Lucca Santangelo Dodera · 13142310
--- a/Tsi1.Api/Tsi1.Api/Controllers/UserController.cs

+ 113

− 7
+++ b/Tsi1.Api/Tsi1.Api/Controllers/UserController.cs

+ 113

− 7
 @@ -23,21 +23,27 @@ namespace Tsi1.Api.Controllers
        private readonly IUserService _userService;
        private readonly IUserTypeService _userTypeService;
        private readonly ITenantService _tenantService;
-
-        public UserController(IJwtAuthManager jwtAuthManager, IUserService userService,
-            IUserTypeService userTypeService, ITenantService tenantService)
+        private readonly IEmailService _emailService;
+
+        public UserController(
+            IJwtAuthManager jwtAuthManager,
+            IUserService userService,
+            IUserTypeService userTypeService,
+            ITenantService tenantService,
+            IEmailService emailService)
        {
            _jwtAuthManager = jwtAuthManager;
            _userService = userService;
            _userTypeService = userTypeService;
            _tenantService = tenantService;
+            _emailService = emailService;
        }

        [AllowAnonymous]
        [HttpPost("Login")]
        public async Task<IActionResult> Login(LoginRequest request)
        {
-            var resultSplit = request.UserName.Split("@");
+            var resultSplit = request.Username.Split("@");

            if (resultSplit.Count() != 2)
            {
 @@ -45,9 +51,7 @@ namespace Tsi1.Api.Controllers
            }

            var userName = resultSplit[0];
-
            var tenantName = resultSplit[1];
-
            var tenantId = await _tenantService.GetByName(tenantName);

            if (tenantId.HasError)
 @@ -56,7 +60,6 @@ namespace Tsi1.Api.Controllers
            }

            var result = await _userService.Authenticate(userName, request.Password, tenantId.Data);
-
            if (result.HasError)
            {
                return BadRequest(result.Message);
 @@ -217,5 +220,108 @@ namespace Tsi1.Api.Controllers
            return Ok(result.Data);
        }

+        [AllowAnonymous]
+        [HttpGet("ForgotPassword/{username}")]
+        public async Task<IActionResult> ForgotPassword(string username)
+        {
+            var resultSplit = username.Split("@");
+
+            if (resultSplit.Count() != 2)
+            {
+                return BadRequest(ErrorMessages.InvalidUsername);
+            }
+
+            username = resultSplit[0];
+            var tenantName = resultSplit[1];
+            var tenantId = await _tenantService.GetByName(tenantName);
+
+            if (tenantId.HasError)
+            {
+                return BadRequest(tenantId.Message);
+            }
+
+            var userResult = await _userService.GetByUsername(username, tenantId.Data);
+
+            if (userResult.HasError)
+            {
+                return BadRequest(userResult.Message);
+            }
+
+            var code = _jwtAuthManager.GenerateVerificationCode(username, DateTime.Now);
+
+            var result = await _emailService.SendVerificationCode(userResult.Data.Email, code);
+            if (result.HasError)
+            {
+                return BadRequest("Ha ocurrido un error");
+            }
+
+            return Ok();
+        }
+
+        [AllowAnonymous]
+        [HttpGet("VerificationCode/{username}/{code}")]
+        public async Task<IActionResult> VerificationCode(string username, int code)
+        {
+            var resultSplit = username.Split("@");
+
+            if (resultSplit.Count() != 2)
+            {
+                return BadRequest(ErrorMessages.InvalidUsername);
+            }
+
+            username = resultSplit[0];
+            var tenantName = resultSplit[1];
+            var tenantId = await _tenantService.GetByName(tenantName);
+
+            if (tenantId.HasError)
+            {
+                return BadRequest(tenantId.Message);
+            }
+
+            if (!_jwtAuthManager.ValidateVerificationCode(username, code))
+            {
+                return BadRequest("Código de verificación incorrecto");
+            }
+
+            var userResult = await _userService.GetByUsername(username, tenantId.Data);
+            if (userResult.HasError)
+            {
+                return BadRequest(userResult.Message);
+            }
+
+            var user = userResult.Data;
+            var claims = new[]
+            {
+                new Claim("Id", user.Id.ToString()),
+                new Claim("Username", user.Username),
+                new Claim("TenantId", user.TenantId.ToString()),
+                new Claim(ClaimTypes.Role, user.UserType.Name)
+            };
+
+            var jwtResult = _jwtAuthManager.GenerateTokens(user.Username, claims, DateTime.Now);
+
+            return Ok(new LoginResult
+            {
+                Id = user.Id,
+                UserName = user.Username,
+                Role = user.UserType.Name,
+                AccessToken = jwtResult.AccessToken,
+                RefreshToken = jwtResult.RefreshToken.TokenString
+            });
+        }
+
+        [HttpPost("RestorePassword")]
+        public async Task<IActionResult> RestorePassword(RestorePasswordDto dto)
+        {
+            var userId = int.Parse(HttpContext.User.Claims.FirstOrDefault(x => x.Type == "Id").Value);
+
+            var result = await _userService.UpdatePassword(userId, dto.Password);
+            if (result.HasError)
+            {
+                return BadRequest(result.Message);
+            }
+
+            return Ok();
+        }
    }
 }