using System; using System.Collections.Generic; using Microsoft.AspNetCore.Mvc; using AutoMapper; using System.IdentityModel.Tokens.Jwt; using Microsoft.Extensions.Options; using System.Text; using Microsoft.IdentityModel.Tokens; using System.Security.Claims; using Microsoft.AspNetCore.Authorization; using Sledgemapper.Entities; using Sledgemapper.Models.Users; using Sledgemapper.Helpers; using Sledgemapper.Api.Infrastructure.Services; namespace Sledgemapper.Controllers { [Authorize] [ApiController] [Route("[controller]")] public class UsersController : ControllerBase { private IUserService _userService; private IMapper _mapper; private readonly AppSettings _appSettings; public UsersController( IUserService userService, IMapper mapper, IOptions appSettings) { _userService = userService; _mapper = mapper; _appSettings = appSettings.Value; } [AllowAnonymous] [HttpPost("authenticate")] public IActionResult Authenticate([FromBody]AuthenticateModel model) { var user = _userService.Authenticate(model.Username, model.Password); if (user == null) return BadRequest(new { message = "Username or password is incorrect" }); var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_appSettings.Secret); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Name, user.Id.ToString()) }), Expires = DateTime.UtcNow.AddDays(7), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); var tokenString = tokenHandler.WriteToken(token); // return basic user info and authentication token return Ok(new { Id = user.Id, Username = user.Username, FirstName = user.FirstName, LastName = user.LastName, Initials = user.Initials, Token = tokenString }); } [AllowAnonymous] [HttpPost("register")] public IActionResult Register([FromBody]RegisterModel model) { // map model to entity var user = _mapper.Map(model); try { // create user _userService.Create(user, model.Password); return Ok(); } catch (AppException ex) { // return error message if there was an exception return BadRequest(new { message = ex.Message }); } } [HttpGet] public IActionResult GetAll() { var users = _userService.GetAll(); var model = _mapper.Map>(users); return Ok(model); } [HttpGet("{id}")] public IActionResult GetById(int id) { var user = _userService.GetById(id); var model = _mapper.Map(user); return Ok(model); } [HttpPut("{id}")] public IActionResult Update(int id, [FromBody]UpdateModel model) { // map model to entity and set id var user = _mapper.Map(model); user.Id = id; try { // update user _userService.Update(user, model.Password); return Ok(); } catch (AppException ex) { // return error message if there was an exception return BadRequest(new { message = ex.Message }); } } [HttpDelete("{id}")] public IActionResult Delete(int id) { _userService.Delete(id); return Ok(); } } }