derek/MistoxCom-Angular
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

Cleanup and re-align the controllers to the new database

Browse Source
This commit is contained in:
Derek Holloway
2025-06-29 22:03:13 -07:00
parent 94190a18dc
commit 1dc5a8cd7f
7 changed files with 283 additions and 308 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/MistoxWebsite.Server/Controllers/AuthenticationController.cs
+63 -144
View File
@@ -8,39 +8,32 @@ using MistoxWebsite.Server.Entities;
namespace MistoxWebsite.Server.Controllers {
[ApiController]
public class AuthenticationController : ControllerBase {
[Route("api/account/[controller]")]
public class AuthenticationController : MistoxControllerBase {
DatabaseService _accountContext;
EmailService _emailContext;
public AuthenticationController(DatabaseService DatabaseContext, EmailService emailContext) {
_accountContext = DatabaseContext;
public AuthenticationController(DatabaseService db, EmailService emailContext) : base(db) {
_emailContext = emailContext;
}
[Route("api/account/login")]
[Route("login")]
[HttpPost]
public async Task<ActionResult<Account>> Login([FromForm] string UserName, [FromForm] string PasswordHash, [FromForm] bool StayLoggedIn) {
try {
Account? test = await _accountContext.GetAccount(UserName.ToLower());
Account? test = await _databaseService.GetAccount(UserName.ToLower());
if (test != null) {
if (test.EmailVerified == true) {
if (test.SiteData.FailedPasswordLock) {
if (test.SiteData.CurrentPasswordAttempts >= test.SiteData.PasswordAttempts) {
if (test.FailedPasswordLock) {
if (test.CurrentPasswordAttempts >= test.PasswordAttempts) {
return new Account() { Error = "Too many failed password attempts. Please reset your password" };
}
}
if (BCrypt.Net.BCrypt.Verify(PasswordHash, test.PasswordHash)) {
test.SiteData.CurrentPasswordAttempts = 0;
await _accountContext.SetAccount(test);
test.CurrentPasswordAttempts = 0;
await _databaseService.SetAccount(test);
AccountClaims aClaims = await getClaims(test.ID);
List<Claim> claims = new List<Claim>() {
new Claim(ClaimTypes.Name, aClaims.UserName),
new Claim(ClaimTypes.Email, aClaims.Email),
new Claim("emailverified", aClaims.EmailVerified),
new Claim(ClaimTypes.Role, aClaims.Role),
new Claim("LockAccount", aClaims.FailedPasswordLock),
new Claim("ID", test.ID.ToString())
};
@@ -55,8 +48,8 @@ namespace MistoxWebsite.Server.Controllers {
return test;
}
else {
test.SiteData.CurrentPasswordAttempts += 1;
await _accountContext.SetAccount(test);
test.CurrentPasswordAttempts += 1;
await _databaseService.SetAccount(test);
return new Account() { Error = "Wrong password" };
}
}
@@ -71,58 +64,21 @@ namespace MistoxWebsite.Server.Controllers {
}
}
[Route("api/account/session")]
[HttpPost]
public async Task<ActionResult<Account>> LoginSession([FromBody] Account request) {
try {
Account? test = await _accountContext.GetAccount(request.UserName.ToLower());
if (test != null) {
if (request.PasswordHash == test.PasswordHash) {
return test;
}
else {
test.SiteData.CurrentPasswordAttempts += 1;
await _accountContext.SetAccount(test);
return new Account() { Error = "Wrong password" };
}
}
return new Account() { Error = "User doesn't exist" };
} catch (Exception ex) {
return new Account() { Error = ex.Message };
}
}
[Route("api/account/claims")]
[HttpPost]
public async Task<ActionResult<AccountClaims>> Claims([FromBody] Account Account) {
AccountClaims claims = await getClaims(Account.ID);
return claims;
}
[Route("api/account/register")]
[Route("register")]
[HttpPost]
public async Task<ActionResult<Account>> Register([FromForm] string Email, [FromForm] string UserName, [FromForm] string PasswordHash) {
