/*
* This file is part of FirmTracker - Server.
*
* FirmTracker - Server is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* FirmTracker - Server is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with FirmTracker - Server. If not, see .
*/
using FirmTracker_Server.Models;
using FirmTracker_Server.Services;
using FirmTracker_Server;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using FirmTracker_Server.Entities;
using System.Security.Claims;
using System.Security.Cryptography;
using System.Text;
namespace FirmTracker_Server.Controllers
{
[Route("api/user")]
[ApiController]
[Authorize]
public class UserController : ControllerBase
{
private readonly IUserService UserService;
public UserController(IUserService userService)
{
UserService = userService;
}
[HttpPost("create")]
[Authorize(Roles = Roles.Admin)]
public ActionResult CreateUser([FromBody] CreateUserDto dto)
{
if (!ModelState.IsValid)
{
return BadRequest("Nieprawidłowa wartość pola. /n" + ModelState);
}
var id = UserService.AddUser(dto);
return Created($"/api/user/{id}", "User dodany poprawnie");
}
[HttpPost("login")]
[AllowAnonymous]
public ActionResult Login([FromBody] LoginDto dto)
{
var token = UserService.CreateTokenJwt(dto);
return Ok(token);
}
[HttpGet("role")]
[Authorize(Roles = Roles.Admin + "," + Roles.User)]
public ActionResult GetUserRole()
{
var roleClaim = User.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Role)?.Value;
if (roleClaim == null)
{
return NotFound("Role not found for the logged-in user.");
}
return Ok(roleClaim);
}
[HttpGet("emails")]
[Authorize(Roles = Roles.Admin)]
public ActionResult> GetAllUserEmails()
{
var emails = UserService.GetAllUserEmails();
if (emails == null || !emails.Any())
{
return NotFound("No users found or unable to retrieve emails.");
}
return Ok(emails);
}
[HttpPost("ChangeUserPassword")]
[Authorize(Roles = Roles.Admin)]
public ActionResult ChangeUserPassword([FromBody] ChangeUserPasswordDto dto)
{
try
{
var result = UserService.ChangeUserPassword(dto);
if (result)
{
return Ok("Password changed successfully.");
}
else
{
return BadRequest("Failed to change the password.");
}
}
catch (Exception ex)
{
return BadRequest($"An error occurred: {ex.Message}");
}
}
[HttpPost("changePassword")]
[Authorize(Roles = Roles.Admin + "," + Roles.User)]
public ActionResult ChangePassword([FromBody] UpdatePasswordDto dto)
{
try
{
var result = UserService.UpdatePassword(dto);
if (result)
{
var loginDto = new LoginDto { Email = dto.email, Password = dto.newPassword };
var token = UserService.CreateTokenJwt(loginDto);
return Ok(new { Token = token });
}
else
{
return BadRequest("Failed to change the password.");
}
}
catch (Exception ex)
{
return BadRequest($"An error occurred: {ex.Message}");
}
}
// New method to get all users
/* [HttpGet("all")]
[AllowAnonymous]
public ActionResult> GetAllUsers()
{
var users = UserService.GetAllUsers();
return Ok(users);
}*/
}
}