98 lines
2.9 KiB
C#
98 lines
2.9 KiB
C#
using System;
|
|
using System.Collections.Generic;
|
|
using System.IdentityModel.Tokens.Jwt;
|
|
using System.Linq;
|
|
using System.Security.Claims;
|
|
using System.Text;
|
|
using System.Threading.Tasks;
|
|
using LaDOSE.Business.Interface;
|
|
using LaDOSE.DTO;
|
|
using LaDOSE.Entity;
|
|
using Microsoft.AspNetCore.Authorization;
|
|
using Microsoft.AspNetCore.Mvc;
|
|
using Microsoft.Extensions.Configuration;
|
|
using Microsoft.Extensions.Options;
|
|
using Microsoft.IdentityModel.Tokens;
|
|
|
|
namespace LaDOSE.Api.Controllers
|
|
{
|
|
[Authorize]
|
|
[Produces("application/json")]
|
|
[Route("[controller]")]
|
|
public class UsersController : ControllerBase
|
|
{
|
|
private IUserService _userService;
|
|
private readonly IConfiguration _configuration;
|
|
|
|
public UsersController(
|
|
IUserService userService,
|
|
IConfiguration configuration
|
|
)
|
|
{
|
|
_userService = userService;
|
|
_configuration = configuration;
|
|
}
|
|
|
|
|
|
[AllowAnonymous]
|
|
[HttpPost("auth")]
|
|
public IActionResult Authenticate([FromBody]ApplicationUser userDto)
|
|
{
|
|
var user = _userService.Authenticate(userDto.Username, userDto.Password);
|
|
|
|
if (user == null)
|
|
return BadRequest(new { message = "Username or password is incorrect" });
|
|
|
|
var tokenHandler = new JwtSecurityTokenHandler();
|
|
var key = Encoding.ASCII.GetBytes(this._configuration["JWTTokenSecret"]);
|
|
var tokenDescriptor = new SecurityTokenDescriptor
|
|
{
|
|
Subject = new ClaimsIdentity(new Claim[]
|
|
{
|
|
new Claim(ClaimTypes.Name, user.Id.ToString()),
|
|
|
|
|
|
}),
|
|
Expires = DateTime.UtcNow.AddMinutes(16),
|
|
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
|
|
};
|
|
var token = tokenHandler.CreateToken(tokenDescriptor);
|
|
var tokenString = tokenHandler.WriteToken(token);
|
|
|
|
// return basic user info (without password) and token to store client side
|
|
return Ok(new ApplicationUserDTO
|
|
{
|
|
Id = user.Id,
|
|
Username = user.Username,
|
|
FirstName = user.FirstName,
|
|
LastName = user.LastName,
|
|
Token = tokenString,
|
|
Expire = token.ValidTo
|
|
});
|
|
}
|
|
|
|
//[AllowAnonymous]
|
|
[HttpPost("register")]
|
|
public IActionResult Register([FromBody]ApplicationUser userDto)
|
|
{
|
|
// map dto to entity
|
|
|
|
|
|
try
|
|
{
|
|
// save
|
|
_userService.Create(userDto, userDto.Password);
|
|
return Ok();
|
|
}
|
|
catch (Exception ex)
|
|
{
|
|
// return error message if there was an exception
|
|
return BadRequest(new { message = ex.Message });
|
|
}
|
|
}
|
|
|
|
|
|
}
|
|
|
|
}
|