try {
if (await _accountContext.GetAccount(UserName.ToLower()) == null) {
if (await _accountContext.GetAccount(Email.ToLower()) == null) {
if (await _databaseService.GetAccount(UserName.ToLower()) == null) {
if (await _databaseService.GetAccount(Email.ToLower()) == null) {
Account? created = new Account() {
UserName = UserName.ToLower(),
Email = Email.ToLower(),
EmailVerified = false,
PasswordHash = BCrypt.Net.BCrypt.HashPassword(PasswordHash),
};
await _accountContext.NewAccount(created);
created = await _accountContext.GetAccount(Email.ToLower());
await _databaseService.SetAccount(created);
created = await _databaseService.GetAccount(Email.ToLower());
if (created != null) {
AccountClaims aClaims = await getClaims(created.ID);
List<Claim> claims = new List<Claim>() {
new Claim(ClaimTypes.Name, aClaims.UserName),
new Claim(ClaimTypes.Email, aClaims.Email),
new Claim("emailverified", aClaims.EmailVerified),
new Claim(ClaimTypes.Role, aClaims.Role),
new Claim("LockAccount", aClaims.FailedPasswordLock)
};
await SendVerify(created.UserName);
return created;
}
@@ -142,16 +98,16 @@ namespace MistoxWebsite.Server.Controllers {
}
[Route("api/account/changepassword")]
[Route("changepassword")]
[HttpPost]
public async Task<ActionResult<bool>> ChangePassword([FromForm]string UserName, [FromForm]string OldPassword, [FromForm]string NewPassword) {
public async Task<ActionResult<bool>> ChangePassword([FromForm] string OldPassword, [FromForm] string NewPassword) {
try {
Account? test = await _accountContext.GetAccount(UserName.ToLower());
if (test != null) {
if (BCrypt.Net.BCrypt.Verify(OldPassword, test.PasswordHash)) {
test.PasswordHash = BCrypt.Net.BCrypt.HashPassword(NewPassword);
test.SiteData.CurrentPasswordAttempts = 0;
await _accountContext.SetAccount(test);
if (isLoggedIn()) {
Account user = await getLoggedInUser();
if (BCrypt.Net.BCrypt.Verify(OldPassword, user.PasswordHash)) {
user.PasswordHash = BCrypt.Net.BCrypt.HashPassword(NewPassword);
user.CurrentPasswordAttempts = 0;
await _databaseService.SetAccount(user);
return true;
}
}
@@ -161,15 +117,15 @@ namespace MistoxWebsite.Server.Controllers {
}
}
[Route("api/account/toggleAccountLock")]
[Route("toggleaccountlock")]
[HttpPost]
public async Task<ActionResult<string>> ToggleAccountLock([FromForm]string UserName, [FromForm]bool AccountLock) {
public async Task<ActionResult<string>> ToggleAccountLock([FromForm] bool AccountLock) {
try {
Account? test = await _accountContext.GetAccount(UserName);
if (test != null) {
test.SiteData.FailedPasswordLock = AccountLock;
test.SiteData.CurrentPasswordAttempts = 0;
await _accountContext.SetAccount(test);
if (isLoggedIn()) {
Account user = await getLoggedInUser();
user.FailedPasswordLock = AccountLock;
user.CurrentPasswordAttempts = 0;
await _databaseService.SetAccount(user);
return "Account Lock Status Updated";
}
return "Unknown Error Occurred";
@@ -178,18 +134,12 @@ namespace MistoxWebsite.Server.Controllers {
}
}
[Route("api/account/get")]
[Route("get")]
[HttpPost]
public async Task<ActionResult<Account?>> Get() {
try {
if (User.Identity != null && User.Identity.IsAuthenticated) {
string? email = User.FindFirstValue(ClaimTypes.Email);
if (!string.IsNullOrEmpty(email)) {
Account? test = await _accountContext.GetAccount(email);
if (test != null) {
return test;
}
}
if (isLoggedIn()) {
return await getLoggedInUser();
}
return Ok();
} catch {
@@ -197,13 +147,13 @@ namespace MistoxWebsite.Server.Controllers {
}
}
[Route("api/account/logout")]
[Route("logout")]
[HttpPost]
public async Task Logout() {
await HttpContext.SignOutAsync();
}
