using AutoMapper; using DamageAssesment.Api.UsersAccess.Db; using DamageAssesment.Api.UsersAccess.Interfaces; using DamageAssesment.Api.UsersAccess.Models; using Microsoft.EntityFrameworkCore; using Microsoft.Extensions.Options; using Microsoft.IdentityModel.Tokens; using System.Data; using System.IdentityModel.Tokens.Jwt; using System.Security.Claims; using System.Text; namespace DamageAssesment.Api.UsersAccess.Providers { public class UsersAccessProvider : IUsersAccessProvider { private readonly UsersAccessDbContext userAccessDbContext; private readonly ILogger logger; private readonly IMapper mapper; private readonly IEmployeeServiceProvider employeeServiceProvider; private readonly JwtSettings jwtSettings; private readonly ITokenServiceProvider tokenServiceProvider; public UsersAccessProvider(IOptions options, ITokenServiceProvider tokenServiceProvider, UsersAccessDbContext userAccessDbContext, IEmployeeServiceProvider employeeServiceProvider, ILogger logger, IMapper mapper) { this.userAccessDbContext = userAccessDbContext; this.employeeServiceProvider = employeeServiceProvider; this.logger = logger; this.mapper = mapper; jwtSettings = options.Value; this.tokenServiceProvider = tokenServiceProvider; seedData(); } private void seedData() { if (!userAccessDbContext.Users.Any()) { userAccessDbContext.Users.Add(new Db.User { Id = 1, EmployeeId = "Emp1", RoleId = 1 }); userAccessDbContext.Users.Add(new Db.User { Id = 2, EmployeeId = "Emp2", RoleId = 2 }); userAccessDbContext.Users.Add(new Db.User { Id = 3, EmployeeId = "Emp3", RoleId = 3 }); userAccessDbContext.SaveChanges(); } if (!userAccessDbContext.Roles.Any()) { userAccessDbContext.Roles.Add(new Db.Role { Id = 1, Name = "admin" }); userAccessDbContext.Roles.Add(new Db.Role { Id = 2, Name = "user" }); userAccessDbContext.Roles.Add(new Db.Role { Id = 3, Name = "survey" }); userAccessDbContext.Roles.Add(new Db.Role { Id = 4, Name = "report" }); userAccessDbContext.Roles.Add(new Db.Role { Id = 5, Name = "document" }); userAccessDbContext.SaveChanges(); } } public async Task<(bool IsSuccess, IEnumerable Users, string ErrorMessage)> GetUsersAsync() { try { logger?.LogInformation("Gell all Users from DB"); var users = await userAccessDbContext.Users.ToListAsync(); if (users != null) { logger?.LogInformation($"{users.Count} Items(s) found"); var result = mapper.Map, IEnumerable>(users); return (true, result, null); } return (false, null, "Not found"); } catch (Exception ex) { logger?.LogError(ex.ToString()); return (false, null, ex.Message); } } public async Task<(bool IsSuccess, Models.User User, string ErrorMessage)> GetUsersAsync(int Id) { try { logger?.LogInformation("Querying Users table"); var user = await userAccessDbContext.Users.SingleOrDefaultAsync(s => s.Id == Id); if (user != null) { logger?.LogInformation($"User Id: {Id} found"); var result = mapper.Map(user); return (true, result, null); } return (false, null, "Not found"); } catch (Exception ex) { logger?.LogError(ex.ToString()); return (false, null, ex.Message); } } public async Task<(bool IsSuccess, Models.User User, string ErrorMessage)> PostUserAsync(Models.User user) { try { if (user != null) { var users = await userAccessDbContext.Users.ToListAsync(); int count = users.Where(u => u.EmployeeId == user.EmployeeId).Count(); if (count == 0) { user.Id = users.Count + 1; userAccessDbContext.Users.Add(mapper.Map(user)); await userAccessDbContext.SaveChangesAsync(); return (true, user, "Successful"); } else { logger?.LogInformation($"Employee Id: {user.EmployeeId} is already exist"); return (false, null, $"Employee Id: {user.EmployeeId} is already exist"); } } else { logger?.LogInformation($"Employee Id: {user.EmployeeId} cannot be added"); return (false, null, $"Employee Id: {user.EmployeeId} cannot be added"); } } catch (Exception ex) { logger?.LogError(ex.ToString()); return (false, null, ex.Message); } } public async Task<(bool IsSuccess, Models.User User, string ErrorMessage)> PutUserAsync(int Id, Models.User user) { try { if (user != null) { var _user = await userAccessDbContext.Users.Where(s => s.Id == Id).SingleOrDefaultAsync(); if (_user != null) { int count = userAccessDbContext.Users.Where(u => u.Id != user.Id && u.EmployeeId == user.EmployeeId).Count(); if (count == 0) { _user.EmployeeId = user.EmployeeId; _user.RoleId = user.RoleId; _user.IsActive = user.IsActive; _user.UpdateDate = DateTime.Now; await userAccessDbContext.SaveChangesAsync(); logger?.LogInformation($"Employee Id: {user.EmployeeId} updated successfuly"); return (true, mapper.Map(_user), $"Employee Id: {_user.EmployeeId} updated successfuly"); } else { logger?.LogInformation($"Employee Id: {user.EmployeeId} is already exist"); return (false, null, $"Employee Id: {user.EmployeeId} is already exist"); } } else { logger?.LogInformation($"User Id : {Id} Not found"); return (false, null, "Not Found"); } } else { logger?.LogInformation($"User Id: {Id} Bad Request"); return (false, null, "Bad request"); } } catch (Exception ex) { logger?.LogError(ex.ToString()); return (false, null, ex.Message); } } public async Task<(bool IsSuccess, Models.User User, string ErrorMessage)> DeleteUserAsync(int Id) { try { var user = await userAccessDbContext.Users.Where(x => x.Id == Id).SingleOrDefaultAsync(); if (user != null) { userAccessDbContext.Users.Remove(user); await userAccessDbContext.SaveChangesAsync(); logger?.LogInformation($"User Id: {Id} deleted Successfuly"); return (true, mapper.Map(user), $"User Id: {Id} deleted Successfuly"); } else { logger?.LogInformation($"User Id : {Id} Not found"); return (false, null, "Not Found"); } } catch (Exception ex) { logger?.LogError(ex.ToString()); return (false, null, ex.Message); } } public async Task<(bool IsSuccess, TokenResponse TokenResponse, string ErrorMessage)> AuthenticateAsync(UserCredentials userCredentials) { if (userCredentials != null) { //implementation for dadeschools authentication var employee = await employeeServiceProvider.getEmployeeAsync(userCredentials.username); if (employee != null) { var result = await GetUsersAsync(); if (result.IsSuccess) { var user = result.Users.Where(x => x.IsActive == true && x.EmployeeId.ToLower().Equals(userCredentials.username.ToLower())).SingleOrDefault(); if (user != null) { var r = await GetRolesAsync(); var role = r.Roles.Where(x => x.Id == user.RoleId).SingleOrDefault(); var authClaims = new List { new Claim(ClaimTypes.Name, user.EmployeeId), new Claim(ClaimTypes.Role, role.Name), new Claim(JwtRegisteredClaimNames.Jti,Guid.NewGuid().ToString()) }; /// Generate Token var tokenhandler = new JwtSecurityTokenHandler(); var tokenkey = Encoding.UTF8.GetBytes(jwtSettings.securitykey); var tokendesc = new SecurityTokenDescriptor { Audience = "", NotBefore = DateTime.Now, Subject = new ClaimsIdentity(authClaims), Expires = DateTime.Now.AddMinutes(30), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(tokenkey), SecurityAlgorithms.HmacSha256) }; var token = tokenhandler.CreateToken(tokendesc); string finaltoken = tokenhandler.WriteToken(token); var response = new TokenResponse() { jwttoken = finaltoken, refreshtoken = await tokenServiceProvider.GenerateToken(user) }; return (true, response, "Authentication success and token issued."); } else { return (false, null, "user inactive or not exist."); } } else { return (false, null, "users list empty."); } } else { return (false, null, "Employee not exist."); } } else { return (false, null, "Credentials are required to authenticate."); } } public async Task<(bool IsSuccess, IEnumerable Roles, string ErrorMessage)> GetRolesAsync() { try { logger?.LogInformation("Gell all Roles from DB"); var roles = await userAccessDbContext.Roles.ToListAsync(); if (roles != null) { logger?.LogInformation($"{roles.Count} Items(s) found"); var result = mapper.Map, IEnumerable>(roles); return (true, result, null); } return (false, null, "Not found"); } catch (Exception ex) { logger?.LogError(ex.ToString()); return (false, null, ex.Message); } } public async Task<(bool IsSuccess, Models.TokenResponse TokenResponse, string ErrorMessage)> RefreshTokenAsync(TokenResponse tokenResponse) { //Generate token var tokenhandler = new JwtSecurityTokenHandler(); var tokenkey = Encoding.UTF8.GetBytes(this.jwtSettings.securitykey); SecurityToken securityToken; var principal = tokenhandler.ValidateToken(tokenResponse.jwttoken, new TokenValidationParameters { ValidateIssuerSigningKey = true, IssuerSigningKey = new SymmetricSecurityKey(tokenkey), ValidateIssuer = false, ValidateAudience = false, }, out securityToken); var token = securityToken as JwtSecurityToken; if (token != null && !token.Header.Alg.Equals(SecurityAlgorithms.HmacSha256)) { return (false, null, "Unauthorized"); } var username = principal.Identity?.Name; var tokens = await userAccessDbContext.Tokens.ToListAsync(); var users = await userAccessDbContext.Users.ToListAsync(); var user = (from u in users join t in tokens on u.Id equals t.UserId where u.EmployeeId == username && t.RefreshToken == tokenResponse.refreshtoken select u).FirstOrDefault(); if (user == null) return (false, null, "Invalid Token Response object provided"); var _user = mapper.Map(user); var response = tokenServiceProvider.TokenAuthenticate(_user, principal.Claims.ToArray()).Result; return (true, response, "Token authenticated and refreshed."); } } }