2024-01-23 15:41:59 +01:00
|
|
|
|
using Microsoft.AspNetCore.Authentication.JwtBearer;
|
|
|
|
|
|
using Microsoft.AspNetCore.Authorization;
|
2024-01-19 17:25:56 +01:00
|
|
|
|
using Microsoft.AspNetCore.Mvc;
|
2024-01-23 15:41:59 +01:00
|
|
|
|
using Microsoft.AspNetCore.Mvc.ModelBinding;
|
2024-01-19 17:25:56 +01:00
|
|
|
|
using Microsoft.Identity.Client;
|
2024-01-23 15:41:59 +01:00
|
|
|
|
using SecureBank.API.Authentication;
|
2024-01-19 17:25:56 +01:00
|
|
|
|
using SecureBank.API.Services;
|
2024-01-23 15:41:59 +01:00
|
|
|
|
using SecureBank.Authentication;
|
2024-01-19 17:25:56 +01:00
|
|
|
|
using SecureBank.Common;
|
|
|
|
|
|
using SecureBank.Common.Accounts;
|
2024-01-23 15:41:59 +01:00
|
|
|
|
using SecureBank.Helpers.Attributes;
|
2024-01-19 17:25:56 +01:00
|
|
|
|
using System;
|
|
|
|
|
|
using System.Collections.Generic;
|
|
|
|
|
|
using System.Linq;
|
2024-01-23 15:41:59 +01:00
|
|
|
|
using System.Security.Claims;
|
2024-01-19 17:25:56 +01:00
|
|
|
|
using System.Text;
|
|
|
|
|
|
using System.Threading.Tasks;
|
|
|
|
|
|
using static System.Runtime.InteropServices.JavaScript.JSType;
|
|
|
|
|
|
|
|
|
|
|
|
namespace SecureBank.API.Controllers
|
|
|
|
|
|
{
|
|
|
|
|
|
[ApiController]
|
|
|
|
|
|
[Route("api/accounts")]
|
|
|
|
|
|
public class AccountsController : ControllerBase
|
|
|
|
|
|
{
|
|
|
|
|
|
#region SERVICES
|
|
|
|
|
|
|
|
|
|
|
|
private IAccountsService _accountsService;
|
|
|
|
|
|
|
|
|
|
|
|
#endregion
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#region CONSTRUCTORS
|
|
|
|
|
|
|
|
|
|
|
|
public AccountsController(IAccountsService accountsService)
|
|
|
|
|
|
{
|
|
|
|
|
|
_accountsService = accountsService;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
#endregion
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#region METHODS
|
|
|
|
|
|
|
|
|
|
|
|
[HttpPost]
|
|
|
|
|
|
[Route("create-account")]
|
2024-01-23 15:41:59 +01:00
|
|
|
|
[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)]
|
|
|
|
|
|
[RequiresClaim("admin", "True")]
|
2024-01-19 17:25:56 +01:00
|
|
|
|
public async Task<ActionResult<APIResponse<int>>> CreateAccount([FromBody] CreateAccountRequest data)
|
|
|
|
|
|
{
|
|
|
|
|
|
APIResponse<int> response = await _accountsService.CreateAccount(data);
|
2024-01-23 15:41:59 +01:00
|
|
|
|
return response.Status switch
|
2024-01-19 17:25:56 +01:00
|
|
|
|
{
|
2024-01-23 15:41:59 +01:00
|
|
|
|
ResponseStatus.Ok => Ok(response),
|
|
|
|
|
|
ResponseStatus.BadRequest => BadRequest(response),
|
|
|
|
|
|
ResponseStatus.Unauthorized => Unauthorized(response),
|
|
|
|
|
|
};
|
2024-01-19 17:25:56 +01:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
[HttpGet]
|
|
|
|
|
|
[Route("{account_id}/password-variant")]
|
|
|
|
|
|
[AllowAnonymous]
|
|
|
|
|
|
public async Task<ActionResult<APIResponse<GetPasswordVariantResponse>>> GetPasswordVariant([FromRoute(Name = "account_id")] int accountId)
|
|
|
|
|
|
{
|
|
|
|
|
|
APIResponse<GetPasswordVariantResponse> response = await _accountsService.GetPasswordVariant(accountId);
|
2024-01-23 15:41:59 +01:00
|
|
|
|
return response.Status switch
|
2024-01-19 17:25:56 +01:00
|
|
|
|
{
|
2024-01-23 15:41:59 +01:00
|
|
|
|
ResponseStatus.Ok => Ok(response),
|
|
|
|
|
|
ResponseStatus.BadRequest => BadRequest(response),
|
|
|
|
|
|
ResponseStatus.Unauthorized => Unauthorized(response),
|
|
|
|
|
|
};
|
2024-01-19 17:25:56 +01:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
[HttpPost]
|
2024-01-23 15:41:59 +01:00
|
|
|
|
[Route("authentication")]
|
2024-01-19 17:25:56 +01:00
|
|
|
|
[AllowAnonymous]
|
|
|
|
|
|
/*
|
|
|
|
|
|
* Action codes:
|
|
|
|
|
|
* 1 - Go back to client code input
|
2024-01-23 15:41:59 +01:00
|
|
|
|
* 2 - Change password required
|
2024-01-19 17:25:56 +01:00
|
|
|
|
*/
|
2024-01-23 15:41:59 +01:00
|
|
|
|
public async Task<ActionResult<APIResponse<string>>> Authentication([FromBody] AuthenticationRequest data)
|
|
|
|
|
|
{
|
|
|
|
|
|
