public async Task <ApplicationResult <LoginResponseModel> > Handle(LoginCommand request, CancellationToken cancellationToken)
{
var user = await _userService.GetUserAsync(request.Email);
if (user == null)
{
return(ApplicationResult <LoginResponseModel> .Fail(PowerChatError.Create(UserErrorCodes.UserNotFound,
$"User with email '{request.Email}' was not found.")));
}
var result = await _authService.LoginAsync(request.Email, request.Password);
if (result.Succeeded)
{
var userLoggedInEvent = new UserLoggedInEvent {
UserId = user.Id
};
await _mediator.Publish(userLoggedInEvent, cancellationToken);
var loginResponse = new LoginResponseModel
{
UserId = user.Id,
Token = result.Value.Token,
Expires = result.Value.Expires
};
return(ApplicationResult <LoginResponseModel> .Ok(loginResponse));
}
return(ApplicationResult <LoginResponseModel> .Fail(result.Error));
}
public ApplicationResult <Account> Login(string username, string password)
{
var account = _accountRepository.Gets(new { Username = username })
.FirstOrDefault();
if (account == null)
{
return(ApplicationResult.Fail <Account>(ApplicationErrorCode.ErrorIsExist, "Account"));
}
var isValidPassword = account.IsValidPassword(password);
if (isValidPassword == false)
{
return(ApplicationResult.Fail <Account>(ApplicationErrorCode.ErrorIsNotValid, "Password"));
}
if (account.Status != AccountStatus.Active)
{
return(ApplicationResult.Fail <Account>("The account does not active yet"));
}
var role = _roleRepository.GetByName(ApplicationConstant.Role.User);
account.Roles = new List <Role> {
role
};
return(ApplicationResult.Ok(account));
}
public void OnResultExecuting(ResultExecutingContext context)
{
if (!context.HttpContext.Request.Headers.ContainsKey("Authorization"))
{
return;
}
var token = context.HttpContext.Request.Headers.FirstOrDefault(x => x.Key == "Authorization").Value.ToString().Split(" ")[1];
var tokenHandler = new JwtSecurityTokenHandler();
if (!tokenHandler.CanReadToken(token))
{
context.Result = new CustomUnauthorizedResult("Can't read token");
}
var jwtSecurityToken = tokenHandler.ReadToken(token) as JwtSecurityToken;
var claims = jwtSecurityToken?.Claims;
var userId = claims.First(x => x.Type == JwtRegisteredClaimNames.Sub).Value;
// Check user is active
using (var db = new ApplicationDbContext())
{
var user = db.Users.First(x => x.Id == userId);
if (user == null)
{
var result = ApplicationResult.Fail("User does not exist");
context.Result = new OkObjectResult(result);
return;
}
}
}
public ApplicationResult InsertRoleForAccount(int accountId, string roleName)
{
var queryInsert = @"DECLARE @roleId INT = (SELECT Id FROM [dbo].[Roles] (NOLOCK) WHERE Name=@roleName)
IF(NOT EXISTS(
SELECT 1 FROM [dbo].[AccountRoles] (NOLOCK) AR WHERE AR.AccountId =@accountId AND RoleId=@roleId))
BEGIN
INSERT INTO [dbo].[AccountRoles]
([AccountId]
,[RoleId])
VALUES
(@accountId,@roleId)
SELECT 1
END
ELSE
BEGIN
SELECT 0
END";
var result = Connection.Execute(queryInsert, new { accountId, roleName });
if (result > 0)
{
return(ApplicationResult.Ok());
}
return(ApplicationResult.Fail("Không thể cấp quyền cho tài khoản này"));
}
public ApplicationResult <long> GetResultUserId()
{
if (UserId == null || IsAuthenticated == false)
{
return(ApplicationResult <long> .Fail(PowerChatError.Create("Unauthorized", "Unauthorized")));
}
return(ApplicationResult <long> .Ok(UserId.Value));
}
public static ApplicationResult <long> ToApplicationResult(this IdentityResult identityResult, User user)
{
if (identityResult.Succeeded)
{
return(ApplicationResult <long> .Ok(user.Id));
}
return(ApplicationResult <long> .Fail(identityResult.Errors.Select(e => PowerChatError.Create(e.Code, e.Description)).First()));
}
