-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathUserController.cs
114 lines (101 loc) · 3.25 KB
/
UserController.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
using System.Collections.Generic;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Mvc;
using Microsoft.EntityFrameworkCore;
using Shop.Data;
using Shop.Models;
using System;
using Microsoft.AspNetCore.Authorization;
using System.Linq;
using Shop.Services;
namespace Backoffice.Controllers
{
[Route("users")]
public class UserController : Controller
{
[HttpGet]
[Route("")]
[Authorize(Roles = "manager")]
public async Task<ActionResult<List<User>>> Get([FromServices] DataContext context)
{
var users = await context
.Users
.AsNoTracking()
.ToListAsync();
return users;
}
[HttpPost]
[Route("")]
[AllowAnonymous]
// [Authorize(Roles = "manager")]
public async Task<ActionResult<User>> Post(
[FromServices] DataContext context,
[FromBody]User model)
{
// Verifica se os dados são válidos
if (!ModelState.IsValid)
return BadRequest(ModelState);
try
{
// Força o usuário a ser sempre "funcionário"
model.Role = "employee";
context.Users.Add(model);
await context.SaveChangesAsync();
// Esconde a senha
model.Password = "";
return model;
}
catch (Exception)
{
return BadRequest(new { message = "Não foi possível criar o usuário" });
}
}
[HttpPut]
[Route("{id:int}")]
[Authorize(Roles = "manager")]
public async Task<ActionResult<User>> Put(
[FromServices] DataContext context,
int id,
[FromBody]User model)
{
// Verifica se os dados são válidos
if (!ModelState.IsValid)
return BadRequest(ModelState);
// Verifica se o ID informado é o mesmo do modelo
if (id != model.Id)
return NotFound(new { message = "Usuário não encontrada" });
try
{
context.Entry(model).State = EntityState.Modified;
await context.SaveChangesAsync();
return model;
}
catch (Exception)
{
return BadRequest(new { message = "Não foi possível criar o usuário" });
}
}
[HttpPost]
[Route("login")]
[AllowAnonymous]
public async Task<ActionResult<dynamic>> Authenticate(
[FromServices] DataContext context,
[FromBody]User model)
{
var user = await context.Users
.AsNoTracking()
.Where(x => x.Username == model.Username && x.Password == model.Password)
.FirstOrDefaultAsync();
if (user == null)
return NotFound(new { message = "Usuário ou senha inválidos" });
var token = TokenService.GenerateToken(user);
// Esconde a senha
user.Password = "";
return new
{
user = user,
token = token
};
}
}
}