wind-explorer/AceJobAgency
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

CRUD

Browse Source
This commit is contained in:
Adam C
2025-02-07 15:53:43 +08:00
parent a9b125233d
commit db72c8d45a
4 changed files with 199 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

163
AceJobAgency/Controllers/UserController.cs
View File

@@ -1,36 +1,165 @@
using AceJobAgency.Data;
using System.IdentityModel.Tokens.Jwt;
using System.Security.Claims;
using System.Text;
using AceJobAgency.Data;
using AceJobAgency.Entities;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.IdentityModel.Tokens;
namespace AceJobAgency.Controllers
{
[ApiController]
[Route("[controller]")]
public class UserController(DataContext context, IConfiguration configuration) : Controller
public class UserController : Controller
{
[HttpPost]
private readonly DataContext _context;
private readonly IConfiguration _configuration;
public UserController(DataContext context, IConfiguration configuration)
{
_context = context;
_configuration = configuration;
}
[HttpPost("register")]
public async Task<IActionResult> Register(User user)
{
var userEmailExists = context.Users.Any(u => u.Email == user.Email);
var userNationalRegistrationIdentityCardNumberExists = context.Users.Any(
u => u.NationalRegistrationIdentityCardNumber
== user.NationalRegistrationIdentityCardNumber
);
if (userEmailExists || userNationalRegistrationIdentityCardNumberExists)
bool emailExists = _context.Users.Any(u => u.Email == user.Email);
bool nricExists = _context.Users.Any(u =>
u.NationalRegistrationIdentityCardNumber == user.NationalRegistrationIdentityCardNumber);
if (emailExists || nricExists)
{
return BadRequest("User with the same email already exists.");
return BadRequest("User with the same email or NRIC already exists.");
}
var passwordHash = BCrypt.Net.BCrypt.HashPassword(user.Password);
user.Password = passwordHash;
var userId = Guid.NewGuid().ToString();
user.Id = userId;
user.Password = BCrypt.Net.BCrypt.HashPassword(user.Password);
user.Id = Guid.NewGuid().ToString();
user.IsActive = 1;
await context.Users.AddAsync(user);
await context.SaveChangesAsync();
await _context.Users.AddAsync(user);
await _context.SaveChangesAsync();
return Ok(user);
}
[HttpPost("login")]
public IActionResult Login([FromBody] LoginRequest request)
{
var user = _context.Users.FirstOrDefault(u => u.Email == request.Email && u.IsActive == 1);
if (user == null || !BCrypt.Net.BCrypt.Verify(request.Password, user.Password))
{
return Unauthorized("Invalid email or password.");
}
var token = GenerateJwtToken(user);
return Ok(new { token });
}
[Authorize]
[HttpGet("profile")]
public IActionResult GetProfile()
{
var userId = User.FindFirstValue(ClaimTypes.NameIdentifier);
var user = _context.Users.FirstOrDefault(u => u.Id == userId && u.IsActive == 1);
if (user == null)
{
return NotFound();
}
return Ok(user);
}
[Authorize]
[HttpPut("profile")]
public async Task<IActionResult> UpdateProfile(User updatedUser)
{
var userId = User.FindFirstValue(ClaimTypes.NameIdentifier);
var user = _context.Users.FirstOrDefault(u => u.Id == userId && u.IsActive == 1);
if (user == null)
{
return NotFound();
}
user.FirstName = updatedUser.FirstName;
user.LastName = updatedUser.LastName;
user.DateOfBirth = updatedUser.DateOfBirth;
user.WhoAmI = updatedUser.WhoAmI;
user.ResumeName = updatedUser.ResumeName;
user.UpdatedAt = DateTime.Now;
_context.Users.Update(user);
await _context.SaveChangesAsync();
return Ok(user);
}
[Authorize]
[HttpPut("change-password")]
public async Task<IActionResult> ChangePassword([FromBody] ChangePasswordRequest request)
{
var userId = User.FindFirstValue(ClaimTypes.NameIdentifier);
var user = _context.Users.FirstOrDefault(u => u.Id == userId && u.IsActive == 1);
if (user == null)
{
return NotFound();
}
if (!BCrypt.Net.BCrypt.Verify(request.CurrentPassword, user.Password))
{
return BadRequest("Current password is incorrect.");
}
user.Password = BCrypt.Net.BCrypt.HashPassword(request.NewPassword);
user.UpdatedAt = DateTime.Now;
_context.Users.Update(user);
await _context.SaveChangesAsync();
return Ok("Password updated successfully.");
}
[Authorize]
[HttpDelete("delete")]
public async Task<IActionResult> DeleteAccount()
{
var userId = User.FindFirstValue(ClaimTypes.NameIdentifier);
var user = _context.Users.FirstOrDefault(u => u.Id == userId && u.IsActive == 1);
if (user == null)
{
return NotFound();
}
user.IsActive = 0;
_context.Users.Update(user);
await _context.SaveChangesAsync();
return Ok("Account deleted successfully.");
}
private string GenerateJwtToken(User user)
{
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_configuration["Authentication:Secret"] ?? "some_secret_key");
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity([
new Claim(ClaimTypes.NameIdentifier, user.Id),
new Claim(ClaimTypes.Email, user.Email)
]),
Expires = DateTime.UtcNow.AddHours(2),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key),
SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
return tokenHandler.WriteToken(token);
}
}
public class LoginRequest
{
public string Email { get; set; } = string.Empty;
public string Password { get; set; } = string.Empty;
}
public class ChangePasswordRequest
{
public string CurrentPassword { get; set; } = string.Empty;
public string NewPassword { get; set; } = string.Empty;
}
}