MTWorkHR/MTWorkHR.Application/Services/Auth/UserService.cs

using Microsoft.AspNetCore.Identity;
using Microsoft.AspNetCore.WebUtilities;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Configuration;
using MTWorkHR.Application.Identity;
using MTWorkHR.Application.MappingProfiles;
using MTWorkHR.Application.Models;
using MTWorkHR.Application.Services;
using MTWorkHR.Application.Models.Email;
using MTWorkHR.Core.Global;
using MTWorkHR.Core.IRepositories;
using MTWorkHR.Core.UnitOfWork;
using MTWorkHR.Identity.Models;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using MTWorkHR.Core;
using NeomtechERP.Auth.Core.Global;
using Microsoft.AspNetCore.Identity.UI.Services;
using IEmailSender = MTWorkHR.Application.Services.IEmailSender;
using System.Security.Policy;

namespace MTWorkHR.Identity.Services
{
    public class UserService : IUserService
    {
        private readonly RoleManager<ApplicationRole> _roleManager;
        private readonly ApplicationUserManager _userManager;
        private readonly IUnitOfWork _unitOfWork;
        private readonly IUserRoleRepository<IdentityUserRole<string>> _userRole;
        private readonly AppSettingsConfiguration _configuration;
        private readonly IEmailSender _emailSender;
        private readonly GlobalInfo _globalInfo;

        public UserService(ApplicationUserManager userManager, IUnitOfWork unitOfWork
             , RoleManager<ApplicationRole> roleManager, GlobalInfo globalInfo, AppSettingsConfiguration configuration, IEmailSender emailSender
            , IUserRoleRepository<IdentityUserRole<string>> userRole)
        {
            _userManager = userManager;
            _unitOfWork = unitOfWork;
            _roleManager = roleManager;
            _userRole = userRole;
            _configuration = configuration;
            _emailSender = emailSender;
            _globalInfo = globalInfo;
        }
        public async Task<UserDto> GetById(string userId)
        {
            var employee = await _userManager.FindByIdAsync(userId);
            return new UserDto
            {
                Email = employee.Email,
                FirstName = employee.FirstName,
                LastName = employee.LastName,
                Id = employee.Id
            };
        }

        public async Task<List<UserDto>> GetAll()
        {
            var employees = await _userManager.GetUsersInRoleAsync("Employee");
            return employees.Select( e=>  new UserDto
            {
                Email = e.Email,
                FirstName = e.FirstName,
                LastName = e.LastName,
                Id = e.Id
            }).ToList();
        }

        public async Task Delete(string id)
        {
            var user = await _userManager.FindByIdAsync(id);
            if (user != null)
            {
                user.IsDeleted = true;

                await _userManager.UpdateAsync(user);
            }
        }

      
        public async Task<UserDto> Create(UserDto input)
        {
            var emailExists = await _userManager.FindByEmailAsync(input.Email);
            if (emailExists != null)
                throw new AppException(ExceptionEnum.RecordAlreadyExist);

            var phoneExists = await _userManager.FindByAnyAsync(input.PhoneNumber);
            if (phoneExists != null)
                throw new AppException(ExceptionEnum.RecordAlreadyExist);

            var userExists = await _userManager.FindByAnyAsync(input.UserName);
            if (userExists != null)
                throw new AppException(ExceptionEnum.RecordAlreadyExist);

            var user = MapperObject.Mapper.Map<ApplicationUser>(input);

            _unitOfWork.BeginTran();

            //saving user
            var result = await _userManager.CreateAsync(user);
            if (!result.Succeeded)
                throw new AppException(ExceptionEnum.RecordCreationFailed);
            input.Id = user.Id;

            //saving userRoles
            var userRoles = MapperObject.Mapper.Map<List<IdentityUserRole<string>>>(input.UserRoles);
            foreach (var role in userRoles)
            {
                role.UserId = user.Id;
                if ((await _roleManager.FindByIdAsync(role.RoleId)) == null)
                    throw new AppException(ExceptionEnum.RecordNotExist);
            }
            await _userRole.AddRangeAsync(userRoles);

            await _unitOfWork.CompleteAsync();
            _unitOfWork.CommitTran();
            try
            {
                var resultPassReset = await GetResetPasswordURL(user.Id);

