using Back.Common; using Back.Data.Contracts; using Back.Data.Models; using Microsoft.EntityFrameworkCore; using Microsoft.IdentityModel.Tokens; using Shared.DTOs; using System.IdentityModel.Tokens.Jwt; using System.Security.Claims; using System.Text; namespace Back.Services { public class servUser { private readonly IConfiguration _configuration; private readonly CheckPermission _checkPermission; private readonly servPermission _servPermission; private readonly servNotification _servNotification; private readonly IAsyncRepository _RepoUser; private readonly IAsyncRepository _RepoPermissionPeriod; public servUser(IConfiguration configuration, CheckPermission checkPermission, servPermission servPermission , servNotification servNotification, IAsyncRepository RepoUser, IAsyncRepository RepoPermissionPeriod) { _configuration = configuration; _checkPermission = checkPermission; _servPermission = servPermission; _servNotification = servNotification; _RepoUser = RepoUser; _RepoPermissionPeriod = RepoPermissionPeriod; } public async Task GetUserByUserNameAndPassword(string UserName, string Password) { return await _RepoUser.Get(w => w.Username == UserName && w.Password == Password.encrypted() && w.IsActive) .Include(i => i.RolUsers) .ThenInclude(ti => ti.rolePermissions) .Include(i => i.RolUsers) .ThenInclude(ti=>ti.Company) .ThenInclude(ti => ti.PermissionPeriods) .ThenInclude(ti => ti.Permission) .Include(ti=>ti.RolUsers) .ThenInclude(ti => ti.Company) .ThenInclude(ti => ti.PermissionPeriods) .ThenInclude(ti => ti.CalculationType) .FirstOrDefaultAsync(); } public async Task UserAuthentication(string UserNameORUserID, string Password="") { UserAuthenticationDTO ret = new UserAuthenticationDTO(); User? user = null; if (string.IsNullOrEmpty(Password) && int.TryParse(UserNameORUserID,out int UserID)) user = await GetUserByUserID(UserID); else user =await GetUserByUserNameAndPassword(UserNameORUserID, Password); if (user == null) return null; ret.Token =await CerateToken(user.ID, user.Username); ret.FullName = user.Fullname; ret.Photo = user.Photo==null ? null : Convert.ToBase64String(user.Photo); foreach (var rol in user.RolUsers) { if (!rol.Company.IsActive) continue; List permissions = new List(); foreach (var per in rol.Company.PermissionPeriods) { bool _accessibility = await _checkPermission.AllowPermission(user.ID, rol.CompanyID, per.Permission.ID); #region Child List Chidpermissions = _accessibility ? await _servPermission.GetChildPermission(per.Permission.ID):new List(); List ChildpermissionAuthenticationDTOs = new List(); foreach (Permission childper in Chidpermissions) { bool _childaccessibility = await _checkPermission.AllowPermission(user.ID, rol.CompanyID, childper.ID); PermissionAuthenticationDTO ChildpermissionAuthenticationDTO = new PermissionAuthenticationDTO { ID = childper.ID, ParentID = childper.ParentID, Title = childper.Title, accessibility = _childaccessibility, //TODO ChildPermissions = null }; ChildpermissionAuthenticationDTOs.Add(ChildpermissionAuthenticationDTO); } #endregion PermissionAuthenticationDTO permissionAuthenticationDTO = new PermissionAuthenticationDTO { ID = per.Permission.ID, ParentID = per.Permission.ParentID, Title = per.Permission.Title, accessibility = _accessibility, //TODO ChildPermissions = ChildpermissionAuthenticationDTOs //Period=new PeriodDTO() //{ // CalculationTypeID = rol.Company.PermissionPeriods.Where(w => w.PermissionID == per.ID).Select(s => s.CalculationType.ID).FirstOrDefault(), // CalculationTypeTitle = rol.Company.PermissionPeriods.Where(w => w.PermissionID == per.ID).Select(s => s.CalculationType.Title).FirstOrDefault(), // RemainingAmount = rol.Company.PermissionPeriods.Where(w => w.PermissionID == per.ID).Select(s => s.RemainingAmount).FirstOrDefault(), // TotalAmount = rol.Company.PermissionPeriods.Where(w => w.PermissionID == per.ID).Select(s => s.TotalAmount).FirstOrDefault() //} }; permissions.Add(permissionAuthenticationDTO); } ret.Companies.Add(new CompanyAuthenticationDTO { ID = rol.CompanyID, Name = rol.Company.Name, IsAdmin = rol.IsAdmin, Logo= rol.Company.Logo == null ? null : Convert.ToBase64String(rol.Company.Logo) /*, permissions = permissions*/ }); } return ret; } public async Task AddUser(User item) { //_contextMongodb.InsertItem(new SysLog() //{ // TraceIdentifierID = _httpContextAccessor.HttpContext.TraceIdentifier, // Datetime = DateTime.Now.ConvertMiladiToShamsi(), // Method = $"{_httpContextAccessor.HttpContext.Request.Method}/{this.GetType().FullName}/AddUser", // Value = JsonConvert.SerializeObject(item), // Route = _httpContextAccessor.HttpContext.Request.Path, // Type = "User" //}); return await _RepoUser.AddAsync(item); } public async Task ExistUser(string UserName) { return await _RepoUser.GetAll().AnyAsync(w=>w.Username==UserName); } public