/Diamond_Prod/ClientWeb/Services/SecurityService/UsersController.cs

# · C# · 124 lines · 104 code · 17 blank · 3 comment · 20 complexity · 5bb72cfbea03921b69a8a15cc15e9f57 MD5 · raw file 

    

  1. namespace Home.Services.SecurityService

    2. 

  2. {

    3. 

  3.     using System;

    4. 

  4.     using System.Data.Entity;

    5. 

  5.     using System.Linq;

    6. 

  6.     using System.Net;

    7. 

  7.     using System.Net.Http;

    8. 

  8.     using System.Security.Claims;

    9. 

  9.     using System.Text;

    10. 

  10.     using System.Threading.Tasks;

    11. 

  11.     using System.Web.Http;

    12. 

  12.     using System.Web.OData;

    13. 

  13.     using System.Web.OData.Query;

    14. 

  14.     using System.Web.OData.Routing;

    15. 

  15. 

    16. 

  16.     public class UsersController : BaseODataController

    17. 

  17.     {

    18. 

  18.         private readonly SecurityDbContext database = new SecurityDbContext();

    19. 

  19. 

    20. 

  20.         // GET odata/Users

    21. 

  21.         [HttpGet]

    22. 

  22.         [EnableQuery(PageSize = 50)]

    23. 

  23.         public IHttpActionResult Get()

    24. 

  24.         {

    25. 

  25.             var users = this.database.Users.Where(r => !r._IsLocked);

    26. 

  26.             return Ok(users);

    27. 

  27.         }

    28. 

  28. 

    29. 

  29.         // GET odata/Users('id')

    30. 

  30.         [HttpGet]

    31. 

  31.         [EnableQuery]

    32. 

  32.         [ODataRoute("Users({id})")]

    33. 

  33.         public Task<IHttpActionResult> Get([FromODataUri] Guid id, ODataQueryOptions<User> options)

    34. 

  34.         {

    35. 

  35.             var users = this.database.Users.Where(r => r.Id == id && !r._IsLocked);

    36. 

  36.             return GetODataSingleAsync(users, options);

    37. 

  37.         }

    38. 

  38. 

    39. 

  39.         // GET odata/Users('id')/Property

    40. 

  40.         [HttpGet]

    41. 

  41.         [ODataRoute("Users({id})/LoginName")]

    42. 

  42.         [ODataRoute("Users({id})/DisplayName")]

    43. 

  43.         [ODataRoute("Users({id})/Role")]

    44. 

  44.         [ODataRoute("Users({id})/Created")]

    45. 

  45.         [ODataRoute("Users({id})/CreatedBy")]

    46. 

  46.         [ODataRoute("Users({id})/Modified")]

    47. 

  47.         [ODataRoute("Users({id})/ModifiedBy")]

    48. 

  48.         public async Task<IHttpActionResult> GetProperty([FromODataUri] Guid id)

    49. 

  49.         {

    50. 

  50.             var user = await this.database.Users.FirstOrDefaultAsync(r => r.Id == id && !r._IsLocked);

    51. 

  51.             return GetODataProperty(user);

    52. 

  52.         }

    53. 

  53. 

    54. 

  54.         [HttpPost]

    55. 

  55.         [ODataRoute("Login(name={name}, password={password})")]

    56. 

  56.         public async Task<IHttpActionResult> Login(string name, string password)

    57. 

  57.         {

    58. 

  58.             if (name == null || password == null)

    59. 

  59.             {

    60. 

  60.                 return PreconditionRequired();

    61. 

  61.             }

    62. 

  62. 

    63. 

  63.             if (name.Length == 0 || password.Length == 0)

    64. 

  64.             {

    65. 

  65.                 return StatusCode(HttpStatusCode.PreconditionFailed);

    66. 

  66.             }

    67. 

  67. 

    68. 

  68.             var values = await this.database.Users.Where(u => u.LoginName == name && !u._IsLocked)

    69. 

  69.                 .Select(u => new { u.DisplayName, u.Role, Password = u._Password })

    70. 

  70.                 .FirstOrDefaultAsync();

    71. 

  71.             if (values == null)

    72. 

  72.             {

    73. 

  73.                 return StatusCode(HttpStatusCode.PreconditionFailed);

    74. 

  74.             }

    75. 

  75. 

    76. 

  76.             if (password != values.Password)

    77. 

  77.             {

    78. 

  78.                 return StatusCode(HttpStatusCode.PreconditionFailed);

    79. 

  79.             }

    80. 

  80. 

    81. 

  81.             var identity = new ClaimsIdentity("Forms");

    82. 

  82.             identity.AddClaim(new Claim(ClaimTypes.Name, values.DisplayName));

    83. 

  83.             identity.AddClaim(new Claim(ClaimTypes.Role, values.Role.ToString()));

    84. 

  84.             Request.GetOwinContext().Authentication.SignIn(identity);

    85. 

  85. 

    86. 

  86.             return Ok(new LoginResult() { Name = values.DisplayName, Role = values.Role.ToString() });

    87. 

  87.         }

    88. 

  88. 

    89. 

  89.         [HttpPost]

    90. 

  90.         [ODataRoute("Login()")]

    91. 

  91.         public IHttpActionResult Logout()

    92. 

  92.         {

    93. 

  93.             Request.GetOwinContext().Authentication.SignOut("Forms");

    94. 

  94. 

    95. 

  95.             return Ok();

    96. 

  96.         }

    97. 

  97. 

    98. 

  98.         [HttpGet]

    99. 

  99.         [ODataRoute("CheckLogin()")]

    100. 

  100.         public IHttpActionResult CheckLogin()

    101. 

  101.         {

    102. 

  102.             var result = new LoginResult();

    103. 

  103. 

    104. 

  104.             var user = Request.GetOwinContext().Authentication.User;

    105. 

  105.             if (user.Identity.IsAuthenticated)

    106. 

  106.             {

    107. 

  107.                 result.Name = user.Identity.Name;

    108. 

  108.                 result.Role = user.FindFirst(ClaimTypes.Role).Value;

    109. 

  109.             }

    110. 

  110. 

    111. 

  111.             return Ok(result);

    112. 

  112.         }

    113. 

  113. 

    114. 

  114.         protected override void Dispose(bool disposing)

    115. 

  115.         {

    116. 

  116.             if (disposing)

    117. 

  117.             {

    118. 

  118.                 this.database.Dispose();

    119. 

  119.             }

    120. 

  120. 

    121. 

  121.             base.Dispose(disposing);

    122. 

  122.         }

    123. 

  123.     }

    124. 

  124. }
    125.