public virtual ApplicationResult <T> GetById <T>(object id)
{
var entity = _repository.GetById(id);
if (entity == null)
{
return(ApplicationResult.Fail <T>($"Cannot find {typeof(T)} with Id:{id} in the system"));
}
return(ApplicationResult.Ok(Mapper.Map <T>(entity)));
}
public ApplicationResult Update(TEntity value)
{
var result = _repository.Update(value);
if (result <= 0)
{
return(ApplicationResult.Fail("Cannot update the record in the database"));
}
return(ApplicationResult.Ok());
}
public ApplicationResult Delete(object id)
{
var result = _repository.DeleteById(id);
if (result <= 0)
{
return(ApplicationResult.Fail("Cannot delete the record in the database"));
}
return(ApplicationResult.Ok());
}
private ApplicationResult <JwtDto> TranslateSignInResult(SignInResult signInResult, string email)
{
if (signInResult.IsLockedOut)
{
return(ApplicationResult <JwtDto> .Fail(PowerChatError.Create(IdentityErrorCodes.UserLockedOut,
$"User with email '{email}' is locked out.")));
}
return(ApplicationResult <JwtDto> .Fail(PowerChatError.Create(IdentityErrorCodes.InvalidCredentials,
"Invalid credentials. Please try again.")));
}
public ApplicationResult UpdateUserProfile(UserEditProfile model, string userId)
{
var user = _userRepository.GetById(userId);
if (user == null)
{
return(ApplicationResult.Fail("User does not found"));
}
Mapper.Map(model, user);
_userRepository.Update(user);
return(ApplicationResult.Ok(Mapper.Map <UserViewProfile>(user)));
}
public ApplicationResult Insert(RegisterBindingModel model)
{
var existAccount =
_accountRepository.Get(x => x.Email == model.Email || x.UserName == model.UserName).FirstOrDefault();
if (existAccount != null)
{
return(ApplicationResult.Fail(ApplicationErrorCode.ErrorIsExist, "Account Email Or Username"));
}
throw new NotImplementedException();
}
protected IActionResult Result <T>(Func <ApplicationResult <T> > doFunc)
{
try
{
var result = doFunc();
return(Ok(result));
}
catch (Exception ex)
{
return(Ok(ApplicationResult.Fail <T>($"{ex.Message} {ex.StackTrace} {ex.InnerException?.Message}")));
}
}
public ApplicationResult ConfirmEmail(string token)
{
var account = _accountRepository.Gets(new { TokenConfrimEmail = token }).FirstOrDefault();
if (account == null)
{
return(ApplicationResult.Fail(ApplicationErrorCode.ErrorIsNotValid, "Wrong token"));
}
account.Status = AccountStatus.Active;
account.ConfirmEmail();
_accountRepository.Update(account);
return(ApplicationResult.Ok());
}
public ApplicationResult AddNewDevice(DeviceViewModel model, string userId)
{
var user = _userRepository.GetById(userId);
if (user == null)
{
return(ApplicationResult.Fail("User does not exist"));
}
model.UserId = userId;
var device = _deviceRepository.Insert(Mapper.Map <Device>(model));
return(ApplicationResult.Ok(Mapper.Map <DeviceViewModel>(device)));
}
public ApplicationResult GetAllMessageWithUser(string userId, string withUser)
{
var user = _userRepository.GetById(userId);
if (user == null)
{
return(ApplicationResult.Fail("User does not found"));
}
var results = _messageRepository.Gets(x => (x.ToUser == user.UserName && x.FromUser == withUser) ||
(x.FromUser == user.UserName && x.ToUser == withUser));
return(ApplicationResult.Ok(results.Select(Mapper.Map <MessageViewModel>)));
}
public ApplicationResult UpdateDevice(DeviceEditModel model)
{
var device = _deviceRepository.GetById(model.Id);
if (device == null)
{
return(ApplicationResult.Fail("Device not found"));
}
Mapper.Map(model, device);
_deviceRepository.Update(device);
return(ApplicationResult.Ok());
}
public ApplicationResult <UserViewModel> GetUserByRefreshToken(string refreshToken)
{
var user = _userRepository.Get(x => x.RefreshToken == refreshToken);
