using ChatApi.Models; using ChatApi.Services.Crypt; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Cors; using Microsoft.AspNetCore.DataProtection; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Microsoft.IdentityModel.Tokens; using System.Globalization; using System.IdentityModel.Tokens.Jwt; using System.Security.Claims; using System.Security.Cryptography; using System.Text; using System.Text.Json; namespace ChatApi.Controllers { [Route("[controller]")] [ApiController] [EnableCors("AllowSpecificOrigin")] public class LoginController : ControllerBase { private readonly IConfigurationManager _configuration; private readonly UserDataRepository _userDataRepository; private readonly CryptUtil _cryptUtil; public LoginController(IConfigurationManager configuration, UserDataRepository userDataRepository, CryptUtil cryptUtil) { _configuration = configuration; _userDataRepository = userDataRepository; _cryptUtil = cryptUtil; } [AllowAnonymous] [HttpPost] [Route("token")] public async Task Post([FromBody] LoginRequest loginRequest) { if (ModelState.IsValid) { try { var userDataFrom = await _userDataRepository.GetAsync(loginRequest.ClientName, loginRequest.ClientId, loginRequest.ClientSecret); if (userDataFrom==null) { return Unauthorized(); } var token = ""; if (userDataFrom.LastToken == null && (userDataFrom.DateTimeToken != null && userDataFrom.DateTimeToken.Value.AddHours(24) > DateTime.Now)) { token = userDataFrom.LastToken; } else { var claims = new[] { new Claim("Sub", userDataFrom.CompanyTenant), new Claim("NameId", userDataFrom.Name), new Claim(ClaimTypes.NameIdentifier, loginRequest.ClientId), new Claim("DhCriado", DateTime.Now.ToString(new CultureInfo("pt-BR"))), new Claim("TenantId", userDataFrom.CompanyTenant), new Claim(ClaimTypes.Role, "TeamsUser") }; var expires = DateTime.UtcNow.AddMinutes(30); var tokenGen = new JwtSecurityToken ( issuer: _configuration["Issuer"], audience: _configuration["Audience"], claims: claims, expires: expires, notBefore: DateTime.UtcNow, signingCredentials: new SigningCredentials(new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["SigningKey"])), SecurityAlgorithms.HmacSha256) ); token = new JwtSecurityTokenHandler().WriteToken(tokenGen); } userDataFrom.LastToken = token; userDataFrom.DateTimeToken = DateTime.Now; await _userDataRepository.UpdateAsync(userDataFrom.Id, userDataFrom); return Ok(new { token = token }); } catch (Exception ex) { return StatusCode(500, ex.Message); } } return BadRequest(); } [AllowAnonymous] [HttpPost] [Route("newclient")] public async Task NewClient([FromBody] UserRequest userDataFrom) { if (ModelState.IsValid) { try { var userData = await _userDataRepository.GetAsync(userDataFrom.Name, userDataFrom.LocalId); if (userData == null) { var secret = _cryptUtil.Encrypt(JsonSerializer.Serialize(userDataFrom)); userData = UserData.Create(userDataFrom, secret); await _userDataRepository.CreateAsync(userData); } return Created("newclient", userData); } catch (Exception ex) { return StatusCode(500, ex.Message); } } return BadRequest(); } } }