(response);
}
catch (Exception ex)
{
throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.InternalServerError, "Error en el login"));
}
}
public async Task <IActionResult> Login([FromBody] LoginDto dto)
{
var user = await _userService.Login(dto);
if (user == null)
{
return(BadRequest(new { message = "Your login was incorrect" }));
}
else
{
var token = await _userService.GenerateTokenJwt(user);
var userSession = new UserSessionDto();
userSession.ID = user.ID;
userSession.UserName = user.UserName;
userSession.Password = user.Password;
userSession.Role = user.Role;
userSession.Token = token.Token;
return(Ok(token));
}
}
public async Task <ResultDto <UserSessionDto> > GetUserSession(string userId)
{
var id = Guid.Parse(userId);
var user = await _context.AppUsers.FindAsync(id);
if (user == null)
{
return(new ResultDto <UserSessionDto>(ResponseCode.Validate, "Người dùng không tồn tại hoặc đã bị khóa", null));
}
var roles = await _userManager.GetRolesAsync(user);
var session = new UserSessionDto()
{
UserId = user.Id.ToString(),
FullName = user.FullName,
Roles = roles,
Email = user.Email
};
return(new ResultDto <UserSessionDto>(ResponseCode.Success, "Thành công", session));
}
public async Task <HttpResponseMessage> IsAuthenticated(UserSessionDto userSession)
{
try
{
HttpResponseMessage response;
int timeExpireSession = _secCarFleet.GetTimeExpireSession();
if (_ConfigUserLoginLogic.IsAuthenticated(userSession.IdUser, userSession.Token, userSession.DeviceUUID, timeExpireSession, userSession.StaySession))
{
response = Request.CreateResponse(HttpStatusCode.OK, true);
}
else
{
response = Request.CreateResponse(HttpStatusCode.Unauthorized, new { Message = "El usuario no está autenticado" });
}
return(response);
}
catch (Exception ex)
{
throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.InternalServerError, "Error autenticando al usuario"));
}
}
public async Task <IActionResult> Login([FromBody] LoginDto dto)
{
var user = await _userService.Login(dto);
if (user == null)
{
return(BadRequest("Sai tài khoản hoặc mật khẩu"));
}
else
{
var rtToken = await _userService.LoginResultToken(user);
var userSession = new UserSessionDto();
userSession.ID = user.ID;
userSession.UserName = user.UserName;
userSession.Password = user.Password;
userSession.RoleID = rtToken.RoleID;
userSession.Token = rtToken.Token;
return(Ok(rtToken));
}
}
public static void SetUserSession(this HttpContext httpContext, UserSessionDto m)
{
if (httpContext == null)
{
throw new ArgumentNullException(nameof(httpContext));
}
var sid = GetSid(httpContext);
if (!string.IsNullOrEmpty(sid))
{
using (var userSessionService = IocUtils.Get <IUserSessionService>())
{
if (m != null)
{
m.Sid = sid;
}
userSessionService.Set(sid, m);
httpContext.Items[USER_SESSION_KEY] = m;
httpContext.Items[SET_USER_SESSION_KEY] = m != null ? "1" : "0";
}
}
}
public HttpResponseMessage Login([FromBody] UserLoginDto userLoginDto)
{
if (userLoginDto == null)
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "User login cannot be empty."));
}
if (string.IsNullOrEmpty(userLoginDto.UserId))
{
HttpResponseMessage response = Request.CreateErrorResponse(HttpStatusCode.BadRequest, "User Id cannot be empty");
return(response);
}
if (string.IsNullOrEmpty(userLoginDto.Password))
{
HttpResponseMessage response = Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Password cannot be empty");
return(response);
}
try
{
UserSessionDto userSession = _loginService.Login(userLoginDto.UserId, userLoginDto.Password);
// Attach a session cookie to response.