[Route("api/account/sendverifyemail")]
[Route("sendverifyemail")]
[HttpPost]
public async Task<ActionResult<string>> SendVerify([FromForm] string UserName) {
try {
@@ -218,15 +168,15 @@ namespace MistoxWebsite.Server.Controllers {
_emailContext._SentEmails.Remove(key);
}
}
Account? test = await _accountContext.GetAccount(UserName.ToLower());
Account? test = await _databaseService.GetAccount(UserName.ToLower());
if (test != null) {
test.SiteData.EmailToken = Guid.NewGuid().ToString();
await _accountContext.SetAccount(test);
test.EmailToken = Guid.NewGuid().ToString();
await _databaseService.SetAccount(test);
string EmailContents = EmailService.VerifyEmailEmail;
EmailContents = Substitue(EmailContents, "@UserName", UserName);
EmailContents = Substitue(EmailContents, "@UserName", UserName);
EmailContents = Substitue(EmailContents, "@VerifyPassword", test.SiteData.EmailToken);
EmailContents = Substitue(EmailContents, "@VerifyPassword", test.EmailToken);
string result = _emailContext.Send(test.Email, EmailService.VerifyEmailSubject, EmailContents);
_emailContext._SentEmails.Add(key, DateTime.Now);
@@ -238,16 +188,16 @@ namespace MistoxWebsite.Server.Controllers {
}
}
[Route("api/account/verifyemail")]
[Route("verifyemail")]
[HttpPost]
public async Task<ActionResult<bool>> VerifyEmail([FromForm] string UserName, [FromForm] string EmailToken) {
try {
Account? test = await _accountContext.GetAccount(UserName.ToLower());
Account? test = await _databaseService.GetAccount(UserName.ToLower());
if (test != null) {
if (test.SiteData.EmailToken == EmailToken) {
test.SiteData.EmailToken = "";
if (!string.IsNullOrEmpty(test.EmailToken) && test.EmailToken == EmailToken) {
test.EmailToken = "";
test.EmailVerified = true;
await _accountContext.SetAccount(test);
await _databaseService.SetAccount(test);
return true;
}
}
@@ -257,7 +207,7 @@ namespace MistoxWebsite.Server.Controllers {
}
}
[Route("api/account/sendresetpassword")]
[Route("sendresetpassword")]
[HttpPost]
public async Task<ActionResult<string>> ResetPassword([FromForm] string Email) {
try {
@@ -272,15 +222,15 @@ namespace MistoxWebsite.Server.Controllers {
_emailContext._SentEmails.Remove(key);
}
}
Account? test = await _accountContext.GetAccount(Email.ToLower());
Account? test = await _databaseService.GetAccount(Email.ToLower());
if (test != null) {
test.SiteData.EmailToken = Guid.NewGuid().ToString();
await _accountContext.SetAccount(test);
test.EmailToken = Guid.NewGuid().ToString();
await _databaseService.SetAccount(test);
string EmailContents = EmailService.ResetPasswordEmail;
EmailContents = Substitue(EmailContents, "@UserName", test.UserName);
EmailContents = Substitue(EmailContents, "@UserName", test.UserName);
EmailContents = Substitue(EmailContents, "@ResetPassWord", test.SiteData.EmailToken);
EmailContents = Substitue(EmailContents, "@ResetPassWord", test.EmailToken);
string result = _emailContext.Send(test.Email, EmailService.VerifyEmailSubject, EmailContents);
_emailContext._SentEmails.Add(key, DateTime.Now);
@@ -294,16 +244,17 @@ namespace MistoxWebsite.Server.Controllers {
}
[Route("api/account/resetpassword")]
[Route("resetpassword")]
[HttpPost]
public async Task<ActionResult<bool>> ResetPwdVerify([FromForm] string UserName, [FromForm] string NewPassword, [FromForm] string ResetToken) {
try {
Account? test = await _accountContext.GetAccount(UserName.ToLower());
if (test != null && !string.IsNullOrEmpty(test.SiteData.EmailToken)) {
if (test.SiteData.EmailToken == ResetToken) {
test.SiteData.CurrentPasswordAttempts = 0;
Account? test = await _databaseService.GetAccount(UserName.ToLower());
