public async Task <Object> GetUserPagging(SearchAccountViewModel model, Guid currentUser)
{
var data = _unitOfWork.AccountRepository.Get(x => (model.Username == null || x.Username.Contains(model.Username)) &&
(x.IsDelete == false) &&
(x.Id != currentUser));
int totalRow = data.Count();
var dataWithPage = data.Skip((model.PageIndex - 1) * model.PageSize)
.Take(model.PageSize)
.Select(x => new AccountViewModel()
{
Id = x.Id,
Username = x.Username,
FullName = x.FullName,
Address = x.Address,
Role = x.Role.ToString()
}).ToList();
var rs = new PagedResult <AccountViewModel>
{
PageSize = model.PageSize,
PageIndex = model.PageIndex,
TotalRecord = totalRow,
Items = dataWithPage
};
return(_apiResponse.Ok(rs));
}
/// <summary>
/// Search accounts using specific conditions.
/// </summary>
/// <param name="accounts"></param>
/// <param name="conditions"></param>
/// <returns></returns>
public IQueryable <Account> Search(IQueryable <Account> accounts, SearchAccountViewModel conditions)
{
// Id has been identified.
if (conditions.Id != null)
{
accounts = accounts.Where(x => x.Id == conditions.Id.Value);
}
// Email & nickname are defined.
accounts = SearchPropertyText(accounts, x => x.Email, conditions.Email);
accounts = SearchPropertyText(accounts, x => x.Nickname, conditions.Nickname);
// Statuses have been defined.
if (conditions.Statuses != null)
{
// Construct the statuses as a list.
var statuses = conditions.Statuses.ToList();
accounts = accounts.Where(x => statuses.Contains(x.Status));
}
// JoinedTime has been defined.
//accounts = SearchPropertyNumeric(accounts, x => x.JoinedTime, conditions.JoinedTime);
//accounts = SearchPropertyNumeric(accounts, x => x.LastModifiedTime, conditions.LastModifiedTime);
return(accounts);
}
public async Task <IActionResult> ForgotPassword([FromBody] ForgotPasswordViewModel parameter)
{
#region Model validation
// Parameter hasn't been initialized.
if (parameter == null)
{
parameter = new ForgotPasswordViewModel();
TryValidateModel(parameter);
}
#endregion
#region Email search
// Initiate search conditions.
var conditions = new SearchAccountViewModel();
conditions.Email = new TextSearch(TextSearchMode.EndsWithIgnoreCase, parameter.Email);
conditions.Statuses = new[] { AccountStatus.Active };
// Search user in database.
var accounts = _unitOfWork.RepositoryAccounts.Search();
var account = await _unitOfWork.RepositoryAccounts.Search(accounts, conditions).FirstOrDefaultAsync();
// User is not found.
if (account == null)
{
return(NotFound(HttpMessages.AccountIsNotFound));
}
#endregion
#region Information initialization
// Find current system time.
var systemTime = DateTime.UtcNow;
var expiration = systemTime.AddSeconds(_applicationSettings.PasswordResetTokenLifeTime);
// Initiate token.
var token = new Token();
token.OwnerIndex = account.Id;
token.Type = TokenType.AccountReactiveCode;
token.Code = Guid.NewGuid().ToString("D");
token.Issued = _systemTimeService.DateTimeUtcToUnix(systemTime);
token.Expired = _systemTimeService.DateTimeUtcToUnix(expiration);
// Save token into database.
_unitOfWork.RepositoryTokens.Insert(token);
#endregion
#region Email broadcast
//TODO: Send instruction email.
#endregion
return(Ok());
}
/// <summary>
/// Handle requirement asychronously.
/// </summary>
/// <param name="context"></param>
/// <param name="requirement"></param>
/// <returns></returns>
protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, SolidAccountRequirement requirement)
{
// Convert authorization filter context into authorization filter context.
var authorizationFilterContext = (AuthorizationFilterContext)context.Resource;
//var httpContext = authorizationFilterContext.HttpContext;
var httpContext = _httpContextAccessor.HttpContext;
// Find claim identity attached to principal.
var claimIdentity = (ClaimsIdentity)httpContext.User.Identity;
// Find email from claims list.
var email =
claimIdentity.Claims.Where(x => x.Type.Equals(ClaimTypes.Email))
.Select(x => x.Value)
.FirstOrDefault();
// Email is invalid.
