using System; using System.Collections.Generic; using System.IdentityModel.Tokens.Jwt; using System.IO; using System.Linq; using System.Threading.Tasks; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Hosting; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Microsoft.EntityFrameworkCore; using Microsoft.Net.Http.Headers; using Teso_API.Models; namespace Teso_API.Controllers { [AllowAnonymous, Route("users")] [ApiController] public class FindUserController : ControllerBase { private readonly TESOContext _context; private readonly IWebHostEnvironment webHostEnvironment; public FindUserController(TESOContext context, IWebHostEnvironment hostEnvironment) { _context = context; webHostEnvironment = hostEnvironment; } [Authorize] [Route("finduser"), HttpPost] public async Task> PostTesoUserDetail([FromBody] string userGUID) { var accessToken = Request.Headers[HeaderNames.Authorization]; string token = accessToken; token = token.Substring(6).Trim(); var handler = new JwtSecurityTokenHandler(); var jwtToken = handler.ReadToken(token) as JwtSecurityToken; string userID = jwtToken.Claims.First(claim => claim.Type == "userGUID").Value; TesoUserDetail detail = await _context.TesoUserDetails.AsQueryable().Where(usr => usr.UserGUID == userGUID).FirstOrDefaultAsync(); int friends = await _context.Relationships.AsQueryable().Where(t => t.UserGuid == userGUID).CountAsync(); UserFinance finance = await _context.UserFinances.AsQueryable().Where(usr => usr.UserGUID == userGUID).FirstOrDefaultAsync(); if (finance == null) { finance = new UserFinance(); finance.Gold = 0; finance.Silver = 0; } TesoUser tesouser = new TesoUser(); tesouser.userGUID = detail.UserGUID; tesouser.username = detail.Username; tesouser.firstname = detail.Firstname; tesouser.lastname = detail.Surname; tesouser.description = detail.Description; tesouser.email = detail.Email; tesouser.phonenumber = detail.Phonenumber.HasValue ? detail.Phonenumber.Value.ToString() : ""; tesouser.address = detail.Address; tesouser.thumbnail_dp = detail.ThumbnailDp; tesouser.DateOfBirth = detail.DateOfBirth.Value; tesouser.country = detail.Country; tesouser.gender = detail.Gender; tesouser.gold = finance.Gold.ToString(); tesouser.silver = finance.Silver.ToString(); tesouser.friends = friends.ToString(); if(_context.BlockedUsers.Any(r=> r.Initiator == userGUID && r.Target == userID)) { return BadRequest(); } return tesouser; } [Authorize] [Route("updateUser"), HttpPost] public async Task> UpdateProfile(TesoUser user) { TesoUserDetail detail = new TesoUserDetail(); detail.UserGUID = user.userGUID; detail.Username = user.username; detail.Firstname = user.firstname; detail.Surname = user.lastname; detail.Address = user.address; detail.Country = user.country; detail.Description = user.description; detail.DateOfBirth = user.DateOfBirth; detail.Email = user.email; detail.Gender = user.gender; detail.Phonenumber = int.Parse(!String.IsNullOrEmpty(user.phonenumber) ? user.phonenumber : "0"); detail.ThumbnailDp = await UploadedFile(user); _context.Entry(detail).State = EntityState.Modified; try { await _context.SaveChangesAsync(); } catch { return BadRequest(); } user.thumbnail_dp = detail.ThumbnailDp; return Ok(user); } [Authorize] [Route("verifypassword"), HttpPost] public async Task checkPassword([FromBody] string password) { var accessToken = Request.Headers[HeaderNames.Authorization]; string token = accessToken; token = token.Substring(6).Trim(); var handler = new JwtSecurityTokenHandler(); var jwtToken = handler.ReadToken(token) as JwtSecurityToken; string userID = jwtToken.Claims.First(claim => claim.Type == "userGUID").Value; UserAuth auth = await _context.UserAuths.AsQueryable().Where(u => u.UserGUID == userID).FirstOrDefaultAsync(); if (auth.AccountType == "TSUAC001") { auth.Password = passwordEncryption.Decrypt(auth.Password); if (auth.Password == password) { return Ok("matched"); } else { return Ok("mismatched"); } } else { return Ok(await _context.AccountTypes.AsQueryable().Where(u => u.TypeCode == auth.AccountType).Select(p => p.TypeName).FirstOrDefaultAsync()); } } [Authorize] [Route("changepassword"), HttpPost] public async Task changePassword([FromBody] string password) { var accessToken = Request.Headers[HeaderNames.Authorization]; string token = accessToken; token = token.Substring(6).Trim(); var handler = new JwtSecurityTokenHandler(); var jwtToken = handler.ReadToken(token) as JwtSecurityToken; string userID = jwtToken.Claims.First(claim => claim.Type == "userGUID").Value; UserAuth auth = await _context.UserAuths.AsQueryable().Where(u => u.UserGUID == userID).FirstOrDefaultAsync(); auth.Password = passwordEncryption.Encrypt(password); _context.Entry(auth).State = EntityState.Modified; try { await _context.SaveChangesAsync(); } catch { return BadRequest(); } return Ok(); } private async Task UploadedFile(TesoUser user) { try { if (user.displaypicture != null) { string uniqueFileName; uniqueFileName = user.userGUID +DateTime.Now.ToString("yyyyMMddHHmmssfff") + "dp.jpg"; string filePath = Path.Combine(ServerLocation.displayPicture, uniqueFileName); var bytess = Convert.FromBase64String(user.displaypicture); using (var fileStream = new FileStream(filePath, FileMode.Create)) { fileStream.Write(bytess, 0, bytess.Length); fileStream.Flush(); } return uniqueFileName; } else { return user.thumbnail_dp; } } catch (Exception ex) { Console.WriteLine(ex.ToString()); return user.thumbnail_dp; } } [Authorize] [Route("blocked-users"), HttpGet] public async Task> BlockedUsers() { var accessToken = Request.Headers[HeaderNames.Authorization]; string token = accessToken; token = token.Substring(6).Trim(); var handler = new JwtSecurityTokenHandler(); var jwtToken = handler.ReadToken(token) as JwtSecurityToken; string userID = jwtToken.Claims.First(claim => claim.Type == "userGUID").Value; var persons = (from b in _context.BlockedUsers.AsQueryable() join u in _context.TesoUserDetails on b.Target equals u.UserGUID where b.Initiator == userID select new TesoUser() { username = u.Username, address = u.Address, country = u.Country, thumbnail_dp = u.ThumbnailDp, email = u.Email, firstname = u.Firstname, lastname = u.Surname, userGUID = u.UserGUID } ).OrderBy(p => p.firstname).ToListAsync(); return await persons; } } }