Пример #1
0
        public async Task <IActionResult> GetJournalEntries([FromHeader] string token)
        {
            var verifiedToken = _jwtHandler.VerifyToken(token);

            if (verifiedToken == null)
            {
                _context.Journals.Add(JournalEntryBuilder.CreateEntry("Get journal entries action", false, "Unauthorized"));
                await _context.SaveChangesAsync();

                return(Unauthorized());
            }

            if (verifiedToken.Payload["role"].ToString() != "Admin")
            {
                _context.Journals.Add(JournalEntryBuilder.CreateEntry("Get journal entries action", false,
                                                                      verifiedToken.Payload["user"].ToString()));
                await _context.SaveChangesAsync();

                return(BadRequest("Access denied"));
            }

            _context.Journals.Add(JournalEntryBuilder.CreateEntry("Get journal entries action", true,
                                                                  verifiedToken.Payload["user"].ToString()));
            await _context.SaveChangesAsync();

            return(Ok(_context.Journals));
        }
Пример #2
0
        public ObjectResult Authorize([FromBody] UserAuthModel userModel)
        {
            if (!ModelState.IsValid)
            {
                _context.Journals.Add(JournalEntryBuilder.CreateEntry("Authorize", false, "Unauthorized"));
                _context.SaveChanges();

                return(new BadRequestObjectResult(ModelState));
            }

            var user = _context.Users.FirstOrDefault(c => c.Email == userModel.Email && c.Password == userModel.Password);

            if (user == null)
            {
                _context.Journals.Add(JournalEntryBuilder.CreateEntry("Authorize", false, "Unauthorized"));
                _context.SaveChanges();

                return(new BadRequestObjectResult("Invalid credentials"));
            }

            List <Claim> claims = new List <Claim>();

            claims.Add(new Claim("user", user.Id.ToString()));
            claims.Add(new Claim("role", user.Status.ToString()));
            var accessToken = _jwtHandler.GenerateToken(claims);
            var tokenString = $"{accessToken.EncodedHeader}.{accessToken.EncodedPayload}.{accessToken.RawSignature}";

            user.Modified = DateTime.Now;
            _context.Update(user);
            _context.Journals.Add(JournalEntryBuilder.CreateEntry("Authorize", true, user.Id.ToString()));

            _context.SaveChanges();

            return(new OkObjectResult(tokenString));
        }
Пример #3
0
        public async Task <IActionResult> GetNote([FromHeader] string token, [FromRoute] int id)
        {
            int user = GetUser(token);

            if (user == -1)
            {
                _context.Journals.Add(JournalEntryBuilder.CreateEntry("Get note", false, "Unauthorized"));
                await _context.SaveChangesAsync();

                return(Unauthorized());
            }

            if (!ModelState.IsValid)
            {
                _context.Journals.Add(JournalEntryBuilder.CreateEntry("Get note", false, user.ToString()));
                await _context.SaveChangesAsync();

                return(BadRequest(ModelState));
            }

            var note = await _context.Notes.SingleOrDefaultAsync(m => m.Id == id && m.UserId == user);

            if (note == null)
            {
                _context.Journals.Add(JournalEntryBuilder.CreateEntry("Get note", false, user.ToString()));
                await _context.SaveChangesAsync();

                return(NotFound());
            }

            _context.Journals.Add(JournalEntryBuilder.CreateEntry("Get note", true, user.ToString()));
            await _context.SaveChangesAsync();

            return(Ok(note));
        }
Пример #4
0
        public async Task <IActionResult> PostNote([FromHeader] string token, [FromBody] NoteViewModel note)
        {
            int user = GetUser(token);

            if (user == -1)
            {
                _context.Journals.Add(JournalEntryBuilder.CreateEntry("Post note", false, "Unauthorized"));
                await _context.SaveChangesAsync();

                return(Unauthorized());
            }

            if (!ModelState.IsValid)
            {
                _context.Journals.Add(JournalEntryBuilder.CreateEntry("Post note", false, user.ToString()));
                await _context.SaveChangesAsync();

                return(BadRequest(ModelState));
            }

            var dbNote = new Note {
                Title   = note.Title,
                Content = note.Content,
                Created = DateTime.Now,
                UserId  = user
            };


            _context.Notes.Add(dbNote);
            _context.Journals.Add(JournalEntryBuilder.CreateEntry("Post note", true, user.ToString()));

            await _context.SaveChangesAsync();

            return(Ok(dbNote));
        }
Пример #5
0
        public ObjectResult GetNotes([FromHeader] string token)
        {
            int user = GetUser(token);

            if (user == -1)
            {
                _context.Journals.Add(JournalEntryBuilder.CreateEntry("Get notes", false, "Unauthorized"));
                _context.SaveChanges();
                return(new NotFoundObjectResult("Unauthorized!"));
            }
            _context.Journals.Add(JournalEntryBuilder.CreateEntry("Get notes", true, user.ToString()));
            _context.SaveChanges();
            return(new OkObjectResult(_context.Notes.Where(note => note.UserId == user)));
        }
Пример #6
0
        public async Task <IActionResult> PutNote([FromHeader] string token, [FromBody] NoteViewModel note)
        {
            int user = GetUser(token);

            if (user == -1)
            {
                _context.Journals.Add(JournalEntryBuilder.CreateEntry("Put note", false, "Unauthorized"));
                await _context.SaveChangesAsync();

                return(Unauthorized());
            }

            if (!ModelState.IsValid)
            {
                _context.Journals.Add(JournalEntryBuilder.CreateEntry("Put note", false, user.ToString()));
                await _context.SaveChangesAsync();

                return(BadRequest(ModelState));
            }

            var dbNote = await _context.Notes.SingleOrDefaultAsync(m => m.Id == note.Id& m.UserId == user);

            dbNote.Modified = DateTime.Now;
            dbNote.Title    = note.Title;
            dbNote.Content  = note.Content;

            _context.Entry(dbNote).State = EntityState.Modified;

            try
            {
                await _context.SaveChangesAsync();
            }
            catch (DbUpdateConcurrencyException)
            {
                if (!NoteExists(dbNote.Id, user))
                {
                    _context.Journals.Add(JournalEntryBuilder.CreateEntry("Put note", false, user.ToString()));
                    return(NotFound());
                }
                else
                {
                    throw;
                }
            }
            _context.Journals.Add(JournalEntryBuilder.CreateEntry("Put note", true, user.ToString()));
            await _context.SaveChangesAsync();

            return(Ok());
        }