CookieHeaderValue cookie = new CookieHeaderValue(Constants.SESSION_KEY, userSession.SessionId)
{
Expires = DateTimeOffset.Now.AddDays(1),
Domain = Request.RequestUri.Host,
Path = "/"
};
HttpResponseMessage response = Request.CreateResponse(HttpStatusCode.OK, userSession);
response.Headers.AddCookies(new CookieHeaderValue[] { cookie });
return(response);
}
catch (Exception ex)
{
_loggger.Error(ex);
return(Request.CreateErrorResponse(HttpStatusCode.InternalServerError, ex.Message));
}
}
public virtual UserSessionDto Get(string sid)
{
UserSessionDto value = this.cache.Get(sid);
return(value);
}
public virtual void Set(string sid, UserSessionDto value)
{
this.cache.Set(sid, value);
}
public ServiceResult <UserSessionDto> GetUserSession(string username)
{
User user = flytDexContext.Users
.Include(u => u.LinkUserSchools)
.SingleOrDefault(u => u.Username == username);
if (user == null)
{
return(errorService.Error <UserSessionDto>("Error occurred: User not found"));
}
IEnumerable <Guid> employeeIds = user.LinkUserSchools.Where(lus => lus.UserType == UserType.Employee).Select(lus => lus.UserTypeId);
IEnumerable <Guid> studentIds = user.LinkUserSchools.Where(lus => lus.UserType == UserType.Student).Select(lus => lus.UserTypeId);
List <Employee> cachedEmployees = flytDexContext.Employees
.Include(e => e.LinkEmployeeRoles)
.ThenInclude(ler => ler.Role)
.Where(e => employeeIds.Contains(e.Id))
.ToList();
List <Student> cachedStudents = flytDexContext.Students.Where(s => studentIds.Contains(s.Id)).ToList();
UserSessionDto userSessionDto = new UserSessionDto();
userSessionDto.UserId = user.Id;
userSessionDto.Username = user.Username;
userSessionDto.LastLoginDateTime = user.LastLoginDateTime;
userSessionDto.UserSchools = new List <LinkUserSchoolDto>();
foreach (LinkUserSchool linkUserSchool in user.LinkUserSchools)
{
if (linkUserSchool.UserType == UserType.Employee)
{
Employee employee = cachedEmployees.SingleOrDefault(e => e.Id == linkUserSchool.UserTypeId);
if (employee == null)
{
logger.Warn(string.Format("Employee User found with no valid Employee attached, User Id: {0}", user.Id));
return(errorService.Error <UserSessionDto>("Error occurred: User Invalid"));
}
userSessionDto.UserSchools.Add(new LinkUserSchoolDto()
{
UserId = user.Id,
SchoolId = linkUserSchool.SchoolId,
UserType = linkUserSchool.UserType,
UserTypeId = employee.Id,
Roles = employee.LinkEmployeeRoles.Select(ler => ler.Role.RoleTitle).OrderBy(r => r).ToList()
});
}
else if (linkUserSchool.UserType == UserType.Student)
{
Student student = cachedStudents.SingleOrDefault(s => s.Id == linkUserSchool.UserTypeId);
if (student == null)
{
logger.Warn(string.Format("Student User found with no valid Student attached, User Id: {0}", user.Id));
return(errorService.Error <UserSessionDto>("Error occurred: User Invalid"));
}
userSessionDto.UserSchools.Add(new LinkUserSchoolDto()
{
UserId = user.Id,
SchoolId = linkUserSchool.SchoolId,
UserType = linkUserSchool.UserType,
UserTypeId = student.Id,
Roles = new List <string>()
});
}
}
return(new ServiceResult <UserSessionDto>(userSessionDto));
}
public virtual void SetCurrentUser(UserSessionDto user)
{
this.CurrentUser = user;
}
public async Task <bool> SyncProcesses(UserSessionDto sessionDto)
{
sessionDto.Applications = null;
return(await ExecuteRestApiMethod("Synchronization/sync/processes", sessionDto));
}
public async Task <bool> Sync(UserSessionDto sessionDto)
{
return(await ExecuteRestApiMethod("Synchronization/sync", sessionDto));
}
