using System.Collections.Generic; using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Authorization; using Oqtane.Repository; using Oqtane.Models; using Microsoft.AspNetCore.Identity; using System.Threading.Tasks; using System.Linq; using System.Security.Claims; using Oqtane.Shared; namespace Oqtane.Controllers { [Route("{site}/api/[controller]")] public class UserController : Controller { private readonly IUserRepository Users; private readonly IRoleRepository Roles; private readonly IUserRoleRepository UserRoles; private readonly UserManager IdentityUserManager; private readonly SignInManager IdentitySignInManager; public UserController(IUserRepository Users, IRoleRepository Roles, IUserRoleRepository UserRoles, UserManager IdentityUserManager, SignInManager IdentitySignInManager) { this.Users = Users; this.Roles = Roles; this.UserRoles = UserRoles; this.IdentityUserManager = IdentityUserManager; this.IdentitySignInManager = IdentitySignInManager; } // GET: api/?siteid=x [HttpGet] public IEnumerable Get() { return Users.GetUsers(); } // GET api//5?siteid=x [HttpGet("{id}")] public User Get(int id, string siteid) { User user = Users.GetUser(id); if (user != null) { user.SiteId = int.Parse(siteid); user.Roles = GetUserRoles(user.UserId, user.SiteId); } return user; } // GET api//name/x?siteid=x [HttpGet("name/{name}")] public User Get(string name, string siteid) { User user = Users.GetUser(name); if (user != null) { user.SiteId = int.Parse(siteid); user.Roles = GetUserRoles(user.UserId, user.SiteId); } return user; } // POST api/ [HttpPost] public async Task Post([FromBody] User User) { User user = null; if (ModelState.IsValid) { int hostroleid = -1; if (!Users.GetUsers().Any()) { hostroleid = Roles.GetRoles(User.SiteId, true).Where(item => item.Name == Constants.HostRole).FirstOrDefault().RoleId; } IdentityUser identityuser = await IdentityUserManager.FindByNameAsync(User.Username); if (identityuser == null) { identityuser = new IdentityUser(); identityuser.UserName = User.Username; identityuser.Email = User.Email; var result = await IdentityUserManager.CreateAsync(identityuser, User.Password); if (result.Succeeded) { user = Users.AddUser(User); // assign to host role if this is the initial installation if (hostroleid != -1) { UserRole userrole = new UserRole(); userrole.UserId = user.UserId; userrole.RoleId = hostroleid; userrole.EffectiveDate = null; userrole.ExpiryDate = null; UserRoles.AddUserRole(userrole); } } } else { var result = await IdentitySignInManager.CheckPasswordSignInAsync(identityuser, User.Password, false); if (result.Succeeded) { user = Users.GetUser(User.Username); } } if (user != null && hostroleid == -1) { // add auto assigned roles to user for site List roles = Roles.GetRoles(User.SiteId).Where(item => item.IsAutoAssigned == true).ToList(); foreach (Role role in roles) { UserRole userrole = new UserRole(); userrole.UserId = user.UserId; userrole.RoleId = role.RoleId; userrole.EffectiveDate = null; userrole.ExpiryDate = null; UserRoles.AddUserRole(userrole); } } } return user; } // PUT api//5 [HttpPut("{id}")] [Authorize] public async Task Put(int id, [FromBody] User User) { if (ModelState.IsValid) { if (User.Password != "") { IdentityUser identityuser = await IdentityUserManager.FindByNameAsync(User.Username); if (identityuser != null) { identityuser.PasswordHash = IdentityUserManager.PasswordHasher.HashPassword(identityuser, User.Password); await IdentityUserManager.UpdateAsync(identityuser); } } User = Users.UpdateUser(User); } return User; } // DELETE api//5?siteid=x [HttpDelete("{id}")] [Authorize(Roles = Constants.AdminRole)] public void Delete(int id) { Users.DeleteUser(id); } // POST api//login [HttpPost("login")] public async Task Login([FromBody] User User, bool SetCookie, bool IsPersistent) { User user = new Models.User { Username = User.Username, IsAuthenticated = false }; if (ModelState.IsValid) { IdentityUser identityuser = await IdentityUserManager.FindByNameAsync(User.Username); if (identityuser != null) { var result = await IdentitySignInManager.CheckPasswordSignInAsync(identityuser, User.Password, false); if (result.Succeeded) { user = Users.GetUser(identityuser.UserName); if (user != null) { user.IsAuthenticated = true; if (SetCookie) { await IdentitySignInManager.SignInAsync(identityuser, IsPersistent); } } } } } return user; } // POST api//logout [HttpPost("logout")] [Authorize] public async Task Logout([FromBody] User User) { await HttpContext.SignOutAsync(IdentityConstants.ApplicationScheme); } // GET api//current [HttpGet("authenticate")] public User Authenticate() { User user = new User(); user.Username = User.Identity.Name; user.IsAuthenticated = User.Identity.IsAuthenticated; string roles = ""; foreach (var claim in User.Claims.Where(item => item.Type == ClaimTypes.Role)) { roles += claim.Value + ";"; } if (roles != "") roles = ";" + roles; user.Roles = roles; return user; } private string GetUserRoles(int UserId, int SiteId) { string roles = ""; List userroles = UserRoles.GetUserRoles(UserId, SiteId).ToList(); foreach (UserRole userrole in userroles) { roles += userrole.Role.Name + ";"; if (userrole.Role.Name == Constants.HostRole && userroles.Where(item => item.Role.Name == Constants.AdminRole).FirstOrDefault() == null) { roles += Constants.AdminRole + ";"; } } if (roles != "") roles = ";" + roles; return roles; } } }