using CPRNIMS.Domain.Contracts.Account; using CPRNIMS.Infrastructure.Database; using CPRNIMS.Infrastructure.Dto.Account; using CPRNIMS.Infrastructure.Entities.Account; using Microsoft.AspNetCore.Identity; using Microsoft.Data.SqlClient; using Microsoft.EntityFrameworkCore; using Microsoft.Extensions.Configuration; using Microsoft.IdentityModel.Tokens; using System; using System.Collections.Generic; using System.IdentityModel.Tokens.Jwt; using System.Linq; using System.Security.Claims; using System.Text; using System.Threading.Tasks; namespace CPRNIMS.Domain.Services.Account { public class Account : IAccount { private readonly NonInventoryDbContext _accountDbContext; private readonly UserManager _userManager; private readonly IConfiguration _configuration; public Account(NonInventoryDbContext applicationDbContext, UserManager userManager, IConfiguration configuration) { _accountDbContext = applicationDbContext; _userManager = userManager; _configuration = configuration; } public async Task CreateToken(ApplicationUser user) { var authClaims = await BuildClaims(user); var authSigningKey = new SymmetricSecurityKey( Encoding.UTF8.GetBytes(_configuration["JWT:Secret"])); var token = new JwtSecurityToken( issuer: _configuration["JWT:ValidIssuer"], audience: _configuration["JWT:ValidAudience"], expires: DateTime.UtcNow.AddMinutes(30), claims: authClaims, signingCredentials: new SigningCredentials(authSigningKey, SecurityAlgorithms.HmacSha256) ); return new JwtSecurityTokenHandler().WriteToken(token); } private async Task> BuildClaims(ApplicationUser user) { var roles = await _userManager.GetRolesAsync(user); var claims = new List { new Claim(ClaimTypes.Name, user.UserName), new Claim(ClaimTypes.NameIdentifier, user.Id), new Claim("FullName", user.FullName ?? ""), new Claim("Company", user.Company ?? ""), new Claim("DepartmentId", Convert.ToString(user.DepartmentId)), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), }; claims.AddRange(roles.Select(r => new Claim(ClaimTypes.Role, r))); return claims; } public async Task> GetControllerAccessByUserId(string userId) { try { var getMyControllerAccess = await _accountDbContext.ControllerAccess .FromSqlRaw($"EXEC GetElementAccessByUserId @UserId = '{userId}'") .ToListAsync(); return getMyControllerAccess ?? new List(); } catch (Exception ex) { ex.ToString(); throw; } } public async Task> GetDepartment() { try { var departments = await _accountDbContext.Departments .Where(d => d.IsActive == true) .ToListAsync(); return departments; } catch (SqlException ex) { ex.ToString(); throw; } } public async Task> GetUserRights(AccountDto accountDto) { try { var allItems = await _accountDbContext.UserRights .FromSqlRaw($"EXEC GetUserRights @UserId = '{accountDto.UserId}',@IsNotExist = '{accountDto.IsNotExist}'") .ToListAsync(); return allItems ?? new List(); } catch (SqlException ex) { ex.ToString(); throw; } } public async Task PutPostUserAccess(AccountDto itemDto) { try { await _accountDbContext.Database .ExecuteSqlRawAsync("EXEC PutPostUserAccess @ContAccId,@AdminUserId,@UserId,@AccessTypeId,@UserAccessId,@IsActive", new SqlParameter("@ContAccId", itemDto.ContAccId), new SqlParameter("@AdminUserId", itemDto.AdminUserId), new SqlParameter("@UserId", itemDto.UserId), new SqlParameter("@AccessTypeId", itemDto.AccessTypeId), new SqlParameter("@UserAccessId", itemDto.UserAccessId), new SqlParameter("@IsActive", itemDto.IsActive)); return new UserRights(); } catch (SqlException ex) { ex.ToString(); throw; } } } }