zinab
/
MTWorkHR


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274
							using Microsoft.AspNetCore.Identity;
using Microsoft.AspNetCore.WebUtilities;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Configuration;
using MTWorkHR.Application.Identity;
using MTWorkHR.Application.Mapper;
using MTWorkHR.Application.Models;
using MTWorkHR.Application.Services;
using MTWorkHR.Application.Models.Email;
using MTWorkHR.Core.Global;
using MTWorkHR.Core.IRepositories;
using MTWorkHR.Core.UnitOfWork;
using MTWorkHR.Identity.Entities;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using NeomtechERP.Auth.Core.Global;
using Microsoft.AspNetCore.Identity.UI.Services;
using IEmailSender = MTWorkHR.Application.Services.IEmailSender;
using System.Security.Policy;
using MTWorkHR.Application.Services.Interfaces;
using Microsoft.AspNetCore.Mvc;
using Azure.Core;

namespace MTWorkHR.Identity.Services
{
    public class UserService : IUserService
    {
        private readonly RoleManager<ApplicationRole> _roleManager;
        private readonly ApplicationUserManager _userManager;
        private readonly IUnitOfWork _unitOfWork;
        private readonly IUserRoleRepository<IdentityUserRole<string>> _userRole;
        private readonly AppSettingsConfiguration _configuration;
        private readonly IEmailSender _emailSender;
        private readonly GlobalInfo _globalInfo;
        private readonly IFileService _fileService;

        public UserService(ApplicationUserManager userManager, IUnitOfWork unitOfWork
             , RoleManager<ApplicationRole> roleManager, GlobalInfo globalInfo, AppSettingsConfiguration configuration, IEmailSender emailSender
            , IUserRoleRepository<IdentityUserRole<string>> userRole, IFileService fileService)
        {
            _userManager = userManager;
            _unitOfWork = unitOfWork;
            _roleManager = roleManager;
            _userRole = userRole;
            _configuration = configuration;
            _emailSender = emailSender;
            _globalInfo = globalInfo;
            _fileService = fileService;
        }
        public async Task<UserDto> GetById(string userId)
        {
            var employee = await _userManager.FindByIdAsync(userId);
            return new UserDto
            {
                Email = employee.Email,
                FirstName = employee.FirstName,
                LastName = employee.LastName,
                Id = employee.Id
            };
        }

        public async Task<List<UserDto>> GetAll()
        {
            var employees = await _userManager.GetUsersInRoleAsync("Employee");
            return employees.Select( e=>  new UserDto
            {
                Email = e.Email,
                FirstName = e.FirstName,
                LastName = e.LastName,
                Id = e.Id
            }).ToList();
        }

        public async Task Delete(string id)
        {
            var user = await _userManager.FindByIdAsync(id);
            if (user != null)
            {
                user.IsDeleted = true;

                await _userManager.UpdateAsync(user);
            }
        }

      
        public async Task<UserDto> Create(UserDto input)
        {
            var emailExists = await _userManager.FindByEmailAsync(input.Email);
            if (emailExists != null)
                throw new AppException(ExceptionEnum.RecordAlreadyExist);

            var phoneExists = await _userManager.FindByAnyAsync(input.PhoneNumber);
            if (phoneExists != null)
                throw new AppException(ExceptionEnum.RecordAlreadyExist);

            var userExists = await _userManager.FindByAnyAsync(input.UserName);
            if (userExists != null)
                throw new AppException(ExceptionEnum.RecordAlreadyExist);
            //loop for given list of attachment, and move each file from Temp path to Actual path
            if (!_fileService.CopyFileToActualFolder(input.UserAttachments.ToList()))
                throw new AppException(ExceptionEnum.CouldNotMoveFiles);
            var user = MapperObject.Mapper.Map<ApplicationUser>(input);

            _unitOfWork.BeginTran();

            //saving user
            var result = await _userManager.CreateAsync(user);
            if (!result.Succeeded)
                throw new AppException(ExceptionEnum.RecordCreationFailed);
            input.Id = user.Id;

            //saving userRoles
            var userRoles = MapperObject.Mapper.Map<List<IdentityUserRole<string>>>(input.UserRoles);
            foreach (var role in userRoles)
            {
                role.UserId = user.Id;
                if ((await _roleManager.FindByIdAsync(role.RoleId)) == null)
                    throw new AppException(ExceptionEnum.RecordNotExist);
            }
            await _userRole.AddRangeAsync(userRoles);

            await _unitOfWork.CompleteAsync();
            _unitOfWork.CommitTran();
            try
            {
                var resultPassReset = await GetConfirmEmailURL(user.Id);

                var sendMailResult = await _emailSender.SendEmail(new EmailMessage {
                    Subject = "Register Confirmation",
                    To = input.Email,  
                    Body =  "Please Set Your Password (this link will expired after 24 hours)"
                    , url = resultPassReset.Item1, userId = user.Id } );
                if (!sendMailResult)
                {
                    throw new AppException("User created, but could not send the email!");
                }
            }
            catch
            {
                throw new AppException("User created, but could not send the email!");
            }

