diff options
Diffstat (limited to 'Controllers')
-rw-r--r-- | Controllers/GroupsController.cs | 35 | ||||
-rw-r--r-- | Controllers/UserAccountsController.cs | 83 |
2 files changed, 105 insertions, 13 deletions
diff --git a/Controllers/GroupsController.cs b/Controllers/GroupsController.cs index f81cc56..5c2be1d 100644 --- a/Controllers/GroupsController.cs +++ b/Controllers/GroupsController.cs @@ -1,24 +1,45 @@ +using AutoMapper; using Microsoft.AspNetCore.Mvc; using Microsoft.EntityFrameworkCore; using LibraryAPI.Models; -using LibraryAPI.Filters; +using LibraryAPI.DTOs; namespace LibraryAPI.Controllers { [Route("api/groups")] [ApiController] public class GroupsController : ControllerBase { - private readonly LibraryContext _context; + private readonly LibraryContext _context; + private readonly IMapper _mapper; - public GroupsController(LibraryContext context) { + public GroupsController(LibraryContext context, IMapper mapper) { _context = context; + _mapper = mapper; } - [HttpPost] - public async Task<ActionResult> PostGroup(Group g) { - _context.Add(g); + [HttpGet] + public async Task<ActionResult<List<GroupDTO>>> GetGroups(){ + var groups = await _context.Groups.ToListAsync(); + + return _mapper.Map<List<GroupDTO>>(groups); + } + + [HttpGet("{id:int}")] + public async Task<ActionResult<GroupDTO>> GetGroup(long id) { + var group = await _context.Groups.FindAsync(id); + + if(group == null) + return NotFound(); + + return _mapper.Map<GroupDTO>(group); + } + + [HttpPost] + public async Task<ActionResult<GroupDTO>> PostGroup(CreateGroup data) { + var group = _mapper.Map<Group>(data); + _context.Add(group); await _context.SaveChangesAsync(); - return Ok(); + return _mapper.Map<GroupDTO>(group); } } } diff --git a/Controllers/UserAccountsController.cs b/Controllers/UserAccountsController.cs index d93ad31..902a7cf 100644 --- a/Controllers/UserAccountsController.cs +++ b/Controllers/UserAccountsController.cs @@ -1,24 +1,95 @@ +using AutoMapper; +using Microsoft.AspNetCore.Authentication.JwtBearer; +using Microsoft.AspNetCore.Authorization; +using Microsoft.IdentityModel.Tokens; +using System.IdentityModel.Tokens.Jwt; +using Microsoft.AspNetCore.Identity; using Microsoft.AspNetCore.Mvc; using Microsoft.EntityFrameworkCore; +using System.Text; +using System.Security.Claims; using LibraryAPI.Models; -using LibraryAPI.Filters; +using LibraryAPI.DTOs; namespace LibraryAPI.Controllers { [Route("api/users")] [ApiController] public class UserAccountsController : ControllerBase { private readonly LibraryContext _context; + private readonly IConfiguration _configuration; + private readonly IMapper _mapper; - public UserAccountsController(LibraryContext context) { + public UserAccountsController(LibraryContext context, IConfiguration configuration, IMapper mapper) { _context = context; + _configuration = configuration; + _mapper = mapper; + } + + [HttpGet("{id:int}")] + public async Task<ActionResult<UserAccountDTO>> GetUserAccount(long id) { + var user = await _context.Users.Include(groupUser => groupUser.Groups).ThenInclude(groups => groups.Group).FirstOrDefaultAsync(u => u.Id == id); + + return _mapper.Map<UserAccountDTO>(user); } [HttpPost("signup")] - public async Task<ActionResult> PostUserAccount(UserAccount user) { + public async Task<ActionResult<UserAccountDTO>> PostUserAccount(CreateUserAccount data) { + var user = _mapper.Map<UserAccount>(data); _context.Add(user); await _context.SaveChangesAsync(); + var dto = _mapper.Map<UserAccountDTO>(user); + + return dto; + } + + [HttpPost("login")] + public async Task<ActionResult<AuthenticationToken>> Login(AuthenticationCredentials credentials) { + var result = _context.Users.Where(u => u.Email == credentials.Email); + if(!result.Any()) + return Unauthorized("{ \"message\": \"The given email doesn't exist\" }"); + + var user = result.First(); + + if(user.VerifyPassword(credentials.Password) == PasswordVerificationResult.Success) + return await GetToken(user); + + return Unauthorized("Wrong password."); + } + + [HttpPost("{id:int}/groups")] + public ActionResult<UserAccountDTO> AddGroup(long id, AddGroupRequest body) + { + var group = _context.Groups.Find(body.Id); + var user = _context.Users.Find(id); + + if (group == null || user == null) + return NotFound(); + + GroupUserAccount userGroup = new GroupUserAccount + { + UserAccount = user, + Group = group + }; + + _context.Add(userGroup); + _context.SaveChanges(); + // Eager loading sin hacer otra query. + user = _context.Users.Include(groupUser => groupUser.Groups).ThenInclude(groups => groups.Group).FirstOrDefault(u => u.Id == id); + + return _mapper.Map<UserAccountDTO>(user); + } + + private Task<AuthenticationToken> GetToken(Models.UserAccount user) { + var claims = new List<Claim> { new Claim("email", user.Email) }; + var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["keyjwt"])); + var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); + var expiration = DateTime.UtcNow.AddMinutes(30); + var token = new JwtSecurityToken(issuer: null, audience: null, claims: claims, expires: expiration, signingCredentials: creds); - return Ok(); + return Task.FromResult(new AuthenticationToken { + Token = new JwtSecurityTokenHandler().WriteToken(token), + Expiration = expiration + }); } - } -} + } +}
\ No newline at end of file |