public async Task <IActionResult> GetUserById([FromRoute] string id)
{
if (id == null)
{
return(BadRequest(new JsonResult("NULL Id!")));
}
var user = await _db.Users
.Include(user => user.Favorites)
.ThenInclude(fav => fav.Product)
.Include(user => user.Orders)
.SingleOrDefaultAsync(u => u.Id == id)
;
if (user != null && user.Deleted == false)
{
var jwt = HttpContext.Request.Headers.FirstOrDefault(c => c.Key == "Authorization").Value.ToString().Replace("Bearer ", "");
var handler = new JwtSecurityTokenHandler();
var token = handler.ReadJwtToken(jwt);
var userIdLoggedIn = token.Payload.SingleOrDefault(p => p.Key == "nameid").Value.ToString();
var userRoleLoggedIn = token.Payload.SingleOrDefault(p => p.Key == "role").Value.ToString();
if (userRoleLoggedIn == "Customer" && userIdLoggedIn != user.Id)
{
return(Unauthorized());
}
var userRole = await _userManager.GetRolesAsync(user);
var result = new BaseUser
{
Id = user.Id,
FirstName = user.FirstName,
MiddleName = user.MiddleName,
LastName = user.LastName,
DisplayName = user.DisplayName,
UserName = user.UserName,
Email = user.Email,
PhoneNumber = user.PhoneNumber,
Location = user.Location,
CreatedAt = user.CreatedAt,
UpdatedAt = user.UpdatedAt,
Deleted = user.Deleted,
role = userRole[0],
Orders = user.Orders,
Favorites = _dataCleaner.cleanFavorites(user.Favorites)
};
return(Ok(result));
}
else
{
return(BadRequest(new JsonResult("User with id " + id + " not found")));
}
}