            return input;
        }
        public async Task<bool> ConfirmEmail(ForgetPasswordDto input)
        {
            var user = await _userManager.FindByEmailAsync(input.Email);
            if (user == null)
                throw new AppException(ExceptionEnum.RecordNotExist);
            var result = await _userManager.ConfirmEmailAsync(user, input.Token);
            return result.Succeeded ;
        }
        private async Task<Tuple< string, string>> GetResetPasswordURL(string userId)
        {
            var user = await _userManager.Users.FirstOrDefaultAsync(x => (!x.IsDeleted) && x.Id.Equals(userId));
            if (user == null)
                throw new AppException(ExceptionEnum.RecordNotExist);

            string code = await _userManager.GeneratePasswordResetTokenAsync(user);
            var route = "auth/ConfirmEmail";
            var origin = _configuration.JwtSettings.Audience;
            var endpointUri = new Uri(string.Concat($"{origin}/", route));
            var userURL = QueryHelpers.AddQueryString(endpointUri.ToString(), "userId", user.Id);
            var passwordResetURL = QueryHelpers.AddQueryString(userURL.ToString(), "token", code);
            return new Tuple <string, string> ( passwordResetURL, user.Email);
        }

        private async Task<Tuple<string, string>> GetConfirmEmailURL(string userId)
        {
            var user = await _userManager.Users.FirstOrDefaultAsync(x => (!x.IsDeleted) && x.Id.Equals(userId));
            if (user == null)
                throw new AppException(ExceptionEnum.RecordNotExist);

            string token = await _userManager.GenerateEmailConfirmationTokenAsync(user);
            var route = "auth/forgetpassword";
            var origin = _configuration.JwtSettings.Audience;
            var endpointUri = new Uri(string.Concat($"{origin}/", route));
            var userURL = QueryHelpers.AddQueryString(endpointUri.ToString(), "userId", user.Id);
            var confirmEmailUrl = QueryHelpers.AddQueryString(userURL.ToString(), "token", token);
            return new Tuple<string, string>(confirmEmailUrl, user.Email);
        }

        public Task<UserDto> Update(UserDto input)
        {
            throw new NotImplementedException();
        }

        public Task<UserDto> UpdateWithoutChildren(UserDto input)
        {
            throw new NotImplementedException();
        }

        public async Task<bool> IsExpiredToken(ForgetPasswordDto input)
        {
            var user = await _userManager.Users.IgnoreQueryFilters().FirstOrDefaultAsync(x => x.Id == input.UserId);
            if (user == null)
                throw new AppException(ExceptionEnum.RecordNotExist);
            var purpose = UserManager<ApplicationUser>.ResetPasswordTokenPurpose;
            var result = await _userManager.VerifyUserTokenAsync(user, "Default", purpose, input.Token);
            return !result;
        }
        public async Task<bool> ForgetPassword(ForgetPasswordDto model)
        {
            var user = await _userManager.Users.IgnoreQueryFilters().FirstOrDefaultAsync(x => x.Id == model.UserId);
            if (user == null)
                throw new AppException(ExceptionEnum.RecordNotExist);

            var result = await _userManager.ResetPasswordAsync(user, model.Token, model.Password);
            return result.Succeeded;
        }

        public async Task<bool> ResetPassword(ResetPasswordDto input)
        {
            var user = await _userManager.FindByIdAsync(_globalInfo.UserId);

            if (user == null)
                throw new AppException(ExceptionEnum.RecordNotExist);

            if (!await _userManager.CheckPasswordAsync(user, input.OldPassword))
                throw new AppException(ExceptionEnum.WrongCredentials);

            var token = await _userManager.GeneratePasswordResetTokenAsync(user);

            var result = await _userManager.ResetPasswordAsync(user, token, input.NewPassword);
            if (!result.Succeeded)
                throw new AppException(ExceptionEnum.RecordUpdateFailed);

            return true;
        }
        public async Task ForgetPasswordMail(string userId)
        {
            var resultPassReset = await GetResetPasswordURL(userId);

            await _emailSender.SendEmail(new EmailMessage
            {
                Subject = "Register Confirmation",
                To = resultPassReset.Item2,
                Body = "Forget Your Password, link will expired after 24 hours",
                url = resultPassReset.Item1,
                userId = userId
            });
            
        }

        public async Task StopUser(string userId)
        {
            var entity = await _userManager.Users.FirstOrDefaultAsync(x => x.Id == userId);
            if (entity == null)
                throw new AppException(ExceptionEnum.RecordNotExist);
            if (!entity.IsStopped)
            {
                entity.IsStopped = true;
                await _unitOfWork.CompleteAsync();
            }
        }
        public async Task ActiveUser(string userId)
        {
            var entity = await _userManager.Users.FirstOrDefaultAsync(x => x.Id == userId);
            if (entity == null)
                throw new AppException(ExceptionEnum.RecordNotExist);

            entity.IsStopped = false;
            entity.AccessFailedCount = 0;
            entity.LockoutEnabled = false;
            entity.LockoutEnd = null;
            await _unitOfWork.CompleteAsync();

        }
    }
}