2024-07-09 18:03:42 -05:00
|
|
|
using API.DTO.Base;
|
|
|
|
|
using API.DTO.Login;
|
2024-07-12 17:27:01 -05:00
|
|
|
using API.Errors;
|
|
|
|
|
using API.Services;
|
2024-07-09 18:03:42 -05:00
|
|
|
using API.Services.Interfaces;
|
2024-10-29 19:14:58 -05:00
|
|
|
using DAL.Models;
|
2024-07-09 18:03:42 -05:00
|
|
|
using Microsoft.AspNetCore.Authentication;
|
|
|
|
|
using Microsoft.AspNetCore.Authentication.Cookies;
|
|
|
|
|
using Microsoft.AspNetCore.Mvc;
|
|
|
|
|
using System.Security.Claims;
|
|
|
|
|
|
|
|
|
|
namespace API.Controllers
|
|
|
|
|
{
|
|
|
|
|
[ApiController]
|
|
|
|
|
[Route("api/v1/[controller]")]
|
|
|
|
|
public class AuthController : ControllerBase
|
|
|
|
|
{
|
|
|
|
|
private readonly ILogger<AuthController> _logger;
|
|
|
|
|
private readonly IUserManager _userManager;
|
2024-07-12 17:27:01 -05:00
|
|
|
private readonly UserService _userService;
|
2024-07-09 18:03:42 -05:00
|
|
|
|
2024-07-12 17:27:01 -05:00
|
|
|
public AuthController(ILogger<AuthController> logger, IUserManager userManager, UserService userService)
|
2024-07-09 18:03:42 -05:00
|
|
|
{
|
|
|
|
|
_logger = logger;
|
|
|
|
|
_userManager = userManager;
|
2024-07-12 17:27:01 -05:00
|
|
|
_userService = userService;
|
2024-07-09 18:03:42 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
[HttpPost("login")]
|
|
|
|
|
public ActionResult<UserDTO> login(UserLoginDTO userLogin)
|
|
|
|
|
{
|
2024-07-12 17:27:01 -05:00
|
|
|
UserDTO? user = _userManager.authenticateUser(userLogin);
|
2024-07-09 18:03:42 -05:00
|
|
|
if (user == null)
|
|
|
|
|
return new UnauthorizedResult();
|
|
|
|
|
|
|
|
|
|
Claim[] claims =
|
|
|
|
|
{
|
|
|
|
|
new Claim(ClaimTypes.NameIdentifier, user.id.ToString())
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
ClaimsIdentity claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
|
|
|
|
|
|
|
|
|
|
//todo confirm if this is accurate
|
|
|
|
|
AuthenticationProperties authProperties = new AuthenticationProperties();
|
|
|
|
|
|
|
|
|
|
HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity), authProperties);
|
|
|
|
|
|
|
|
|
|
return Ok(user);
|
|
|
|
|
}
|
2024-07-12 17:27:01 -05:00
|
|
|
|
|
|
|
|
[HttpPost("register")]
|
2024-10-29 19:14:58 -05:00
|
|
|
public ActionResult<UserDTO> register(UserRegisterDTO registerDTO, ulong? permissionId = null)
|
2024-07-12 17:27:01 -05:00
|
|
|
{
|
2024-10-29 19:14:58 -05:00
|
|
|
if (registerDTO.password == null)
|
|
|
|
|
registerDTO.password = registerDTO.phoneNumber;
|
2024-07-12 17:27:01 -05:00
|
|
|
|
2024-12-19 16:00:48 -06:00
|
|
|
if (permissionId != null)
|
2024-07-12 17:27:01 -05:00
|
|
|
{
|
2024-10-29 19:14:58 -05:00
|
|
|
User? user = getUser(User);
|
|
|
|
|
if (user == null)
|
|
|
|
|
return Unauthorized();
|
|
|
|
|
|
|
|
|
|
UserDTO? createdUser = _userManager.registerUser(registerDTO, user, permissionId);
|
|
|
|
|
if (createdUser == null)
|
|
|
|
|
return Conflict(Strings.UserExists);
|
|
|
|
|
|
|
|
|
|
return Ok(createdUser);
|
2024-07-12 17:27:01 -05:00
|
|
|
}
|
2024-12-19 16:00:48 -06:00
|
|
|
else {
|
2024-10-29 19:14:58 -05:00
|
|
|
UserDTO? user = _userManager.registerUser(registerDTO);
|
|
|
|
|
|
|
|
|
|
if (user == null)
|
|
|
|
|
{
|
|
|
|
|
return Conflict(Strings.UserExists);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return Ok(user);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
[NonAction]
|
|
|
|
|
public User? getUser(ClaimsPrincipal user)
|
|
|
|
|
{
|
|
|
|
|
Claim? idClaim = user.FindFirst(ClaimTypes.NameIdentifier);
|
|
|
|
|
|
|
|
|
|
if (idClaim == null)
|
|
|
|
|
return null;
|
|
|
|
|
|
|
|
|
|
return _userService.getNoAuthentication(UInt64.Parse(idClaim.Value));
|
2024-07-12 17:27:01 -05:00
|
|
|
}
|
2024-07-09 18:03:42 -05:00
|
|
|
}
|
|
|
|
|
}
|
