public async Task <Object> GetUserPagging(SearchAccountViewModel model, Guid currentUser) { var data = _unitOfWork.AccountRepository.Get(x => (model.Username == null || x.Username.Contains(model.Username)) && (x.IsDelete == false) && (x.Id != currentUser)); int totalRow = data.Count(); var dataWithPage = data.Skip((model.PageIndex - 1) * model.PageSize) .Take(model.PageSize) .Select(x => new AccountViewModel() { Id = x.Id, Username = x.Username, FullName = x.FullName, Address = x.Address, Role = x.Role.ToString() }).ToList(); var rs = new PagedResult <AccountViewModel> { PageSize = model.PageSize, PageIndex = model.PageIndex, TotalRecord = totalRow, Items = dataWithPage }; return(_apiResponse.Ok(rs)); }
/// <summary> /// Search accounts using specific conditions. /// </summary> /// <param name="accounts"></param> /// <param name="conditions"></param> /// <returns></returns> public IQueryable <Account> Search(IQueryable <Account> accounts, SearchAccountViewModel conditions) { // Id has been identified. if (conditions.Id != null) { accounts = accounts.Where(x => x.Id == conditions.Id.Value); } // Email & nickname are defined. accounts = SearchPropertyText(accounts, x => x.Email, conditions.Email); accounts = SearchPropertyText(accounts, x => x.Nickname, conditions.Nickname); // Statuses have been defined. if (conditions.Statuses != null) { // Construct the statuses as a list. var statuses = conditions.Statuses.ToList(); accounts = accounts.Where(x => statuses.Contains(x.Status)); } // JoinedTime has been defined. //accounts = SearchPropertyNumeric(accounts, x => x.JoinedTime, conditions.JoinedTime); //accounts = SearchPropertyNumeric(accounts, x => x.LastModifiedTime, conditions.LastModifiedTime); return(accounts); }
public async Task <IActionResult> ForgotPassword([FromBody] ForgotPasswordViewModel parameter) { #region Model validation // Parameter hasn't been initialized. if (parameter == null) { parameter = new ForgotPasswordViewModel(); TryValidateModel(parameter); } #endregion #region Email search // Initiate search conditions. var conditions = new SearchAccountViewModel(); conditions.Email = new TextSearch(TextSearchMode.EndsWithIgnoreCase, parameter.Email); conditions.Statuses = new[] { AccountStatus.Active }; // Search user in database. var accounts = _unitOfWork.RepositoryAccounts.Search(); var account = await _unitOfWork.RepositoryAccounts.Search(accounts, conditions).FirstOrDefaultAsync(); // User is not found. if (account == null) { return(NotFound(HttpMessages.AccountIsNotFound)); } #endregion #region Information initialization // Find current system time. var systemTime = DateTime.UtcNow; var expiration = systemTime.AddSeconds(_applicationSettings.PasswordResetTokenLifeTime); // Initiate token. var token = new Token(); token.OwnerIndex = account.Id; token.Type = TokenType.AccountReactiveCode; token.Code = Guid.NewGuid().ToString("D"); token.Issued = _systemTimeService.DateTimeUtcToUnix(systemTime); token.Expired = _systemTimeService.DateTimeUtcToUnix(expiration); // Save token into database. _unitOfWork.RepositoryTokens.Insert(token); #endregion #region Email broadcast //TODO: Send instruction email. #endregion return(Ok()); }
/// <summary> /// Handle requirement asychronously. /// </summary> /// <param name="context"></param> /// <param name="requirement"></param> /// <returns></returns> protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, SolidAccountRequirement requirement) { // Convert authorization filter context into authorization filter context. var authorizationFilterContext = (AuthorizationFilterContext)context.Resource; //var httpContext = authorizationFilterContext.HttpContext; var httpContext = _httpContextAccessor.HttpContext; // Find claim identity attached to principal. var claimIdentity = (ClaimsIdentity)httpContext.User.Identity; // Find email from claims list. var email = claimIdentity.Claims.Where(x => x.Type.Equals(ClaimTypes.Email)) .Select(x => x.Value) .FirstOrDefault(); // Email is invalid. if (string.IsNullOrEmpty(email)) { context.Fail(); return; } // Find account information. var condition = new SearchAccountViewModel(); condition.Email = new TextSearch(); condition.Email.Value = email; condition.Email.Mode = TextSearchMode.Equal; // Find accounts based on conditions. var accounts = _unitOfWork.RepositoryAccounts.Search(); accounts = _unitOfWork.RepositoryAccounts.Search(accounts, condition); // Find the first matched account in the system. var account = await accounts.FirstOrDefaultAsync(); // Account is not found. if (account == null) { return; } // Initiate claim identity with newer information from database. var identity = (ClaimsIdentity)_identityService.InitiateIdentity(account); identity.AddClaim(new Claim(ClaimTypes.Role, Enum.GetName(typeof(AccountRole), account.Role))); identity.AddClaim(new Claim(ClaimTypes.Authentication, Enum.GetName(typeof(AccountStatus), account.Status))); // Update claim identity. httpContext.User = httpContext.Authentication.HttpContext.User = new ClaimsPrincipal(identity); httpContext.Items.Add(ClaimTypes.Actor, account); context.Succeed(requirement); }
public async Task <HttpResponseMessage> FindAccounts([FromBody] SearchAccountViewModel conditions) { #region Parameters validation // Conditions haven't been initialized. if (conditions == null) { conditions = new SearchAccountViewModel(); Validate(conditions); } if (!ModelState.IsValid) { _log.Error($"Parameters are invalid. Submitted: {JsonConvert.SerializeObject(conditions)}"); return(Request.CreateResponse(HttpStatusCode.BadRequest, FindValidationMessage(ModelState, nameof(conditions)))); } #endregion #region Search account // Initiate search result. var result = new SearchResult <IList <Account> >(); // Find all accounts in database. var accounts = UnitOfWork.RepositoryAccounts.Search(); // Find accounts with specific conditions. accounts = UnitOfWork.RepositoryAccounts.Search(accounts, conditions); // Sort accounts var sorting = conditions.Sorting; accounts = UnitOfWork.RepositoryAccounts.Sort(accounts, sorting.Direction, sorting.Property); // Count total condition matched account number. result.Total = await accounts.CountAsync(); // Sort and paginate. accounts = UnitOfWork.RepositoryAccounts.Paginate(accounts, conditions.Pagination); // Take accounts list. result.Records = await accounts.ToListAsync(); // Search for accounts in database. return(Request.CreateResponse(HttpStatusCode.OK, result)); #endregion }
public async Task <IActionResult> GetUserPagging([FromQuery] SearchAccountViewModel model) { var identity = HttpContext.User.Identity as ClaimsIdentity; if (identity.IsAuthenticated) { Guid id = Guid.Parse(identity.FindFirst("Id").Value); var rs = await _accountService.GetUserPagging(model, id); return(Ok(rs)); } else { return(BadRequest("token valid")); } }
public async Task <IActionResult> Login([FromBody] LoginViewModel parameters) { #region Parameters validation // Parameter hasn't been initialized. if (parameters == null) { parameters = new LoginViewModel(); TryValidateModel(parameters); } if (!ModelState.IsValid) { return(BadRequest(ModelState)); } #endregion #if !ALLOW_ANONYMOUS #region Search account // Find account with specific information in database. var condition = new SearchAccountViewModel(); // Email search condition. condition.Email = new TextSearch(); condition.Email.Mode = TextSearchMode.Equal; condition.Email.Value = parameters.Email; // Find account by password. condition.Password = new TextSearch(); condition.Password.Value = _encryptionService.Md5Hash(parameters.Password); condition.Password.Mode = TextSearchMode.EqualIgnoreCase; condition.Statuses = new[] { Statuses.Active }; // Find accounts with defined condition above. var accounts = _unitOfWork.RepositoryAccounts.Search(); accounts = _unitOfWork.RepositoryAccounts.Search(accounts, condition); // Find the first account in database. var account = await accounts.FirstOrDefaultAsync(); if (account == null) { return(NotFound(new HttpResponse(HttpMessages.AccountIsNotFound))); } #endregion #else var account = new Account(); account.Email = "*****@*****.