if (test != null && !string.IsNullOrEmpty(test.EmailToken)) {
if (!string.IsNullOrEmpty(test.EmailToken) && test.EmailToken == ResetToken) {
test.CurrentPasswordAttempts = 0;
test.EmailToken = "";
test.PasswordHash = BCrypt.Net.BCrypt.HashPassword(NewPassword);
await _accountContext.SetAccount(test);
await _databaseService.SetAccount(test);
return true;
}
}
@@ -313,14 +264,14 @@ namespace MistoxWebsite.Server.Controllers {
}
}
[Route("api/account/delete")]
[Route("delete")]
[HttpPost]
public async Task<ActionResult<bool>> delete([FromForm]string UserName, [FromForm]string Password) {
public async Task<ActionResult<bool>> delete([FromForm] string Password) {
try {
Account? test = await _accountContext.GetAccount(UserName.ToLower());
if (test != null) {
if (BCrypt.Net.BCrypt.Verify(Password, test.PasswordHash)) {
await _accountContext.DeleteAccount(test);
if (isLoggedIn()) {
Account user = await getLoggedInUser();
if (BCrypt.Net.BCrypt.Verify(Password, user.PasswordHash)) {
await _databaseService.DeleteAccount(user.ID);
return true;
}
}
@@ -330,37 +281,5 @@ namespace MistoxWebsite.Server.Controllers {
}
}
// Helper Functions
string Substitue(string message, string subString, string Replacement) {
for (int i = 0; i < (message.Length - subString.Length); i++) {
if (message.Substring(i, subString.Length) == subString) {
string before = message.Substring(0, i);
string after = message.Substring(i + subString.Length);
return before + Replacement + after;
}
}
return message;
}
async Task<AccountClaims> getClaims(int AccountID) {
try {
Account? test = await _accountContext.GetAccountByID(AccountID);
if (test != null) {
AccountClaims aClaims = new AccountClaims() {
UserName = test.UserName,
Email = test.Email,
Role = test.SiteData.Role
};
aClaims.EmailVerified = test.EmailVerified ? "1" : "0";
aClaims.FailedPasswordLock = test.SiteData.FailedPasswordLock ? "1" : "0";
return aClaims;
}
return new AccountClaims();
} catch {
return new AccountClaims();
}
}
}
}
src/MistoxWebsite.Server/Controllers/CartController.cs
+69
View File
@@ -0,0 +1,69 @@
using Microsoft.AspNetCore.Mvc;
using MistoxWebsite.Server.Entities;
using MistoxWebsite.Server.Services.DatabaseService;
namespace MistoxWebsite.Server.Controllers {
[ApiController]
[Route("api/cart/[controller]")]
public class CartController : MistoxControllerBase {
CartController(DatabaseService db) : base(db) { }
[Route("get")]
[HttpPost]
public async Task<ActionResult<Cart[]>> GetCart() {
try {
if (isLoggedIn()) {
return Ok(await _databaseService.GetCart(getLoggedInUserID()));
}
return StatusCode(500);
} catch {
return StatusCode(500);
}
}
[Route("add")]
[HttpPost]
public async Task<IActionResult> AddCart([FromBody] Cart cart) {
try {
if (isLoggedIn()) {
cart.AccountID = getLoggedInUserID();
await _databaseService.AddToCart(cart);
return Ok();
}
return StatusCode(500);
} catch {
return StatusCode(500);
}
}
[Route("remove")]
[HttpPost]
public async Task<IActionResult> RemoveCart([FromBody] Cart cart) {
try {
if (isLoggedIn()) {
cart.AccountID = getLoggedInUserID();
await _databaseService.RemoveFromCart(cart);
return Ok();
}
return StatusCode(500);
} catch {
return StatusCode(500);
}
}
[Route("clear")]
[HttpPost]
public async Task<IActionResult> ClearCart() {
try {
if (isLoggedIn()) {
await _databaseService.ClearCart(getLoggedInUserID());
return Ok();
}
return StatusCode(500);
} catch {
return StatusCode(500);
}
}
}
}
src/MistoxWebsite.Server/Controllers/MistoxControllerBase.cs
+60
View File
@@ -0,0 +1,60 @@
using Microsoft.AspNetCore.Mvc;
using MistoxWebsite.Server.Entities;
using MistoxWebsite.Server.Services.DatabaseService;
namespace MistoxWebsite.Server.Controllers {