if (user == null || user.RefreshTokenExpireDate < DateTimeOffset.Now)
{
return(ApplicationResult.Fail <UserViewModel>("The refresh token is not valid, or expired"));
}
if (user.IsDeleted)
{
return(ApplicationResult.Fail <UserViewModel>("The user is deleted"));
}
return(ApplicationResult.Ok(Mapper.Map <UserViewModel>(user)));
}
public async Task <ApplicationResult <long> > Handle(SendChannelMessageCommand request, CancellationToken cancellationToken)
{
var currentUserResult = _currentUserService.GetResultUserId();
if (!currentUserResult.Succeeded)
{
return(ApplicationResult <long> .Fail(currentUserResult.Error));
}
var channel = await _dbContext.Channels.FindAsync(new object[] { request.ChannelId }, cancellationToken);
var sender = await _dbContext.Users.FindAsync(new object[] { currentUserResult.Value }, cancellationToken);
var interlocutorUserId = await _dbContext.Interlocutors
.Where(i => i.ChannelId == channel.Id)
.Where(i => i.UserId != currentUserResult.Value)
.Select(i => i.UserId)
.SingleAsync(cancellationToken);
var message = new Message
{
Channel = channel,
Sender = sender,
Content = request.Content
};
await _dbContext.Messages.AddAsync(message, cancellationToken);
await _dbContext.SaveChangesAsync(cancellationToken);
await _connectedUsersService.SendAsync(interlocutorUserId, "ReceiveMessage", new
{
message = new MessageModel
{
Id = message.Id,
AuthorId = sender.Id,
Content = message.Content,
Own = false,
Seen = message.Seen,
SentDate = message.CreatedDate
},
channelId = channel.Id
});
return(ApplicationResult <long> .Ok(message.Id));
}
public ApplicationResult <UserViewModel> SignUp(UserViewModel model)
{
model.UserName = model.UserName.ToLower();
model.Email = model.Email.ToLower();
var users = _userRepository.Gets(x => true);
var existUser = users.FirstOrDefault(x => model.UserName == x.UserName);
if (existUser != null)
{
return(ApplicationResult.Fail <UserViewModel>("The user already exists"));
}
var user = Mapper.Map <User>(model);
SetPassword(user, model.PasswordHash);
_userRepository.Insert(user);
return(ApplicationResult.Ok(Mapper.Map <UserViewModel>(user)));
}
public void OnAuthorization(AuthorizationFilterContext context)
{
var hasClaim = context.HttpContext.User.Claims.Any(c => c.Type == _claim.Type && c.Value == _claim.Value);
if (hasClaim)
{
return;
}
if (!context.HttpContext.Request.Headers.ContainsKey("Authorization"))
{
context.Result = new CustomUnauthorizedResult("Blocked");
return;
}
var token = context.HttpContext.Request.Headers.FirstOrDefault(x => x.Key == "Authorization").Value.ToString().Split(" ")[1];
var tokenHandler = new JwtSecurityTokenHandler();
if (!tokenHandler.CanReadToken(token))
{
context.Result = new CustomUnauthorizedResult("Can't read token");
return;
}
var jwtSecurityToken = tokenHandler.ReadToken(token) as JwtSecurityToken;
var claims = jwtSecurityToken?.Claims;
var userId = claims.First(x => x.Type == JwtRegisteredClaimNames.Sub).Value;
using (var db = new ApplicationDbContext())
{
var user = db.UserRoles.Include(x => x.Role).FirstOrDefault(x => x.UserId == userId && x.Role != null && x.Role.Name == _claim.Value);
if (user == null)
{
var result = ApplicationResult.Fail("No no no");
context.Result = new OkObjectResult(result);
return;
}
}
}
public ApplicationResult <UserViewModel> GetUserByCredential(string username, string password)
{
username = username.ToLower();
var user = _userRepository.Get(x => x.UserName == username);
if (user == null)
{
return(ApplicationResult.Fail <UserViewModel>("The username does not exist"));
}
var isValidPassword = ValidatePassword(user, password);
if (isValidPassword == false)
{
return(ApplicationResult.Fail <UserViewModel>("The password is not valid"));
}
if (user.IsDeleted)
{
