public IActionResult Authenticate([FromBody] UserDto userDto) { var user = _userService.Authenticate(userDto.Username, userDto.Password); if (user == null) { return(BadRequest(new { message = "Username or password is incorrect" })); } Userinstitution userInstitution = user.Userinstitution.FirstOrDefault(); List <Userrole> userRole = user.Userrole.ToList(); List <Role> roles = _context.Role.ToList(); int superAdminRoleId = roles.SingleOrDefault(r => r.RoleName.Equals("SuperAdmin", StringComparison.OrdinalIgnoreCase)).RoleId; int adminRoleId = roles.SingleOrDefault(r => r.RoleName.Equals("Admin", StringComparison.OrdinalIgnoreCase)).RoleId; int professorRoleId = roles.SingleOrDefault(r => r.RoleName.Equals("Professor", StringComparison.OrdinalIgnoreCase)).RoleId; bool isSuperAdminUSer = userRole.Any(r => r.RoleId == superAdminRoleId); bool isAdminUSer = userRole.Any(r => r.RoleId == adminRoleId); bool isProfessorUSer = userRole.Any(r => r.RoleId == professorRoleId); if (userInstitution == null) { return(BadRequest(new { message = "User is associated with any institution" })); } var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_appSettings.Secret); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Name, user.UserId.ToString()), new Claim("InsId", userInstitution.InstitutionId.ToString()), }), Expires = DateTime.UtcNow.AddDays(7), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); var tokenString = tokenHandler.WriteToken(token); return(Ok(new { Id = user.UserId, InstitutionId = userInstitution.InstitutionId, Username = user.UserName, FirstName = user.FirstName, LastName = user.LastName, Token = tokenString, IsAdminUser = isAdminUSer, IsProfessor = isProfessorUSer, IsSuperAdminUSer = isSuperAdminUSer })); }
public async Task <ActionResult <Department> > PostDepartment(DepartmentDto departmentDto) { var department = _mapper.Map <Department>(departmentDto); _context.Department.Add(department); await _context.SaveChangesAsync(); if (departmentDto.InstitutionId > 0) { Institutiondepartment insDept = new Institutiondepartment(); insDept.InstitutionId = departmentDto.InstitutionId; insDept.DepartmentId = department.DepartmentId; department.Institutiondepartment = new List <Institutiondepartment> { insDept }; _context.Department.Update(department); _context.SaveChanges(); } else if (departmentDto.CreatedUserId > 0) { User user = _context.User.Include(a => a.Userinstitution).Where(u => u.UserId == departmentDto.CreatedUserId).SingleOrDefault(); Userinstitution userIns = user.Userinstitution.SingleOrDefault(); if (userIns != null) { Institutiondepartment insDept = new Institutiondepartment(); insDept.InstitutionId = userIns.InstitutionId; insDept.DepartmentId = department.DepartmentId; department.Institutiondepartment = new List <Institutiondepartment> { insDept }; _context.Department.Update(department); _context.SaveChanges(); } } return(CreatedAtAction("GetDepartment", new { id = department.DepartmentId }, department)); }
public User Create(User user, string password, UserDto userDto) { // validation if (string.IsNullOrWhiteSpace(password)) { throw new AppException("Password is required"); } User userDBObj = _context.User.Where(x => x.UserName == user.UserName).FirstOrDefault(); if (userDBObj != null) { throw new AppException("Username \"" + user.UserName + "\" is already taken"); } byte[] passwordHash, passwordSalt; CreatePasswordHash(password, out passwordHash, out passwordSalt); user.PasswordHash = passwordHash; user.PasswordSalt = passwordSalt; user.UserStatusId = (int)UserStatus.Deactived; user.IsVerified = 0; user.UniqueId = Guid.NewGuid().ToString(); _context.User.Add(user); _context.SaveChanges(); if (userDto.Department != null && userDto.Department.Count > 0) { foreach (string department in userDto.Department) { var dept = _context.Department.Where(r => r.DepartmentName.Equals(department, StringComparison.OrdinalIgnoreCase)).FirstOrDefault(); if (dept != null) { Userdepartment userDept = new Userdepartment(); userDept.UserId = user.UserId; userDept.DepartmentId = dept.DepartmentId; user.Userdepartment = new List <Userdepartment> { userDept }; } } } if (userDto.Role != null && userDto.Role.Count > 0) { foreach (string roleName in userDto.Role) { var role = _context.Role.Where(r => r.RoleName.Equals(roleName, StringComparison.OrdinalIgnoreCase)).FirstOrDefault(); if (role != null) { Userrole userRole = new Userrole(); userRole.RoleId = role.RoleId; userRole.UserId = user.UserId; user.Userrole = new List <Userrole> { userRole }; } } } Institution institution = null; if (userDto.InstitutionId > 0) { institution = _context.Institution.Where(i => i.InstitutionId == userDto.InstitutionId).FirstOrDefault(); } else if (!string.IsNullOrEmpty(userDto.InstitutionName)) { institution = _context.Institution.Where(i => i.InstitutionName.Contains(userDto.InstitutionName, StringComparison.OrdinalIgnoreCase)).FirstOrDefault(); } else if (!string.IsNullOrEmpty(userDto.InstitutionUrl)) { institution = _context.Institution.Where(i => i.InstitutionUrl.Contains(userDto.InstitutionUrl, StringComparison.OrdinalIgnoreCase)).FirstOrDefault(); } Userinstitution userIns = new Userinstitution(); userIns.UserId = user.UserId; userIns.InstitutionId = institution.InstitutionId; user.Userinstitution = new List <Userinstitution> { userIns }; _context.User.Update(user); _context.SaveChanges(); return(user); }