                var sendMailResult = await _emailSender.SendEmail(new EmailMessage {
                    Subject = "Register Confirmation",
                    To = input.Email,  
                    Body =  "Please Set Your Password (this link will expired after 24 hours)"
                    , url = resultPassReset.Item1, userId = user.Id } );
                if (!sendMailResult)
                {
                    throw new AppException("User created, but could not send the email!");
                }
            }
            catch
            {
                throw new AppException("User created, but could not send the email!");
            }

            return input;
        }
        private async Task<Tuple< string, string>> GetResetPasswordURL(string userId)
        {
            var user = await _userManager.Users.FirstOrDefaultAsync(x => (!x.IsDeleted) && x.Id.Equals(userId));
            if (user == null)
                throw new AppException(ExceptionEnum.RecordNotExist);

            string code = await _userManager.GeneratePasswordResetTokenAsync(user);
            var route = "auth/forgetpassword";
            var origin = _configuration.JwtSettings.Audience;
            var endpointUri = new Uri(string.Concat($"{origin}/", route));
            var userURL = QueryHelpers.AddQueryString(endpointUri.ToString(), "userId", user.Id);
            var passwordResetURL = QueryHelpers.AddQueryString(userURL.ToString(), "token", code);
            return new Tuple <string, string> ( passwordResetURL, user.Email);
        }
        public Task<UserDto> Update(UserDto input)
        {
            throw new NotImplementedException();
        }

        public Task<UserDto> UpdateWithoutChildren(UserDto input)
        {
            throw new NotImplementedException();
        }

        public async Task<bool> IsExpiredToken(ForgetPasswordDto input)
        {
            var user = await _userManager.Users.IgnoreQueryFilters().FirstOrDefaultAsync(x => x.Id == input.UserId);
            if (user == null)
                throw new AppException(ExceptionEnum.RecordNotExist);
            var purpose = UserManager<ApplicationUser>.ResetPasswordTokenPurpose;
            var result = await _userManager.VerifyUserTokenAsync(user, "Default", purpose, input.Token);
            return !result;
        }
        public async Task<bool> ForgetPassword(ForgetPasswordDto model)
        {
            var user = await _userManager.Users.IgnoreQueryFilters().FirstOrDefaultAsync(x => x.Id == model.UserId);
            if (user == null)
                throw new AppException(ExceptionEnum.RecordNotExist);

            var result = await _userManager.ResetPasswordAsync(user, model.Token, model.Password);
            return result.Succeeded;
        }

        public async Task<bool> ResetPassword(ResetPasswordDto input)
        {
            var user = await _userManager.FindByIdAsync(_globalInfo.UserId);

            if (user == null)
                throw new AppException(ExceptionEnum.RecordNotExist);

            if (!await _userManager.CheckPasswordAsync(user, input.OldPassword))
                throw new AppException(ExceptionEnum.WrongCredentials);

            var token = await _userManager.GeneratePasswordResetTokenAsync(user);

            var result = await _userManager.ResetPasswordAsync(user, token, input.NewPassword);
            if (!result.Succeeded)
                throw new AppException(ExceptionEnum.RecordUpdateFailed);

            return true;
        }
        public async Task ForgetPasswordMail(string userId)
        {
            var resultPassReset = await GetResetPasswordURL(userId);

            await _emailSender.SendEmail(new EmailMessage
            {
                Subject = "Register Confirmation",
                To = resultPassReset.Item2,
                Body = "Forget Your Password, link will expired after 24 hours",
                url = resultPassReset.Item1,
                userId = userId
            });
            
        }

        public async Task StopUser(string userId)
        {
            var entity = await _userManager.Users.FirstOrDefaultAsync(x => x.Id == userId);
            if (entity == null)
                throw new AppException(ExceptionEnum.RecordNotExist);
            if (!entity.IsStopped)
            {
                entity.IsStopped = true;
                await _unitOfWork.CompleteAsync();
            }
        }
        public async Task ActiveUser(string userId)
        {
            var entity = await _userManager.Users.FirstOrDefaultAsync(x => x.Id == userId);
            if (entity == null)
                throw new AppException(ExceptionEnum.RecordNotExist);

            entity.IsStopped = false;
            entity.AccessFailedCount = 0;
            entity.LockoutEnabled = false;
            entity.LockoutEnd = null;
            await _unitOfWork.CompleteAsync();

        }
    }
}