public async Task <IActionResult> GetJournalEntries([FromHeader] string token) { var verifiedToken = _jwtHandler.VerifyToken(token); if (verifiedToken == null) { _context.Journals.Add(JournalEntryBuilder.CreateEntry("Get journal entries action", false, "Unauthorized")); await _context.SaveChangesAsync(); return(Unauthorized()); } if (verifiedToken.Payload["role"].ToString() != "Admin") { _context.Journals.Add(JournalEntryBuilder.CreateEntry("Get journal entries action", false, verifiedToken.Payload["user"].ToString())); await _context.SaveChangesAsync(); return(BadRequest("Access denied")); } _context.Journals.Add(JournalEntryBuilder.CreateEntry("Get journal entries action", true, verifiedToken.Payload["user"].ToString())); await _context.SaveChangesAsync(); return(Ok(_context.Journals)); }
public ObjectResult Authorize([FromBody] UserAuthModel userModel) { if (!ModelState.IsValid) { _context.Journals.Add(JournalEntryBuilder.CreateEntry("Authorize", false, "Unauthorized")); _context.SaveChanges(); return(new BadRequestObjectResult(ModelState)); } var user = _context.Users.FirstOrDefault(c => c.Email == userModel.Email && c.Password == userModel.Password); if (user == null) { _context.Journals.Add(JournalEntryBuilder.CreateEntry("Authorize", false, "Unauthorized")); _context.SaveChanges(); return(new BadRequestObjectResult("Invalid credentials")); } List <Claim> claims = new List <Claim>(); claims.Add(new Claim("user", user.Id.ToString())); claims.Add(new Claim("role", user.Status.ToString())); var accessToken = _jwtHandler.GenerateToken(claims); var tokenString = $"{accessToken.EncodedHeader}.{accessToken.EncodedPayload}.{accessToken.RawSignature}"; user.Modified = DateTime.Now; _context.Update(user); _context.Journals.Add(JournalEntryBuilder.CreateEntry("Authorize", true, user.Id.ToString())); _context.SaveChanges(); return(new OkObjectResult(tokenString)); }
public async Task <IActionResult> GetNote([FromHeader] string token, [FromRoute] int id) { int user = GetUser(token); if (user == -1) { _context.Journals.Add(JournalEntryBuilder.CreateEntry("Get note", false, "Unauthorized")); await _context.SaveChangesAsync(); return(Unauthorized()); } if (!ModelState.IsValid) { _context.Journals.Add(JournalEntryBuilder.CreateEntry("Get note", false, user.ToString())); await _context.SaveChangesAsync(); return(BadRequest(ModelState)); } var note = await _context.Notes.SingleOrDefaultAsync(m => m.Id == id && m.UserId == user); if (note == null) { _context.Journals.Add(JournalEntryBuilder.CreateEntry("Get note", false, user.ToString())); await _context.SaveChangesAsync(); return(NotFound()); } _context.Journals.Add(JournalEntryBuilder.CreateEntry("Get note", true, user.ToString())); await _context.SaveChangesAsync(); return(Ok(note)); }
public async Task <IActionResult> PostNote([FromHeader] string token, [FromBody] NoteViewModel note) { int user = GetUser(token); if (user == -1) { _context.Journals.Add(JournalEntryBuilder.CreateEntry("Post note", false, "Unauthorized")); await _context.SaveChangesAsync(); return(Unauthorized()); } if (!ModelState.IsValid) { _context.Journals.Add(JournalEntryBuilder.CreateEntry("Post note", false, user.ToString())); await _context.SaveChangesAsync(); return(BadRequest(ModelState)); } var dbNote = new Note { Title = note.Title, Content = note.Content, Created = DateTime.Now, UserId = user }; _context.Notes.Add(dbNote); _context.Journals.Add(JournalEntryBuilder.CreateEntry("Post note", true, user.ToString())); await _context.SaveChangesAsync(); return(Ok(dbNote)); }
public ObjectResult GetNotes([FromHeader] string token) { int user = GetUser(token); if (user == -1) { _context.Journals.Add(JournalEntryBuilder.CreateEntry("Get notes", false, "Unauthorized")); _context.SaveChanges(); return(new NotFoundObjectResult("Unauthorized!")); } _context.Journals.Add(JournalEntryBuilder.CreateEntry("Get notes", true, user.ToString())); _context.SaveChanges(); return(new OkObjectResult(_context.Notes.Where(note => note.UserId == user))); }
public async Task <IActionResult> PutNote([FromHeader] string token, [FromBody] NoteViewModel note) { int user = GetUser(token); if (user == -1) { _context.Journals.Add(JournalEntryBuilder.CreateEntry("Put note", false, "Unauthorized")); await _context.SaveChangesAsync(); return(Unauthorized()); } if (!ModelState.IsValid) { _context.Journals.Add(JournalEntryBuilder.CreateEntry("Put note", false, user.ToString())); await _context.SaveChangesAsync(); return(BadRequest(ModelState)); } var dbNote = await _context.Notes.SingleOrDefaultAsync(m => m.Id == note.Id& m.UserId == user); dbNote.Modified = DateTime.Now; dbNote.Title = note.Title; dbNote.Content = note.Content; _context.Entry(dbNote).State = EntityState.Modified; try { await _context.SaveChangesAsync(); } catch (DbUpdateConcurrencyException) { if (!NoteExists(dbNote.Id, user)) { _context.Journals.Add(JournalEntryBuilder.CreateEntry("Put note", false, user.ToString())); return(NotFound()); } else { throw; } } _context.Journals.Add(JournalEntryBuilder.CreateEntry("Put note", true, user.ToString())); await _context.SaveChangesAsync(); return(Ok()); }