public IActionResult Jwt()
        {
            var token = Request.Cookies[TokenKey];

            if (!String.IsNullOrWhiteSpace(token))
            {
                try
                {
                    var(principal, accessToken) = _jwtAuthManager.DecodeJwtToken(token);
                    if (accessToken != null)
                    {
                        string refreshToken = _jwtAuthManager.GetRefreshTokenWithUserName(principal.Identity.Name);
                        if (!String.IsNullOrEmpty(refreshToken))
                        {
                            LoginResponse loginResponse = new LoginResponse
                            {
                                AccessToken  = token,
                                RefreshToken = refreshToken,
                                Username     = principal.Identity.Name
                            };
                            return(Ok(loginResponse));
                        }
                    }
                }
                catch
                {
                    ClearTokenCookie();
                }
            }
            return(Unauthorized());
        }
        protected UserMetaData getUserFromAccessToken()
        {
            var authorizationStr = HttpContext.Request.Headers["Authorization"].FirstOrDefault();

            if (authorizationStr == null)
            {
                return(null);
            }

            var accessToken = authorizationStr.Split(" ").Last();

            if (string.IsNullOrWhiteSpace(accessToken))
            {
                return(null);
            }

            var(principal, jwtToken) = jwtAuthManager.DecodeJwtToken(token: accessToken, validateLifteTime: true);

            var user = new UserMetaData
            {
                Id       = jwtToken.Claims.First(x => x.Type == "Id").Value,
                Roles    = jwtToken.Claims.First(x => x.Type == "Roles").Value.Split(" ").ToList(),
                FullName = jwtToken.Claims.First(x => x.Type == "FullName").Value,
                UserName = jwtToken.Claims.First(x => x.Type == "sub").Value
            };

            return(user);
        }
Пример #3
0
        public void EditProfile(string newFullName, string newEmail, string newPhoneNumber, string newProfileImage, string newPassword, string oldPassword, string accessToken)
        {
            var(principal, jwtToken) = _jwtAuthManager.DecodeJwtToken(accessToken);
            var user = _db.User.Find(int.Parse(principal.FindFirst(ClaimTypes.NameIdentifier).Value));

            if (user != null)
            {
                if (BCrypt.Net.BCrypt.Verify(oldPassword, user.Password))
                {
                    if (!String.IsNullOrEmpty(newFullName))
                    {
                        user.FullName = newFullName;
                        _logger.LogInformation($"User[{user.FullName}] full name.");
                    }
                    if (!String.IsNullOrEmpty(newEmail))
                    {
                        user.Email = newEmail;
                        _logger.LogInformation($"User[{user.FullName}] changed email.");
                    }
                    if (!String.IsNullOrEmpty(newPhoneNumber))
                    {
                        user.PhoneNumber = newPhoneNumber;
                        _logger.LogInformation($"User[{user.FullName}] changed phone number.");
                    }
                    if (!String.IsNullOrEmpty(newPassword))
                    {
                        user.Password = BCrypt.Net.BCrypt.HashPassword(newPassword);
                        _logger.LogInformation($"User[{user.FullName}] changed password.");
                    }
                    if (!String.IsNullOrEmpty(newProfileImage))
                    {
                        var base64String = newProfileImage.Split(",")[1];
                        if (!String.IsNullOrEmpty(newPassword))
                        {
                            throw new Exception("Bad format of profile image!");
                        }
                        //_logger.LogInformation(newProfileImage);
                        //_logger.LogInformation(base64String);
                        byte[] bytes = Convert.FromBase64String(base64String);
                        using var image = Image.Load(bytes, out IImageFormat format);
                        var fileName = user.Email + '.' + format.FileExtensions.ElementAt(0);
                        var fullPath = Path.Combine(_webHostEnvironment.WebRootPath, "img/" + fileName);
                        //_logger.LogInformation(fullPath);
                        image.Save(fullPath);
                        _logger.LogInformation($"User[{user.FullName}] changed profile image.");
                        user.ProfileImage = user.Email + '.' + format.FileExtensions.ElementAt(0);
                    }
                    _db.User.Update(user);
                    _db.SaveChanges();
                    return;
                }
                else
                {
                    throw new Exception("InvalidCredential!");
                }
            }
            throw new Exception("Unauthoried!");
        }
Пример #4
0
        public void Create(string name, string equipmentName, DateTime now, string accessToken)
        {
            var(principal, jwtToken) = _jwtAuthManager.DecodeJwtToken(accessToken);
            var  createBy = principal.FindFirst(ClaimTypes.Name).Value;
            Room room     = new() { Name = name, EquipmentName = equipmentName, CreateBy = createBy, DateModified = now };