public class MistoxControllerBase : ControllerBase {
public DatabaseService _databaseService;
public MistoxControllerBase(DatabaseService databaseService) {
_databaseService = databaseService;
}
public bool isLoggedIn() {
if (User.Identity != null && User.Identity.IsAuthenticated) {
return true;
}
return false;
}
public int getLoggedInUserID() {
return Convert.ToInt32(User.FindFirst("ID")?.Value);
}
public async Task<Account> getLoggedInUser() {
try {
Account? test = await _databaseService.GetAccount(getLoggedInUserID());
if (test != null) {
return test;
}
return new Account();
} catch {
return new Account();
}
}
public string Substitue(string message, string subString, string Replacement) {
for (int i = 0; i < (message.Length - subString.Length); i++) {
if (message.Substring(i, subString.Length) == subString) {
string before = message.Substring(0, i);
string after = message.Substring(i + subString.Length);
return before + Replacement + after;
}
}
return message;
}
public bool contains(string outer, string inner) {
if (outer.Length >= inner.Length) {
for (int i = 0; i < outer.Length - inner.Length; i++) {
if (outer.Substring(i, inner.Length) == inner) {
return true;
}
}
}
return false;
}
}
}
src/MistoxWebsite.Server/Controllers/PaymentController.cs
+13 -18
View File
@@ -5,14 +5,12 @@ using MistoxWebsite.Server.Entities;
namespace MistoxWebsite.Server.Controllers {
[ApiController]
public class PaymentController : ControllerBase {
[Route("api/payment/[controller]")]
public class PaymentController : MistoxControllerBase {
DatabaseService _databaseService;
IPayment _paymentService;
public PaymentController(DatabaseService databaseService) {
_databaseService = databaseService;
public PaymentController(DatabaseService db) : base(db) {
if (IPayment._PaymentType == PaymentType.StripeIntent) {
_paymentService = new StripeIntent(_databaseService);
} else {
@@ -20,17 +18,15 @@ namespace MistoxWebsite.Server.Controllers {
_paymentService = new StripeIntent(_databaseService);
}
// Add new payment plugins here
}
[Route("api/getCheckoutToken")]
[Route("getcheckouttoken")]
[HttpPost]
public async Task<string> GetPaymentKey( [FromQuery] string userID ) {
public async Task<string> GetCheckoutToken() {
string OrderNumber = Guid.NewGuid().ToString().Substring(0, 10);
Account? acc = await _databaseService.GetAccount(userID);
if (acc != null) {
Cart[] carts = await _databaseService.GetCart(acc);
(bool, string) PaymentResponse = await _paymentService.TryGetCheckoutToken(OrderNumber, acc, carts);
if (isLoggedIn()) {
Cart[] carts = await _databaseService.GetCart(getLoggedInUserID());
(bool, string) PaymentResponse = await _paymentService.TryGetCheckoutToken(OrderNumber, getLoggedInUserID(), carts);
if (PaymentResponse.Item1) {
// Returns client secret
return PaymentResponse.Item2;
@@ -40,14 +36,13 @@ namespace MistoxWebsite.Server.Controllers {
Console.WriteLine("\n");
return "An error has occured in the payment plugin";
}
} else {
return "Unable to find account";
}
return "You must be logged in";
}
[Route("/api/payment/publickey")]
[HttpGet]
public IActionResult GetPaymentKey() {
[Route("getpublickey")]
[HttpPost]
public IActionResult GetPublicKey() {
try {
return Ok(IPayment._PublicKey);
} catch (Exception ex) {
@@ -55,7 +50,7 @@ namespace MistoxWebsite.Server.Controllers {
}
}
[Route("/api/payment/response")]
[Route("response")]
[HttpPost]
public async Task<IActionResult> paymentWebhook() {
try {
src/MistoxWebsite.Server/Controllers/PaymentMethods/IPayment.cs
+1 -1
View File
@@ -8,7 +8,7 @@ namespace MistoxWebsite.Server.Controllers.Payment {
public static string _EndpointSecret = "";