if (string.IsNullOrEmpty(email))
{
context.Fail();
return;
}
// Find account information.
var condition = new SearchAccountViewModel();
condition.Email = new TextSearch();
condition.Email.Value = email;
condition.Email.Mode = TextSearchMode.Equal;
// Find accounts based on conditions.
var accounts = _unitOfWork.RepositoryAccounts.Search();
accounts = _unitOfWork.RepositoryAccounts.Search(accounts, condition);
// Find the first matched account in the system.
var account = await accounts.FirstOrDefaultAsync();
// Account is not found.
if (account == null)
{
return;
}
// Initiate claim identity with newer information from database.
var identity = (ClaimsIdentity)_identityService.InitiateIdentity(account);
identity.AddClaim(new Claim(ClaimTypes.Role, Enum.GetName(typeof(AccountRole), account.Role)));
identity.AddClaim(new Claim(ClaimTypes.Authentication, Enum.GetName(typeof(AccountStatus), account.Status)));
// Update claim identity.
httpContext.User = httpContext.Authentication.HttpContext.User = new ClaimsPrincipal(identity);
httpContext.Items.Add(ClaimTypes.Actor, account);
context.Succeed(requirement);
}
public async Task <HttpResponseMessage> FindAccounts([FromBody] SearchAccountViewModel conditions)
{
#region Parameters validation
// Conditions haven't been initialized.
if (conditions == null)
{
conditions = new SearchAccountViewModel();
Validate(conditions);
}
if (!ModelState.IsValid)
{
_log.Error($"Parameters are invalid. Submitted: {JsonConvert.SerializeObject(conditions)}");
return(Request.CreateResponse(HttpStatusCode.BadRequest,
FindValidationMessage(ModelState, nameof(conditions))));
}
#endregion
#region Search account
// Initiate search result.
var result = new SearchResult <IList <Account> >();
// Find all accounts in database.
var accounts = UnitOfWork.RepositoryAccounts.Search();
// Find accounts with specific conditions.
accounts = UnitOfWork.RepositoryAccounts.Search(accounts, conditions);
// Sort accounts
var sorting = conditions.Sorting;
accounts = UnitOfWork.RepositoryAccounts.Sort(accounts, sorting.Direction, sorting.Property);
// Count total condition matched account number.
result.Total = await accounts.CountAsync();
// Sort and paginate.
accounts = UnitOfWork.RepositoryAccounts.Paginate(accounts, conditions.Pagination);
// Take accounts list.
result.Records = await accounts.ToListAsync();
// Search for accounts in database.
return(Request.CreateResponse(HttpStatusCode.OK, result));
#endregion
}
public async Task <IActionResult> GetUserPagging([FromQuery] SearchAccountViewModel model)
{
var identity = HttpContext.User.Identity as ClaimsIdentity;
if (identity.IsAuthenticated)
{
Guid id = Guid.Parse(identity.FindFirst("Id").Value);
var rs = await _accountService.GetUserPagging(model, id);
return(Ok(rs));
}
else
{
return(BadRequest("token valid"));
}
}
public async Task <IActionResult> Login([FromBody] LoginViewModel parameters)
{
#region Parameters validation
// Parameter hasn't been initialized.
if (parameters == null)
{
parameters = new LoginViewModel();
TryValidateModel(parameters);
}
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
#endregion
#if !ALLOW_ANONYMOUS
#region Search account
// Find account with specific information in database.
var condition = new SearchAccountViewModel();
// Email search condition.
condition.Email = new TextSearch();
condition.Email.Mode = TextSearchMode.Equal;
condition.Email.Value = parameters.Email;
// Find account by password.
condition.Password = new TextSearch();
condition.Password.Value = _encryptionService.Md5Hash(parameters.Password);
condition.Password.Mode = TextSearchMode.EqualIgnoreCase;
condition.Statuses = new[] { Statuses.Active };
// Find accounts with defined condition above.
var accounts = _unitOfWork.RepositoryAccounts.Search();
accounts = _unitOfWork.RepositoryAccounts.Search(accounts, condition);
// Find the first account in database.
var account = await accounts.FirstOrDefaultAsync();
if (account == null)
{
return(NotFound(new HttpResponse(HttpMessages.AccountIsNotFound)));
}
#endregion
#else
var account = new Account();
account.Email = "*****@*****.**";
account.Nickname = "Linh Nguyen";
#endif
// Find current time on the system.