async Task GetUserByUsername(string UserName) { return await _RepoUser.Get(w => w.Username == UserName).FirstOrDefaultAsync(); } public async Task GetUserByUserID(int UserID) { return await _RepoUser.Get(w => w.ID == UserID).FirstOrDefaultAsync(); } public async void SetTokenAndDateLogininDB(int UserID,string Token) { var user = await GetUserByUserID(UserID); if (user != null) { user.Token = Token; user.DateLastLogin=DateTime.Now.ConvertMiladiToShamsi(); await _RepoUser.UpdateAsync(user); } } public async Task GetDashBoard(int CompanyID,int UserID) { DashBoardDTO request=new DashBoardDTO(); var period=await _RepoPermissionPeriod .Get(w=>w.CompanyID==CompanyID && (!w.IsLocked.HasValue || !w.IsLocked.Value)).ToListAsync(); foreach (var item in period) { request.AlistofServices.Add(new ServiceInDashBoardDTO { PermissionID= item.PermissionID, PermissionName = item.Permission.Title, CalTypeID= item.CalculationTypeID, CalTypeTitle = item.CalculationType.Title, Total = item.CalculationTypeID == 1 ? item.TotalAmount.ToString() :"", Remaining = item.CalculationTypeID == 1 ? item.RemainingAmount.ToString() : item.CalculationTypeID== 2 ? "" : item.RemainingAmount.ToString().ShamciToFormatShamci() }); } request.LastLoginDate= _RepoUser.Get(w=>w.ID==UserID).Select(s=>s.DateLastLogin).FirstOrDefault(); if(!string.IsNullOrEmpty(request.LastLoginDate)) request.LastLoginDate.ShamciToFormatShamci(); var user = await GetUserByUserID(UserID); if (user.Mobile == user.Username) request.Warning.Add(new AlertDTO { Status=0,Message= "موبایل و نام کاربری بهتر است شبیه هم نباشند" }); if (user.Mobile.encrypted() == user.Password) request.Warning.Add(new AlertDTO { Status = 0, Message = "موبایل و کلمه عبور بهتر است شبیه هم نباشند" }); var Company = user.RolUsers.Where(w=>w.CompanyID== CompanyID).Select(s=>s.Company).FirstOrDefault(); if (Company!=null) { if (string.IsNullOrEmpty(Company.Email) || string.IsNullOrEmpty(Company.Phone) || string.IsNullOrEmpty(Company.EconomicCode) || string.IsNullOrEmpty(Company.UniqeMemory) || string.IsNullOrEmpty(Company.PrivateKey)) { request.Warning.Add(new AlertDTO { Status = 0, Message = "بهتر است اطلاعات شرکت بروزرسانی شود" }); } } var nots= await _servNotification.GetNotifications(); if (nots.Any()) request.Notifications= nots.Select(s=>new AlertDTO { Message=s.Message, Status=s.Type, Path=s.Path, ViewSize=s.ViewSize }).ToList(); return request; } public async Task UpdateUser(User user) { //_contextMongodb.InsertItem(new SysLog() //{ // TraceIdentifierID = _httpContextAccessor.HttpContext.TraceIdentifier, // Datetime = DateTime.Now.ConvertMiladiToShamsi(), // Method = $"{_httpContextAccessor.HttpContext.Request.Method}/{this.GetType().FullName}/UpdateUser", // Value = JsonConvert.SerializeObject(user), // Route = _httpContextAccessor.HttpContext.Request.Path, // Type = "User" //}); return await _RepoUser.UpdateByObjAsync(user); } //--------internal private async Task CerateToken(int UserId, string UserName) { string Jwt_Lifetime_Minutes = ""; try { Jwt_Lifetime_Minutes = _configuration["Fixedvalues:Jwt_Lifetime_Minutes"].ToString(); if (string.IsNullOrEmpty(Jwt_Lifetime_Minutes)) Jwt_Lifetime_Minutes = "60"; } catch (Exception ex) { //SysLog log = new SysLog() //{ // TraceIdentifierID = _httpContextAccessor.HttpContext.TraceIdentifier, // Datetime = DateTime.Now.ConvertMiladiToShamsi(), // Method = $"{_httpContextAccessor.HttpContext.Request.Method}/{this.GetType().FullName}/CerateToken", // Value = ex.Message, // Route = _httpContextAccessor.HttpContext.Request.Path, // Type = "catch" //}; //_contextMongodb.InsertItem(log); Jwt_Lifetime_Minutes = "60"; //To DO } #region CreateToken var securityKey = new SymmetricSecurityKey( Encoding.ASCII.GetBytes(Fixedvalues.SecretForKey) ); var signingCredentials = new SigningCredentials( securityKey, SecurityAlgorithms.HmacSha256 ); var claimsForToken = new List(); claimsForToken.Add(new Claim("UserID", UserId.ToString())); claimsForToken.Add(new Claim(ClaimTypes.NameIdentifier, UserName)); var jwtSecurityToke = new JwtSecurityToken( Fixedvalues.Issuer, Fixedvalues.Audience, claimsForToken, DateTime.Now, DateTime.Now.AddMinutes(Convert.ToInt32(Jwt_Lifetime_Minutes)), signingCredentials); string Token = new JwtSecurityTokenHandler() .WriteToken(jwtSecurityToke); SetTokenAndDateLogininDB(UserId, Token); //_contextMongodb.InsertItem(new SysLog() //{ // TraceIdentifierID = _httpContextAccessor.HttpContext.TraceIdentifier, // Datetime = DateTime.Now.ConvertMiladiToShamsi(), // Method = $"{_httpContextAccessor.HttpContext.Request.Method}/{this.GetType().FullName}/CerateToken", // Value = UserId + " " + UserName+"=> "+Token, // Route = _httpContextAccessor.HttpContext.Request.Path, // Type = "User" //}); return Token; #endregion } } }