**"; account.Nickname = "Linh Nguyen"; #endif // Find current time on the system. var systemTime = DateTime.Now; var jwtExpiration = systemTime.AddSeconds(_jwtConfiguration.LifeTime); // Claims initalization. var claims = new List <Claim>(); claims.Add(new Claim(JwtRegisteredClaimNames.Aud, _jwtConfiguration.Audience)); claims.Add(new Claim(JwtRegisteredClaimNames.Iss, _jwtConfiguration.Issuer)); claims.Add(new Claim(JwtRegisteredClaimNames.Email, account.Email)); claims.Add(new Claim(nameof(account.Nickname), account.Nickname)); // Write a security token. var jwtSecurityToken = new JwtSecurityToken(_jwtConfiguration.Issuer, _jwtConfiguration.Audience, claims, null, jwtExpiration, _jwtConfiguration.SigningCredentials); // Initiate token handler which is for generating token code. var jwtSecurityTokenHandler = new JwtSecurityTokenHandler(); jwtSecurityTokenHandler.WriteToken(jwtSecurityToken); #region Jwt initialization var jwt = new JwtResponse(); jwt.Code = jwtSecurityTokenHandler.WriteToken(jwtSecurityToken); jwt.LifeTime = _jwtConfiguration.LifeTime; jwt.Expiration = _systemTimeService.DateTimeUtcToUnix(jwtExpiration); #endregion return(Ok(jwt)); }
public async Task <IActionResult> Register([FromBody] RegisterAccountViewModel parameters) { #region Parameters validation // Parameters haven't been initialized. Initialize 'em. if (parameters == null) { parameters = new RegisterAccountViewModel(); TryValidateModel(parameters); } // Parameters are invalid. Send errors back to client. if (!ModelState.IsValid) { return(BadRequest(ModelState)); } #endregion #region Search account // Initiate search account condition. var condition = new SearchAccountViewModel(); condition.Email = new TextSearch(); condition.Email.Mode = TextSearchMode.EqualIgnoreCase; condition.Email.Value = parameters.Email; // Search accounts. var accounts = _unitOfWork.RepositoryAccounts.Search(); accounts = _unitOfWork.RepositoryAccounts.Search(accounts, condition); var account = await accounts.FirstOrDefaultAsync(); // Account exists in system. if (account != null) { Response.StatusCode = (int)HttpStatusCode.Conflict; return(Json(new HttpResponse(HttpMessages.AccountIsInUse))); } #endregion #region Initiate account // Initiate account with specific information. account = new Account(); account.Email = parameters.Email; account.Password = _encryptionService.Md5Hash(parameters.Password); // Add account into database. _unitOfWork.RepositoryAccounts.Insert(account); // Save changes asychronously. await _unitOfWork.CommitAsync(); // TODO: Implement instruction email. // TODO: Implement notification service which notifies administrators about the registration. #endregion return(Ok()); }
/// <summary> /// Search accounts using specific conditions. /// </summary> /// <param name="accounts"></param> /// <param name="conditions"></param> /// <returns></returns> public IQueryable <Account> Search(IQueryable <Account> accounts, SearchAccountViewModel conditions) { // Page has been identified. if (conditions.Id != null) { accounts = accounts.Where(x => x.Id == conditions.Id.Value); } // Email has been identified. if (conditions.Email != null && !string.IsNullOrWhiteSpace(conditions.Email.Value)) { switch (conditions.Email.Mode) { case TextComparision.Contain: accounts = accounts.Where(x => x.Email.Contains(conditions.Email.Value)); break; case TextComparision.Equal: accounts = accounts.Where(x => x.Email.Equals(conditions.Email.Value)); break; case TextComparision.EqualIgnoreCase: accounts = accounts.Where(x => x.Email.Equals(conditions.Email.Value, StringComparison.InvariantCultureIgnoreCase)); break; case TextComparision.StartsWith: accounts = accounts.Where(x => x.Email.StartsWith(conditions.Email.Value)); break; case TextComparision.StartsWithIgnoreCase: accounts = accounts.Where(x => x.Email.StartsWith(conditions.Email.Value, StringComparison.InvariantCultureIgnoreCase)); break; case TextComparision.EndsWith: accounts = accounts.Where(x => x.Email.EndsWith(conditions.Email.Value)); break; case TextComparision.EndsWithIgnoreCase: accounts = accounts.Where(x => x.Email.EndsWith(conditions.Email.Value, StringComparison.InvariantCultureIgnoreCase)); break; default: accounts = accounts.Where(x => x.Email.ToLower().Contains(conditions.Email.Value.ToLower())); break; } } // Nickname has been identified. if (conditions.Nickname != null && !string.IsNullOrWhiteSpace(conditions.Nickname.Value)) { switch (conditions.Nickname.Mode) { case TextComparision.Contain: accounts = accounts.Where(x => x.Nickname.Contains(conditions.Nickname.Value)); break; case TextComparision.Equal: accounts = accounts.Where(x => x.Nickname.Equals(conditions.Nickname.Value)); break; case TextComparision.EqualIgnoreCase: accounts = accounts.Where(x => x.Nickname.Equals(conditions.Nickname.Value, StringComparison.InvariantCultureIgnoreCase)); break; case TextComparision.StartsWith: accounts = accounts.Where(x => x.Nickname.StartsWith(conditions.Nickname.Value)); break; case TextComparision.StartsWithIgnoreCase: accounts = accounts.Where(x => x.Nickname.StartsWith(conditions.Nickname.Value, StringComparison.InvariantCultureIgnoreCase)); break; case TextComparision.EndsWith: accounts = accounts.Where(x => x.Nickname.EndsWith(conditions.Nickname.Value)); break; case TextComparision.EndsWithIgnoreCase: accounts = accounts.Where(x => x.Nickname.EndsWith(conditions.Nickname.Value, StringComparison.InvariantCultureIgnoreCase)); break; default: accounts = accounts.Where(x => x.Nickname.ToLower().Contains(conditions.Nickname.Value.ToLower())); break; } } // Statuses have been defined. if (conditions.Statuses != null && conditions.Statuses.Length > 0) { // Construct the statuses as a list. var statuses = conditions.Statuses.ToList(); accounts = accounts.Where(x => statuses.Contains(x.Status)); } //// Find sorting property. //var sorting = conditions.Sorting; //switch (sorting.Direction) //{ // case SortDirection.Decending: // switch (sorting.Property) // { // case AccountsSort.Email: // accounts = accounts.OrderByDescending(x => x.Email); // break; // case AccountsSort.Nickname: // accounts = accounts.OrderByDescending(x => x.Nickname); // break; // case AccountsSort.Status: // accounts = accounts.OrderByDescending(x => x.Status); // break; // case AccountsSort.Joined: // accounts = accounts.OrderByDescending(x => x.Joined); // break; // case AccountsSort.LastModified: // accounts = accounts.OrderByDescending(x => x.LastModified); // break; // default: // accounts = accounts.OrderByDescending(x => x.Id); // break; // } // break; // default: // switch (sorting.Property) // { // case AccountsSort.Email: // accounts = accounts.OrderBy(x => x.Email); // break; // case AccountsSort.Nickname: // accounts = accounts.OrderBy(x => x.Nickname); // break; // case AccountsSort.Status: // accounts = accounts.OrderBy(x => x.Status); // break; // case AccountsSort.Joined: // accounts = accounts.OrderBy(x => x.Joined); // break; // case AccountsSort.LastModified: // accounts = accounts.OrderBy(x => x.LastModified); // break; // default: // accounts = accounts.OrderBy(x => x.Id); // break; // } // break; //} // Joined has been defined. if (conditions.Joined != null) { var from = conditions.Joined.From; var to = conditions.Joined.To; if (from != null) { accounts = accounts.Where(x => x.JoinedTime >= from); } if (to != null) { accounts = accounts.Where(x => x.JoinedTime <= to); } } // Last modified has been defined. if (conditions.LastModified != null) { var from = conditions.LastModified.From; var to = conditions.LastModified.To; if (from != null) { accounts = accounts.Where(x => x.LastModifiedTime >= from); } if (to != null) { accounts = accounts.Where(x => x.LastModifiedTime <= to); } } return(accounts); }