var systemTime = DateTime.Now;
var jwtExpiration = systemTime.AddSeconds(_jwtConfiguration.LifeTime);
// Claims initalization.
var claims = new List <Claim>();
claims.Add(new Claim(JwtRegisteredClaimNames.Aud, _jwtConfiguration.Audience));
claims.Add(new Claim(JwtRegisteredClaimNames.Iss, _jwtConfiguration.Issuer));
claims.Add(new Claim(JwtRegisteredClaimNames.Email, account.Email));
claims.Add(new Claim(nameof(account.Nickname), account.Nickname));
// Write a security token.
var jwtSecurityToken = new JwtSecurityToken(_jwtConfiguration.Issuer, _jwtConfiguration.Audience, claims, null, jwtExpiration, _jwtConfiguration.SigningCredentials);
// Initiate token handler which is for generating token code.
var jwtSecurityTokenHandler = new JwtSecurityTokenHandler();
jwtSecurityTokenHandler.WriteToken(jwtSecurityToken);
#region Jwt initialization
var jwt = new JwtResponse();
jwt.Code = jwtSecurityTokenHandler.WriteToken(jwtSecurityToken);
jwt.LifeTime = _jwtConfiguration.LifeTime;
jwt.Expiration = _systemTimeService.DateTimeUtcToUnix(jwtExpiration);
#endregion
return(Ok(jwt));
}
public async Task <IActionResult> Register([FromBody] RegisterAccountViewModel parameters)
{
#region Parameters validation
// Parameters haven't been initialized. Initialize 'em.
if (parameters == null)
{
parameters = new RegisterAccountViewModel();
TryValidateModel(parameters);
}
// Parameters are invalid. Send errors back to client.
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
#endregion
#region Search account
// Initiate search account condition.
var condition = new SearchAccountViewModel();
condition.Email = new TextSearch();
condition.Email.Mode = TextSearchMode.EqualIgnoreCase;
condition.Email.Value = parameters.Email;
// Search accounts.
var accounts = _unitOfWork.RepositoryAccounts.Search();
accounts = _unitOfWork.RepositoryAccounts.Search(accounts, condition);
var account = await accounts.FirstOrDefaultAsync();
// Account exists in system.
if (account != null)
{
Response.StatusCode = (int)HttpStatusCode.Conflict;
return(Json(new HttpResponse(HttpMessages.AccountIsInUse)));
}
#endregion
#region Initiate account
// Initiate account with specific information.
account = new Account();
account.Email = parameters.Email;
account.Password = _encryptionService.Md5Hash(parameters.Password);
// Add account into database.
_unitOfWork.RepositoryAccounts.Insert(account);
// Save changes asychronously.
await _unitOfWork.CommitAsync();
// TODO: Implement instruction email.
// TODO: Implement notification service which notifies administrators about the registration.
#endregion
return(Ok());
}
/// <summary>
/// Search accounts using specific conditions.
/// </summary>
/// <param name="accounts"></param>
/// <param name="conditions"></param>
/// <returns></returns>
public IQueryable <Account> Search(IQueryable <Account> accounts, SearchAccountViewModel conditions)
{
// Page has been identified.
if (conditions.Id != null)
{
accounts = accounts.Where(x => x.Id == conditions.Id.Value);
}
// Email has been identified.
if (conditions.Email != null && !string.IsNullOrWhiteSpace(conditions.Email.Value))
{
switch (conditions.Email.Mode)
{
case TextComparision.Contain:
accounts = accounts.Where(x => x.Email.Contains(conditions.Email.Value));
break;
case TextComparision.Equal:
accounts = accounts.Where(x => x.Email.Equals(conditions.Email.Value));
break;
case TextComparision.EqualIgnoreCase:
accounts = accounts.Where(x => x.Email.Equals(conditions.Email.Value, StringComparison.InvariantCultureIgnoreCase));
break;
case TextComparision.StartsWith:
accounts = accounts.Where(x => x.Email.StartsWith(conditions.Email.Value));
break;
case TextComparision.StartsWithIgnoreCase:
accounts = accounts.Where(x => x.Email.StartsWith(conditions.Email.Value, StringComparison.InvariantCultureIgnoreCase));
break;
case TextComparision.EndsWith:
accounts = accounts.Where(x => x.Email.EndsWith(conditions.Email.Value));
break;
case TextComparision.EndsWithIgnoreCase:
accounts = accounts.Where(x => x.Email.EndsWith(conditions.Email.Value, StringComparison.InvariantCultureIgnoreCase));
break;
default:
accounts = accounts.Where(x => x.Email.ToLower().Contains(conditions.Email.Value.ToLower()));
break;
}
}
// Nickname has been identified.