return(ApplicationResult.Fail <UserViewModel>("The user is deleted"));
}
return(ApplicationResult.Ok(Mapper.Map <UserViewModel>(user)));
}
public ApplicationResult <Account> Create(RegisterBindingModel model)
{
var account = _accountRepository.Gets(new { Username = model.Email, IsDeleted = false }).FirstOrDefault();
if (account != null)
{
return(ApplicationResult.Fail <Account>("The account already exists"));
}
account = new Account {
UserName = model.Email, Email = model.Email, DisplayName = model.DisplayName
};
account.SetPassword(model.Password);
account.GenerateActiveToken();
var accountResult = _accountRepository.Insert(account);
var insertRoleResult = _roleRepository.InsertRoleForAccount(accountResult.Id, ApplicationConstant.Role.User);
if (insertRoleResult.IsFailure)
{
return(ApplicationResult.Fail <Account>(insertRoleResult.Errors));
}
return(ApplicationResult.Ok(account));
}
public async Task <ApplicationResult <long> > Handle(CreateUserChannelCommand request, CancellationToken cancellationToken)
{
var currentUserResult = _currentUserService.GetResultUserId();
if (!currentUserResult.Succeeded)
{
return(ApplicationResult <long> .Fail(currentUserResult.Error));
}
var user = await _dbContext.Users.FindAsync(new object[] { request.UserId }, cancellationToken);
var currentUser = await _dbContext.Users.FindAsync(new object[] { currentUserResult.Value }, cancellationToken);
var channel = new Channel();
var userInterlocutor = new Interlocutor
{
Channel = channel,
User = user
};
var currentUserInterlocutor = new Interlocutor
{
Channel = channel,
User = currentUser
};
await _dbContext.Channels.AddAsync(channel, cancellationToken);
await _dbContext.Interlocutors.AddAsync(userInterlocutor, cancellationToken);
await _dbContext.Interlocutors.AddAsync(currentUserInterlocutor, cancellationToken);
await _dbContext.SaveChangesAsync(cancellationToken);
await _mediator.Publish(new ChannelCreatedEvent { ChannelId = channel.Id }, cancellationToken);
return(ApplicationResult <long> .Ok(channel.Id));
}
public ApplicationResult ActionUser(RelationAction action, string userId, string currentUserId)
{
var message = _userRepository.ActionUser(action, userId, currentUserId);
return(string.IsNullOrEmpty(message) ? ApplicationResult.Ok() : ApplicationResult.Fail(message));
}
public IActionResult Auth(TokenAuthRequest model)
{
return(Result(() =>
{
if (model == null)
{
return ApplicationResult.Fail("bad request");
}
UserViewModel user;
switch (model.GrantType)
{
case "password":
var credentialResult = _userService.GetUserByCredential(model.UserName, model.Password);
if (credentialResult.IsSuccess == false)
{
return credentialResult;
}
user = credentialResult.Value;
break;
case "refresh_token":
var refreshTokenResult = _userService.GetUserByRefreshToken(model.RefreshToken);
if (refreshTokenResult.IsSuccess == false)
{
return refreshTokenResult;
}
user = refreshTokenResult.Value;
break;
case "signUp":
case "string":
if (!ModelState.IsValid)
{
return ApplicationResult.Fail(GetModelErrors());
}
//return user Id
var signUpResult = _userService.SignUp(new UserViewModel()
{
UserName = model.UserName.ToLower(),
Email = model.Email,
PasswordHash = model.Password,
Avatar = model.Avatar,
Country = model.Country,
SexType = model.SexType,
PhoneNumber = model.Phone
});
if (signUpResult.IsSuccess == false)
{
return signUpResult;
}
user = signUpResult.Value;
break;
default:
return ApplicationResult.Fail("The grant_type is not support");
}
var refreshToken = _userService.GrantRefreshToken(user.Id);
var accessToken = GenerateJwtToken(user);
var result = new TokenAuthResponse
{
RefreshToken = refreshToken,
AccessToken = accessToken
};
return ApplicationResult.Ok(result);
}));
}