public async Task <HttpResponseMessage> SubmitAlternativePassword([FromBody] ResetPasswordViewModel parameters) { try { #region Parameters validation // Parameters haven't been initialized. if (parameters == null) { parameters = new ResetPasswordViewModel(); Validate(parameters); } // Parameters are invalid. if (!ModelState.IsValid) { return(Request.CreateResponse(HttpStatusCode.BadRequest, FindValidationMessage(ModelState, nameof(parameters)))); } #endregion #region Information search // Account search condition construction. var searchAccountCondition = new SearchAccountViewModel(); searchAccountCondition.Email = new TextSearch(); searchAccountCondition.Email.Value = parameters.Email; searchAccountCondition.Email.Mode = TextComparision.Equal; // Search all accounts in database. var accounts = UnitOfWork.RepositoryAccounts.Search(); accounts = UnitOfWork.RepositoryAccounts.Search(accounts, searchAccountCondition); // Token search. var conditions = new FindTokensViewModel(); conditions.Code = new TextSearch { Mode = TextComparision.Equal, Value = parameters.Token }; conditions.Types = new[] { TokenType.Forgot }; // Search all tokens from database. var tokens = UnitOfWork.RepositoryTokens.Search(); tokens = UnitOfWork.RepositoryTokens.Search(tokens, conditions); // Information join & search. var findResult = await(from token in tokens from account in accounts where account.Id == token.OwnerIndex select account).FirstOrDefaultAsync(); // No result has been found. if (findResult == null) { _log.Error("Token doesn't belong to any accounts or it doesn't exist."); return(Request.CreateResponse(HttpStatusCode.NotFound, HttpMessages.TokenNotFound)); } #endregion #region Information handling // Update password findResult.Password = _encryptionService.Md5Hash(parameters.NewPassword); // Remove tokens. UnitOfWork.RepositoryTokens.Remove(tokens); // Save changes into database. await UnitOfWork.CommitAsync(); #endregion return(Request.CreateResponse(HttpStatusCode.OK)); } catch (Exception exception) { _log.Error(exception.Message, exception); return(Request.CreateResponse(HttpStatusCode.InternalServerError)); } }
public async Task <HttpResponseMessage> RequestFindLostPassword( [FromUri] RequestFindLostPasswordViewModel parameter) { #region Parameter validation if (parameter == null) { parameter = new RequestFindLostPasswordViewModel(); Validate(parameter); } if (!ModelState.IsValid) { return(Request.CreateResponse(HttpStatusCode.BadRequest, FindValidationMessage(ModelState, nameof(parameter)))); } #endregion try { #region Account check var conditions = new SearchAccountViewModel(); conditions.Email = new TextSearch { Mode = TextComparision.Equal, Value = parameter.Email }; conditions.Statuses = new[] { Statuses.Active }; // Search account information from database. var accounts = UnitOfWork.RepositoryAccounts.Search(); accounts = UnitOfWork.RepositoryAccounts.Search(accounts, conditions); // Find account with specific conditions. var account = await UnitOfWork.RepositoryAccounts.Search(accounts, conditions).FirstOrDefaultAsync(); // Account is not found. if (account == null) { _log.Info( $"Account [Email : {parameter.Email}] is not found in database"); return(Request.CreateErrorResponse(HttpStatusCode.NotFound, HttpMessages.AccountNotFound)); } #endregion #region Token initialization // Token initialization var token = new Token(); token.Code = Guid.NewGuid().ToString("N"); token.OwnerIndex = account.Id; token.Type = TokenType.Forgot; token.Issued = _timeService.DateTimeUtcToUnix(DateTime.UtcNow); token.ExpirationTime = _timeService.DateTimeUtcToUnix( DateTime.UtcNow.AddSeconds(_configurationService.ForgotPasswordTokenExpiration)); // Save token into database. UnitOfWork.RepositoryTokens.Insert(token); // Contruct data to fill into email which will be sent to client. var data = new { nickname = account.Nickname, token = token.Code }; // Search email raw content. await _systemEmailService.SendAsync(new[] { parameter.Email }, Basics.MailForgotPasswordInstruction, data); // Save changes into database. await UnitOfWork.CommitAsync(); return(Request.CreateResponse(HttpStatusCode.OK)); #endregion } catch (Exception exception) { _log.Error(exception.Message, exception); return(Request.CreateResponse(HttpStatusCode.InternalServerError)); } }