if (conditions.Nickname != null && !string.IsNullOrWhiteSpace(conditions.Nickname.Value))
{
switch (conditions.Nickname.Mode)
{
case TextComparision.Contain:
accounts = accounts.Where(x => x.Nickname.Contains(conditions.Nickname.Value));
break;
case TextComparision.Equal:
accounts = accounts.Where(x => x.Nickname.Equals(conditions.Nickname.Value));
break;
case TextComparision.EqualIgnoreCase:
accounts = accounts.Where(x => x.Nickname.Equals(conditions.Nickname.Value, StringComparison.InvariantCultureIgnoreCase));
break;
case TextComparision.StartsWith:
accounts = accounts.Where(x => x.Nickname.StartsWith(conditions.Nickname.Value));
break;
case TextComparision.StartsWithIgnoreCase:
accounts = accounts.Where(x => x.Nickname.StartsWith(conditions.Nickname.Value, StringComparison.InvariantCultureIgnoreCase));
break;
case TextComparision.EndsWith:
accounts = accounts.Where(x => x.Nickname.EndsWith(conditions.Nickname.Value));
break;
case TextComparision.EndsWithIgnoreCase:
accounts = accounts.Where(x => x.Nickname.EndsWith(conditions.Nickname.Value, StringComparison.InvariantCultureIgnoreCase));
break;
default:
accounts = accounts.Where(x => x.Nickname.ToLower().Contains(conditions.Nickname.Value.ToLower()));
break;
}
}
// Statuses have been defined.
if (conditions.Statuses != null && conditions.Statuses.Length > 0)
{
// Construct the statuses as a list.
var statuses = conditions.Statuses.ToList();
accounts = accounts.Where(x => statuses.Contains(x.Status));
}
//// Find sorting property.
//var sorting = conditions.Sorting;
//switch (sorting.Direction)
//{
// case SortDirection.Decending:
// switch (sorting.Property)
// {
// case AccountsSort.Email:
// accounts = accounts.OrderByDescending(x => x.Email);
// break;
// case AccountsSort.Nickname:
// accounts = accounts.OrderByDescending(x => x.Nickname);
// break;
// case AccountsSort.Status:
// accounts = accounts.OrderByDescending(x => x.Status);
// break;
// case AccountsSort.Joined:
// accounts = accounts.OrderByDescending(x => x.Joined);
// break;
// case AccountsSort.LastModified:
// accounts = accounts.OrderByDescending(x => x.LastModified);
// break;
// default:
// accounts = accounts.OrderByDescending(x => x.Id);
// break;
// }
// break;
// default:
// switch (sorting.Property)
// {
// case AccountsSort.Email:
// accounts = accounts.OrderBy(x => x.Email);
// break;
// case AccountsSort.Nickname:
// accounts = accounts.OrderBy(x => x.Nickname);
// break;
// case AccountsSort.Status:
// accounts = accounts.OrderBy(x => x.Status);
// break;
// case AccountsSort.Joined:
// accounts = accounts.OrderBy(x => x.Joined);
// break;
// case AccountsSort.LastModified:
// accounts = accounts.OrderBy(x => x.LastModified);
// break;
// default:
// accounts = accounts.OrderBy(x => x.Id);
// break;
// }
// break;
//}
// Joined has been defined.
if (conditions.Joined != null)
{
var from = conditions.Joined.From;
var to = conditions.Joined.To;
if (from != null)
{
accounts = accounts.Where(x => x.JoinedTime >= from);
}
if (to != null)
{
accounts = accounts.Where(x => x.JoinedTime <= to);
}
}
// Last modified has been defined.
if (conditions.LastModified != null)
{
var from = conditions.LastModified.From;
var to = conditions.LastModified.To;
if (from != null)
{
accounts = accounts.Where(x => x.LastModifiedTime >= from);
}
if (to != null)
{
accounts = accounts.Where(x => x.LastModifiedTime <= to);
}
}
return(accounts);
}
public async Task <HttpResponseMessage> SubmitAlternativePassword([FromBody] ResetPasswordViewModel parameters)
{
try
{
#region Parameters validation
// Parameters haven't been initialized.