public static string _PublicKey = "";
public Task<(bool, string)> TryGetCheckoutToken(string OrderNumber, Account user, Cart[] cart);
public Task<(bool, string)> TryGetCheckoutToken(string OrderNumber, int userID, Cart[] cart);
public Task ValidatePurchase(string WebHookData, string Headers);
}
src/MistoxWebsite.Server/Controllers/PaymentMethods/StripeIntents.cs
+3 -6
View File
@@ -12,7 +12,7 @@ namespace MistoxWebsite.Server.Controllers {
_databaseService = databaseService;
}
public async Task<(bool, string)> TryGetCheckoutToken(string OrderNumber, Account user, Cart[] cart) {
public async Task<(bool, string)> TryGetCheckoutToken(string OrderNumber, int userID, Cart[] cart) {
try {
// build Recipt and calculate Tax
var options = new Stripe.Tax.CalculationCreateOptions {
@@ -60,7 +60,7 @@ namespace MistoxWebsite.Server.Controllers {
Currency = "usd",
Metadata = new Dictionary<string, string> {
{ "ordernumber", OrderNumber },
{ "user", user.ID.ToString() },
{ "user", userID.ToString() },
{ "products", csv },
{ "subtotal", subtotal.ToString() },
{ "total", result.AmountTotal.ToString() }
@@ -115,10 +115,7 @@ namespace MistoxWebsite.Server.Controllers {
}
// Clear the cart
Account account = new() {
ID = userID
};
await _databaseService.ClearCart(account);
await _databaseService.ClearCart(userID);
// Add data to misox receipt
for (int i = 0; i < productIDs.Count; i++) {
src/MistoxWebsite.Server/Controllers/ProductController.cs
+47 -112
View File
@@ -1,63 +1,21 @@
using Microsoft.AspNetCore.Mvc;
using MistoxWebsite.Server.Services.DatabaseService;
using MistoxWebsite.Server.Entities;
using System.Security.Claims;
using System.Threading.Tasks;
namespace MistoxWebsite.Server.Controllers {
[ApiController]
public class ProductController : ControllerBase {
[Route("api/product/[controller]")]
public class ProductController : MistoxControllerBase {
DatabaseService _databaseService;
public ProductController(DatabaseService db) : base(db) { }
public ProductController( DatabaseService databaseService ) {
_databaseService = databaseService;
}
[Route( "api/cart/get" )]
[Route("set")]
[HttpPost]
public async Task<Cart[]> GetCart( [FromBody] Account acc ) {
try {
return await _databaseService.GetCart( acc );
} catch {
return new Cart[0];
}
}
[Route( "api/cart/add" )]
[HttpPost]
public async Task AddCart( [FromBody] Cart cart ) {
try {
await _databaseService.AddToCart( cart );
}catch {
}
}
[Route( "api/cart/remove" )]
[HttpPost]
public async Task RemoveCart( [FromBody] Cart cart ) {
try {
await _databaseService.RemoveFromCart( cart );
} catch {
}
}
[Route( "api/cart/clear" )]
[HttpPost]
public async Task ClearCart( [FromBody] Account acc ) {
try {
await _databaseService.ClearCart( acc );
} catch {
}
}
[Route( "api/product/create" )]
[HttpPost]
public async Task<ActionResult<bool>> CreateProduct([FromForm] Product obj, [FromForm] List<IFormFile> images){
public async Task<ActionResult<bool>> CreateProduct([FromForm] Product obj, [FromForm] IFormFile[] images) {
try {
if (isLoggedIn()) {
Account user = await getLoggedInUser();
if (user.Role == "Admin") {
List<ProductImage> building = new List<ProductImage>();
foreach (var file in images) {
using (var stream = new MemoryStream()) {
@@ -70,33 +28,26 @@ namespace MistoxWebsite.Server.Controllers {
}
}
obj.Images = building.ToArray();
await _databaseService.NewProduct(obj);
await _databaseService.SetProduct(obj);
return true;
}
}
return false;
} catch (Exception e) {
Console.WriteLine(e);
return false;
}
}
[Route( "api/product/update" )]
[HttpPost]
public async Task<ActionResult<bool>> UpdateProduct( [FromBody] Product obj ) {
