using Metrolog_API.Attributes; using Metrolog_API.Models; using Metrolog_API.Services; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using System.Security.Claims; // For more information on enabling Web API for empty projects, visit https://go.microsoft.com/fwlink/?LinkID=397860 namespace Metrolog_API.Controllers { [Route("api/[controller]")] [ApiController] [Authorize] public class UserController : ControllerBase { private UserService _UserService; private PasswordService _PasswordService; public UserController(UserService UserService, PasswordService passwordService) { _UserService = UserService; _PasswordService = passwordService; } // GET: api//me [HttpGet("me")] public async Task> ActualUserGet() { try { UserModel user = await _UserService.GetByEmailAsync(HttpContext.User.Claims.FirstOrDefault(x => x.Type == ClaimTypes.Email).Value); user.Password = ""; return Ok(user); } catch (Exception ex) { return NoContent(); } } // PUT api//me [HttpPut("me")] public async Task> ActualUserPut([FromBody] UserModel newUser) { UserModel user = await _UserService.GetByEmailAsync(HttpContext.User.Claims.FirstOrDefault(x => x.Type == ClaimTypes.Email).Value); newUser.Password = user.Password; newUser.Email = user.Email; newUser.Id = user.Id; await _UserService.UpdateAsync(user.Id, newUser); newUser.Password = ""; return Ok(newUser); } // PUT api//me [HttpPut("me/password")] public async Task ActualUserPut([FromBody] PasswordChangeModel pass) { UserModel user = await _UserService.GetByEmailAsync(HttpContext.User.Claims.FirstOrDefault(x => x.Type == ClaimTypes.Email).Value); if (_PasswordService.VerifyPassword(user.Password, pass.OldPassword)) { user.Password = _PasswordService.HashPassword(pass.NewPassword); await _UserService.UpdateAsync(user.Id, user); return Ok(); } else { return BadRequest("Old password not match"); } } // DELETE api//me [HttpDelete("me")] public async Task ActualUserDelete() { UserModel user = await _UserService.GetByEmailAsync(HttpContext.User.Claims.FirstOrDefault(x => x.Type == ClaimTypes.Email).Value); await _UserService.RemoveAsync(user.Id); return Ok(); } // GET: api//[page] [HttpGet("{page}")] [Permission("User_List")] public async Task>> UserListGet(int page = 1) { List users = new(); foreach (UserModel user in await _UserService.GetPageAsync(page)) { user.Password = ""; users.Add(user); } return Ok(users); } // GET api//5 [HttpGet("{id}")] [Permission("User_Detail")] public async Task> UserDetailGet(string id) { UserModel? user = await _UserService.GetByIdAsync(id); if (user == null) return NotFound(); user.Password = ""; return Ok(user); } // PUT api//{id} [HttpPut("{id}")] [Permission("User_Update")] public async Task> Put(string id, [FromBody] UserModel newUser) { UserModel user = await _UserService.GetByIdAsync(id); newUser.Password = user.Password; newUser.Id = user.Id; await _UserService.UpdateAsync(user.Id, newUser); newUser.Password = ""; return Ok(newUser); } // PUT api//{id}/password [HttpPut("{id}")] [Permission("User_Update")] public async Task PasswordPut(string id, [FromBody] PasswordChangeModel pass) { UserModel user = await _UserService.GetByIdAsync(id); if(user == null) return NotFound("User not found"); user.Password = _PasswordService.HashPassword(pass.NewPassword); await _UserService.UpdateAsync(user.Id, user); return Ok(); } // DELETE api//5 [HttpDelete("{id}")] [Permission("User_Remove")] public async Task Delete(string id) { await _UserService.RemoveAsync(id); return Ok(); } } }