if (parameters == null)
{
parameters = new ResetPasswordViewModel();
Validate(parameters);
}
// Parameters are invalid.
if (!ModelState.IsValid)
{
return(Request.CreateResponse(HttpStatusCode.BadRequest,
FindValidationMessage(ModelState, nameof(parameters))));
}
#endregion
#region Information search
// Account search condition construction.
var searchAccountCondition = new SearchAccountViewModel();
searchAccountCondition.Email = new TextSearch();
searchAccountCondition.Email.Value = parameters.Email;
searchAccountCondition.Email.Mode = TextComparision.Equal;
// Search all accounts in database.
var accounts = UnitOfWork.RepositoryAccounts.Search();
accounts = UnitOfWork.RepositoryAccounts.Search(accounts, searchAccountCondition);
// Token search.
var conditions = new FindTokensViewModel();
conditions.Code = new TextSearch
{
Mode = TextComparision.Equal,
Value = parameters.Token
};
conditions.Types = new[] { TokenType.Forgot };
// Search all tokens from database.
var tokens = UnitOfWork.RepositoryTokens.Search();
tokens = UnitOfWork.RepositoryTokens.Search(tokens, conditions);
// Information join & search.
var findResult = await(from token in tokens
from account in accounts
where account.Id == token.OwnerIndex
select account).FirstOrDefaultAsync();
// No result has been found.
if (findResult == null)
{
_log.Error("Token doesn't belong to any accounts or it doesn't exist.");
return(Request.CreateResponse(HttpStatusCode.NotFound, HttpMessages.TokenNotFound));
}
#endregion
#region Information handling
// Update password
findResult.Password = _encryptionService.Md5Hash(parameters.NewPassword);
// Remove tokens.
UnitOfWork.RepositoryTokens.Remove(tokens);
// Save changes into database.
await UnitOfWork.CommitAsync();
#endregion
return(Request.CreateResponse(HttpStatusCode.OK));
}
catch (Exception exception)
{
_log.Error(exception.Message, exception);
return(Request.CreateResponse(HttpStatusCode.InternalServerError));
}
}
public async Task <HttpResponseMessage> RequestFindLostPassword(
[FromUri] RequestFindLostPasswordViewModel parameter)
{
#region Parameter validation
if (parameter == null)
{
parameter = new RequestFindLostPasswordViewModel();
Validate(parameter);
}
if (!ModelState.IsValid)
{
return(Request.CreateResponse(HttpStatusCode.BadRequest,
FindValidationMessage(ModelState, nameof(parameter))));
}
#endregion
try
{
#region Account check
var conditions = new SearchAccountViewModel();
conditions.Email = new TextSearch
{
Mode = TextComparision.Equal,
Value = parameter.Email
};
conditions.Statuses = new[] { Statuses.Active };
// Search account information from database.
var accounts = UnitOfWork.RepositoryAccounts.Search();
accounts = UnitOfWork.RepositoryAccounts.Search(accounts, conditions);
// Find account with specific conditions.
var account = await UnitOfWork.RepositoryAccounts.Search(accounts, conditions).FirstOrDefaultAsync();
// Account is not found.
if (account == null)
{
_log.Info(
$"Account [Email : {parameter.Email}] is not found in database");
return(Request.CreateErrorResponse(HttpStatusCode.NotFound, HttpMessages.AccountNotFound));
}
#endregion
#region Token initialization
// Token initialization
var token = new Token();
token.Code = Guid.NewGuid().ToString("N");
token.OwnerIndex = account.Id;
token.Type = TokenType.Forgot;
token.Issued = _timeService.DateTimeUtcToUnix(DateTime.UtcNow);
token.ExpirationTime =
_timeService.DateTimeUtcToUnix(
DateTime.UtcNow.AddSeconds(_configurationService.ForgotPasswordTokenExpiration));
// Save token into database.
UnitOfWork.RepositoryTokens.Insert(token);
// Contruct data to fill into email which will be sent to client.
var data = new
{
nickname = account.Nickname,
token = token.Code
};
// Search email raw content.
await _systemEmailService.SendAsync(new[] { parameter.Email }, Basics.MailForgotPasswordInstruction, data);
// Save changes into database.
await UnitOfWork.CommitAsync();
return(Request.CreateResponse(HttpStatusCode.OK));
#endregion
}
catch (Exception exception)
{
_log.Error(exception.Message, exception);
return(Request.CreateResponse(HttpStatusCode.InternalServerError));
}
}