            _db.Room.Add(room);
            _db.SaveChanges();
        }
Пример #5
0
        public Reservation Create(int roomId, DateTime startDateTime, int hourPeriod, string accessToken)
        {
            TimeZoneInfo asiaThTimeZone = TimeZoneInfo.FindSystemTimeZoneById("SE Asia Standard Time");

            startDateTime = TimeZoneInfo.ConvertTimeFromUtc(startDateTime, asiaThTimeZone);
            DateTime endDateTime = startDateTime.AddHours(hourPeriod);

            _logger.LogInformation("startDate : " + startDateTime.ToLongDateString() + ' ' + startDateTime.ToLongTimeString());
            _logger.LogInformation("endDate : " + endDateTime.ToLongDateString() + ' ' + endDateTime.ToLongTimeString());
            if (endDateTime.Day != startDateTime.Day || (startDateTime.Hour < 9 || (startDateTime.Hour > 21)) || (endDateTime.Hour < 10 || (startDateTime.Hour > 22)))
            {
                throw new Exception("Invalid start or end time!");
            }
            var(principal, jwtToken) = _jwtAuthManager.DecodeJwtToken(accessToken);
            User user = _db.User.Find(int.Parse(principal.FindFirst(ClaimTypes.NameIdentifier).Value));

            if (user.Status == User.UserStatus.banned)
            {
                throw new Exception("You are in banned status! Please contact admin.");
            }
            IEnumerable <Equipment> equipments = _db.Equipment.Where(c => c.RoomId == roomId && c.Status == Equipment.EquipmentStatus.available);
            int equipmentQuentity = equipments.Count();
            IEnumerable <Reservation> reservarions = _db.Reservation.Where(c => ((c.StartDateTime >= startDateTime && c.StartDateTime < endDateTime) || (c.EndDateTime > startDateTime && c.EndDateTime <= endDateTime)) && c.RoomId == roomId);

            _logger.LogInformation(reservarions.Count().ToString());
            if (reservarions.Count() >= equipmentQuentity)
            {
                throw new Exception("Reservation is full!");
            }
            if (reservarions.FirstOrDefault(c => c.UserId == int.Parse(principal.FindFirst(ClaimTypes.NameIdentifier).Value)) != null)
            {
                if (int.Parse(principal.FindFirst(ClaimTypes.NameIdentifier).Value) != 3)
                {
                    throw new Exception("You already reserved in period time!");
                }
            }

            Reservation newReservation = new() { UserId = int.Parse(principal.FindFirst(ClaimTypes.NameIdentifier).Value), RoomId = roomId, StartDateTime = startDateTime, EndDateTime = endDateTime };

            _db.Reservation.Add(newReservation);
            _db.SaveChanges();
            return(newReservation);
        }
Пример #6
0
        protected async Task <User> GetCurrentUser()
        {
            var decodeJtw = _jwtAuthManager.DecodeJwtToken(AccessToken);
            var id        = decodeJtw.Item1.Claims.FirstOrDefault(x => x.Type == "id")?.Value;
            var user      = await _userRepository.GetAsync(x => x.Id == id);

            if (user is null)
            {
                throw new Exception("User bulunamadı");
            }

            return(user);
        }