FirmTracker-Server/Controllers/UserController.cs

127 lines
4.0 KiB
C#
Raw Normal View History

using FirmTracker_Server.Models;
using FirmTracker_Server.Services;
using FirmTracker_Server;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using FirmTracker_Server.Entities;
2024-10-26 21:17:52 +02:00
using System.Security.Claims;
using FirmTracker_Server.Exceptions;
namespace FirmTracker_Server.Controllers
{
[Route("api/user")]
[ApiController]
[Authorize]
public class UserController : ControllerBase
{
private readonly IUserService UserService;
public UserController(IUserService userService)
{
UserService = userService;
}
[HttpPost("create")]
[Authorize(Roles = Roles.Admin)]
public ActionResult CreateUser([FromBody] CreateUserDto dto)
{
if (!ModelState.IsValid)
{
return BadRequest("Nieprawidłowa wartość pola. /n" + ModelState);
}
var id = UserService.AddUser(dto);
return Created($"/api/user/{id}", "User dodany poprawnie");
}
[HttpPost("login")]
[AllowAnonymous]
public ActionResult Login([FromBody] LoginDto dto)
{
var token = UserService.CreateTokenJwt(dto);
return Ok(token);
}
2024-10-26 21:17:52 +02:00
[HttpGet("role")]
[Authorize(Roles = Roles.Admin + "," + Roles.User)]
public ActionResult<string> GetUserRole()
{
2024-10-26 21:17:52 +02:00
var roleClaim = User.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Role)?.Value;
if (roleClaim == null)
{
return NotFound("Role not found for the logged-in user.");
}
return Ok(roleClaim);
}
[HttpPost("change-password")]
[Authorize(Roles = Roles.User + "," + Roles.Admin)]
public ActionResult ChangePassword([FromBody] ChangePasswordDto dto)
{
if (!ModelState.IsValid)
{
return BadRequest("Invalid data.");
}
// Get the user ID from the claims of the authenticated user
var userIdClaim = User.Claims.FirstOrDefault(c => c.Type == ClaimTypes.NameIdentifier)?.Value;
if (userIdClaim == null || !int.TryParse(userIdClaim, out var userId))
{
return Unauthorized("User ID not found.");
}
try
{
// Pass the userId to the service to find the user
var success = UserService.ChangePassword(userId, dto);
if (!success)
{
return BadRequest("Password change failed.");
}
return Ok("Password changed successfully.");
}
catch (WrongUserOrPasswordException ex)
{
return BadRequest(ex.Message);
}
catch (Exception ex)
{
return StatusCode(500, "An error occurred: " + ex.Message);
}
}
[HttpPost("reset-password")]
[Authorize(Roles = Roles.Admin)]
public ActionResult ResetPassword([FromBody] ResetPasswordDto dto)
{
if (!ModelState.IsValid)
{
return BadRequest("Invalid data.");
}
try
{
// Reset password for the user
var success = UserService.ResetPassword(dto.UserMail, dto.NewPassword);
if (!success)
{
return BadRequest("Password reset failed.");
}
return Ok("Password has been successfully reset.");
}
catch (Exception ex)
{
return StatusCode(500, "An error occurred: " + ex.Message);
}
}
2024-10-26 21:17:52 +02:00
// New method to get all users
/* [HttpGet("all")]
[AllowAnonymous]
public ActionResult<IList<User>> GetAllUsers()
{
var users = UserService.GetAllUsers();
return Ok(users);
}*/
}
}