APIResponse<string> response = await _accountsService.Authentication(data);
|
|
|
|
|
|
return response.Status switch
|
|
|
|
|
|
{
|
|
|
|
|
|
ResponseStatus.Ok => Ok(response),
|
|
|
|
|
|
ResponseStatus.BadRequest => BadRequest(response),
|
|
|
|
|
|
ResponseStatus.Unauthorized => Unauthorized(response),
|
|
|
|
|
|
};
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
[HttpPost]
|
|
|
|
|
|
[Route("authentication-refresh")]
|
|
|
|
|
|
[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)]
|
|
|
|
|
|
public async Task<ActionResult<APIResponse<string>>> AuthenticationRefresh()
|
|
|
|
|
|
{
|
|
|
|
|
|
APIResponse<string> response = await _accountsService.AuthenticationRefresh(new Claims(User.Claims));
|
|
|
|
|
|
return response.Status switch
|
|
|
|
|
|
{
|
|
|
|
|
|
ResponseStatus.Ok => Ok(response),
|
|
|
|
|
|
ResponseStatus.BadRequest => BadRequest(response),
|
|
|
|
|
|
ResponseStatus.Unauthorized => Unauthorized(response),
|
|
|
|
|
|
};
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
[HttpPatch]
|
|
|
|
|
|
[Route("change-password")]
|
|
|
|
|
|
[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)]
|
|
|
|
|
|
public async Task<ActionResult<APIResponse>> ChangePassword([FromBody] ChangePasswordRequest data)
|
2024-01-19 17:25:56 +01:00
|
|
|
|
{
|
2024-01-23 15:41:59 +01:00
|
|
|
|
APIResponse response = await _accountsService.ChangePassword(new Claims(User.Claims), data);
|
|
|
|
|
|
return response.Status switch
|
2024-01-19 17:25:56 +01:00
|
|
|
|
{
|
2024-01-23 15:41:59 +01:00
|
|
|
|
ResponseStatus.Ok => Ok(response),
|
|
|
|
|
|
ResponseStatus.BadRequest => BadRequest(response),
|
|
|
|
|
|
ResponseStatus.Unauthorized => Unauthorized(response),
|
|
|
|
|
|
};
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
[HttpGet]
|
|
|
|
|
|
[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)]
|
|
|
|
|
|
public async Task<ActionResult<APIResponse<IEnumerable<AccountResponse>>>> GetAccounts([FromQuery]int? id, [FromQuery] string? iban)
|
|
|
|
|
|
{
|
|
|
|
|
|
APIResponse<IEnumerable<AccountResponse>> response = await _accountsService.GetAccounts(iban, id, new Claims(User.Claims));
|
|
|
|
|
|
return response.Status switch
|
|
|
|
|
|
{
|
|
|
|
|
|
ResponseStatus.Ok => Ok(response),
|
|
|
|
|
|
ResponseStatus.BadRequest => BadRequest(response),
|
|
|
|
|
|
ResponseStatus.Unauthorized => Unauthorized(response),
|
|
|
|
|
|
};
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
[HttpPatch]
|
|
|
|
|
|
[Route("{account_id}/reset-password")]
|
|
|
|
|
|
[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)]
|
|
|
|
|
|
[RequiresClaim("admin", "True")]
|
|
|
|
|
|
public async Task<ActionResult<APIResponse>> ResetPassword([FromRoute(Name = "account_id")] int accountId)
|
|
|
|
|
|
{
|
|
|
|
|
|
APIResponse response = await _accountsService.ResetPassword(accountId);
|
|
|
|
|
|
return response.Status switch
|
|
|
|
|
|
{
|
|
|
|
|
|
ResponseStatus.Ok => Ok(response),
|
|
|
|
|
|
ResponseStatus.BadRequest => BadRequest(response),
|
|
|
|
|
|
ResponseStatus.Unauthorized => Unauthorized(response),
|
|
|
|
|
|
};
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
[HttpPatch]
|
|
|
|
|
|
[Route("{account_id}/unlock")]
|
|
|
|
|
|
[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)]
|
|
|
|
|
|
[RequiresClaim("admin", "True")]
|
|
|
|
|
|
public async Task<ActionResult<APIResponse>> UnlockAccount([FromRoute(Name = "account_id")] int accountId)
|
|
|
|
|
|
{
|
|
|
|
|
|
APIResponse response = await _accountsService.UnlockAccount(accountId);
|
|
|
|
|
|
return response.Status switch
|
2024-01-19 17:25:56 +01:00
|
|
|
|
{
|
2024-01-23 15:41:59 +01:00
|
|
|
|
ResponseStatus.Ok => Ok(response),
|
|
|
|
|
|
ResponseStatus.BadRequest => BadRequest(response),
|
|
|
|
|
|
ResponseStatus.Unauthorized => Unauthorized(response),
|
|
|
|
|
|
};
|
2024-01-19 17:25:56 +01:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
#endregion
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
