public IActionResult Authenticate([FromBody] UserDto userDto)
{
var user = _userService.Authenticate(userDto.Username, userDto.Password);
if (user == null)
{
return(BadRequest(new { message = "Username or password is incorrect" }));
}
Userinstitution userInstitution = user.Userinstitution.FirstOrDefault();
List <Userrole> userRole = user.Userrole.ToList();
List <Role> roles = _context.Role.ToList();
int superAdminRoleId = roles.SingleOrDefault(r => r.RoleName.Equals("SuperAdmin", StringComparison.OrdinalIgnoreCase)).RoleId;
int adminRoleId = roles.SingleOrDefault(r => r.RoleName.Equals("Admin", StringComparison.OrdinalIgnoreCase)).RoleId;
int professorRoleId = roles.SingleOrDefault(r => r.RoleName.Equals("Professor", StringComparison.OrdinalIgnoreCase)).RoleId;
bool isSuperAdminUSer = userRole.Any(r => r.RoleId == superAdminRoleId);
bool isAdminUSer = userRole.Any(r => r.RoleId == adminRoleId);
bool isProfessorUSer = userRole.Any(r => r.RoleId == professorRoleId);
if (userInstitution == null)
{
return(BadRequest(new { message = "User is associated with any institution" }));
}
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_appSettings.Secret);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.Name, user.UserId.ToString()),
new Claim("InsId", userInstitution.InstitutionId.ToString()),
}),
Expires = DateTime.UtcNow.AddDays(7),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
var tokenString = tokenHandler.WriteToken(token);
return(Ok(new
{
Id = user.UserId,
InstitutionId = userInstitution.InstitutionId,
Username = user.UserName,
FirstName = user.FirstName,
LastName = user.LastName,
Token = tokenString,
IsAdminUser = isAdminUSer,
IsProfessor = isProfessorUSer,
IsSuperAdminUSer = isSuperAdminUSer
}));
}
public async Task <ActionResult <Department> > PostDepartment(DepartmentDto departmentDto)
{
var department = _mapper.Map <Department>(departmentDto);
_context.Department.Add(department);
await _context.SaveChangesAsync();
if (departmentDto.InstitutionId > 0)
{
Institutiondepartment insDept = new Institutiondepartment();
insDept.InstitutionId = departmentDto.InstitutionId;
insDept.DepartmentId = department.DepartmentId;
department.Institutiondepartment = new List <Institutiondepartment> {
insDept
};
_context.Department.Update(department);
_context.SaveChanges();
}
else if (departmentDto.CreatedUserId > 0)
{
User user = _context.User.Include(a => a.Userinstitution).Where(u => u.UserId == departmentDto.CreatedUserId).SingleOrDefault();
Userinstitution userIns = user.Userinstitution.SingleOrDefault();
if (userIns != null)
{
Institutiondepartment insDept = new Institutiondepartment();
insDept.InstitutionId = userIns.InstitutionId;
insDept.DepartmentId = department.DepartmentId;
department.Institutiondepartment = new List <Institutiondepartment> {
insDept
};
_context.Department.Update(department);
_context.SaveChanges();
}
}
return(CreatedAtAction("GetDepartment", new { id = department.DepartmentId }, department));
}
public User Create(User user, string password, UserDto userDto)
{
// validation
if (string.IsNullOrWhiteSpace(password))
{
throw new AppException("Password is required");
}
User userDBObj = _context.User.Where(x => x.UserName == user.UserName).FirstOrDefault();
if (userDBObj != null)
{
throw new AppException("Username \"" + user.UserName + "\" is already taken");
}
byte[] passwordHash, passwordSalt;
CreatePasswordHash(password, out passwordHash, out passwordSalt);
user.PasswordHash = passwordHash;
user.PasswordSalt = passwordSalt;
user.UserStatusId = (int)UserStatus.Deactived;
user.IsVerified = 0;
user.UniqueId = Guid.NewGuid().ToString();
_context.User.Add(user);
_context.SaveChanges();
if (userDto.Department != null && userDto.Department.Count > 0)
{
foreach (string department in userDto.Department)
{
var dept = _context.Department.Where(r => r.DepartmentName.Equals(department, StringComparison.OrdinalIgnoreCase)).FirstOrDefault();
if (dept != null)
{
Userdepartment userDept = new Userdepartment();
userDept.UserId = user.UserId;
userDept.DepartmentId = dept.DepartmentId;
user.Userdepartment = new List <Userdepartment> {
userDept
};
}
}
}
if (userDto.Role != null && userDto.Role.Count > 0)
{
foreach (string roleName in userDto.Role)
{
var role = _context.Role.Where(r => r.RoleName.Equals(roleName, StringComparison.OrdinalIgnoreCase)).FirstOrDefault();
if (role != null)
{
Userrole userRole = new Userrole();
userRole.RoleId = role.RoleId;
userRole.UserId = user.UserId;
user.Userrole = new List <Userrole> {
userRole
};
}
}
}
Institution institution = null;
if (userDto.InstitutionId > 0)
{
institution = _context.Institution.Where(i => i.InstitutionId == userDto.InstitutionId).FirstOrDefault();
}
else if (!string.IsNullOrEmpty(userDto.InstitutionName))
{
institution = _context.Institution.Where(i => i.InstitutionName.Contains(userDto.InstitutionName, StringComparison.OrdinalIgnoreCase)).FirstOrDefault();
}
else if (!string.IsNullOrEmpty(userDto.InstitutionUrl))
{
institution = _context.Institution.Where(i => i.InstitutionUrl.Contains(userDto.InstitutionUrl, StringComparison.OrdinalIgnoreCase)).FirstOrDefault();
}
Userinstitution userIns = new Userinstitution();
userIns.UserId = user.UserId;
userIns.InstitutionId = institution.InstitutionId;
user.Userinstitution = new List <Userinstitution> {
userIns
};
_context.User.Update(user);
_context.SaveChanges();
return(user);
}