try {
await _databaseService.UpdateProduct( obj );
return true;
} catch {
return false;
}
}
[Route( "api/product/get" )]
[Route("get")]
[HttpPost]
public async Task<ActionResult<Product>> GetProduct([FromForm] int productID) {
try {
Product? x = await _databaseService.GetProduct(productID);
if (x != null) {
return x;
} else {
Product? product = await _databaseService.GetProduct(productID);
if (product != null) {
return product;
}
else {
return NotFound();
}
} catch {
@@ -104,18 +55,7 @@ namespace MistoxWebsite.Server.Controllers {
}
}
[Route( "api/product/delete" )]
[HttpPost]
public async Task<ActionResult<bool>> DeleteProduct( [FromForm] int productID ) {
try {
await _databaseService.DeleteProduct(productID);
return true;
} catch {
return false;
}
}
[Route("api/product/getall")]
[Route("getall")]
[HttpPost]
public async Task<Product[]> GetAllProducts() {
try {
@@ -125,14 +65,32 @@ namespace MistoxWebsite.Server.Controllers {
}
}
[Route( "api/productimage/get" )]
[HttpGet]
public async Task<IActionResult> GetProductImage( int ProductID, int ImageID ) {
[Route("delete")]
[HttpPost]
public async Task<ActionResult<bool>> DeleteProduct([FromForm] int productID) {
try {
if (isLoggedIn()) {
Account user = await getLoggedInUser();
if (user.Role == "Admin") {
await _databaseService.DeleteProduct(productID);
return true;
}
}
return false;
} catch {
return false;
}
}
[Route("getimage")]
[HttpPost]
public async Task<IActionResult> GetProductImage([FromForm] int ProductID, [FromForm] int ImageID) {
try {
ProductImage? img = await _databaseService.GetImage(ProductID, ImageID);
if (img != null) {
return File(img.Image, "Image/*");
} else {
}
else {
return NotFound();
}
} catch {
@@ -140,50 +98,29 @@ namespace MistoxWebsite.Server.Controllers {
}
}
[Route("api/product/getowned")]
[Route("getowned")]
[HttpPost]
public async Task<ActionResult<Receipt[]>> GetOwnedProduct() {
try {
if( User.Identity != null && User.Identity.IsAuthenticated ) {
string? email = User.FindFirstValue(ClaimTypes.Email);
if( !string.IsNullOrEmpty( email ) ) {
Account? test = await _databaseService.GetAccount(email);
if( test != null ) {
Receipt[] returned = await _databaseService.GetAllReceipts(test);
if (isLoggedIn()) {
Receipt[] returned = await _databaseService.GetAllReceipts(getLoggedInUserID());
return returned;
}
}
}
return new Receipt[0];
} catch {
return new Receipt[0];
}
}
bool contains( string outer, string inner ) {
if ( outer.Length >= inner.Length ) {
for ( int i=0; i<outer.Length-inner.Length; i++ ) {
if ( outer.Substring(i, inner.Length) == inner ) {
return true;
}
}
}
return false;
}
[Route( "api/product/download" )]
[Route("download")]
[HttpGet]
public async Task<ActionResult> Download([FromQuery] string Product) {
try {
if( User.Identity != null && User.Identity.IsAuthenticated ) {
string? email = User.FindFirstValue(ClaimTypes.Email);
if( !string.IsNullOrEmpty( email ) ) {
Account? user = await _databaseService.GetAccount(email);
if (user != null){
if (isLoggedIn()) {
Product[] games = await _databaseService.GetAllProducts();
foreach (Product product in games) {
if (contains(Product, product.URL)) {
Receipt? receipt = await _databaseService.GetReceipt(user, product);
Receipt? receipt = await _databaseService.GetReceipt(getLoggedInUserID(), product.ID);
if (receipt != null) {
//FileStream fileStream = new FileStream(_FolderRoot + Product, FileMode.Open, FileAccess.Read);
//return new FileStreamResult( fileStream, "application/octet-stream" ) {
@@ -193,8 +130,6 @@ namespace MistoxWebsite.Server.Controllers {
break;
}
}
}
}
return Unauthorized();
}
return Unauthorized();