NonInventPurchasingSystem/CPRNIMS.Domain/Services/Account/Account.cs

using CPRNIMS.Domain.Contracts.Account;
using CPRNIMS.Infrastructure.Database;
using CPRNIMS.Infrastructure.Dto.Account;
using CPRNIMS.Infrastructure.Entities.Account;
using Microsoft.AspNetCore.Identity;
using Microsoft.Data.SqlClient;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Configuration;
using Microsoft.IdentityModel.Tokens;
using System;
using System.Collections.Generic;
using System.IdentityModel.Tokens.Jwt;
using System.Linq;
using System.Security.Claims;
using System.Text;
using System.Threading.Tasks;

namespace CPRNIMS.Domain.Services.Account
{
    public class Account : IAccount
    {
        private readonly NonInventoryDbContext _accountDbContext;
        private readonly UserManager<ApplicationUser> _userManager;
        private readonly IConfiguration _configuration;
        public Account(NonInventoryDbContext applicationDbContext,
            UserManager<ApplicationUser> userManager,
            IConfiguration configuration)
        {
            _accountDbContext = applicationDbContext;
            _userManager = userManager;
            _configuration = configuration;
        }
        public async Task<string> CreateToken(ApplicationUser user)
        {
            var authClaims = await BuildClaims(user);

            var authSigningKey = new SymmetricSecurityKey(
                Encoding.UTF8.GetBytes(_configuration["JWT:Secret"]));

            var token = new JwtSecurityToken(
                issuer: _configuration["JWT:ValidIssuer"],
                audience: _configuration["JWT:ValidAudience"],
                expires: DateTime.UtcNow.AddMinutes(30),
                claims: authClaims,
                signingCredentials: new SigningCredentials(authSigningKey, SecurityAlgorithms.HmacSha256)
            );

            return new JwtSecurityTokenHandler().WriteToken(token);
        }
        private async Task<List<Claim>> BuildClaims(ApplicationUser user)
        {
            var roles = await _userManager.GetRolesAsync(user);

            var claims = new List<Claim>
            {
                new Claim(ClaimTypes.Name, user.UserName),
                new Claim(ClaimTypes.NameIdentifier, user.Id),
                new Claim("FullName", user.FullName ?? ""),
                new Claim("Company", user.Company ?? ""),
                new Claim("DepartmentId", Convert.ToString(user.DepartmentId)),
                new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
            };

            claims.AddRange(roles.Select(r => new Claim(ClaimTypes.Role, r)));
            return claims;
        }
        public async Task<List<Infrastructure.Entities.Account.ControllerAccess>> GetControllerAccessByUserId(string userId)
        {
            try
            {

                var getMyControllerAccess = await _accountDbContext.ControllerAccess
                .FromSqlRaw($"EXEC GetElementAccessByUserId @UserId = '{userId}'")
                .ToListAsync();

                return getMyControllerAccess ?? new List<Infrastructure.Entities.Account.ControllerAccess>();

            }
            catch (Exception ex)
            {
                ex.ToString();
                throw;
            }
        }

        public async Task<List<Departments>> GetDepartment()
        {
            try
            {
                var departments = await _accountDbContext.Departments
                    .Where(d => d.IsActive == true)
                    .ToListAsync();

                return departments;
            }
            catch (SqlException ex)
            {
                ex.ToString();
                throw;
            }
        }

        public async Task<List<UserRights>> GetUserRights(AccountDto accountDto)
        {
            try
            {
                var allItems = await _accountDbContext.UserRights
                     .FromSqlRaw($"EXEC GetUserRights @UserId = '{accountDto.UserId}',@IsNotExist = '{accountDto.IsNotExist}'")
                    .ToListAsync();

                return allItems ?? new List<UserRights>();
            }
            catch (SqlException ex)
            {
                ex.ToString();
                throw;
            }
        }

        public async Task<UserRights> PutPostUserAccess(AccountDto itemDto)
        {
            try
            {
                await _accountDbContext.Database
                  .ExecuteSqlRawAsync("EXEC PutPostUserAccess @ContAccId,@AdminUserId,@UserId,@AccessTypeId,@UserAccessId,@IsActive",
                   new SqlParameter("@ContAccId", itemDto.ContAccId),
                   new SqlParameter("@AdminUserId", itemDto.AdminUserId),
                   new SqlParameter("@UserId", itemDto.UserId),
                   new SqlParameter("@AccessTypeId", itemDto.AccessTypeId),
                   new SqlParameter("@UserAccessId", itemDto.UserAccessId),
                   new SqlParameter("@IsActive", itemDto.IsActive));

                return new UserRights();
            }
            catch (SqlException ex)
            {
                ex.ToString();
                throw;
            }
        }
    }
}