2019-01-15 21:35:00 +01:00
14 changed files with 235 additions and 210 deletions
--- a/SeniorAssistant/Controllers/AccountController.cs
+++ b/SeniorAssistant/Controllers/AccountController.cs
@@ -4,44 +4,14 @@ using SeniorAssistant.Models;
 using SeniorAssistant.Controllers;
 using LinqToDB;
 using System.Linq;
 using System.Collections.Generic;
 namespace IdentityDemo.Controllers
 {
    [ApiExplorerSettings(IgnoreApi = true)]
    [Route("[controller]/[action]")]
    public class AccountController : BaseController
    {
        /*
        private readonly UserManager<User> _userManager;
        private readonly SignInManager<User> _signInManager;
        private readonly ILogger _logger;
        public AccountController(
            UserManager<User> userManager,
            SignInManager<User> signInManager,
            ILogger<AccountController> logger)
        {
            _userManager = userManager;
            _signInManager = signInManager;
            _logger = logger;
        }
        /*
        [TempData]
        public string ErrorMessage { get; set; }
        [HttpGet]
        [AllowAnonymous]
        public async Task<IActionResult> Login(string returnUrl = null)
        {
            // Clear the existing external cookie to ensure a clean login process
            await HttpContext.SignOutAsync(IdentityConstants.ExternalScheme);
            ViewData["ReturnUrl"] = returnUrl;
            return View();
        }
        */
        [HttpPost]
        public ActionResult _login(string username, string password)
        {
@@ -51,20 +21,22 @@ namespace IdentityDemo.Controllers
                Message = "Username or password is invalid."
            };
-            var strunz = Db.GetTable<User>().Where(user => user.Username.Equals(username) && user.Password.Equals(password)).ToListAsync().Result;
+            var result = Db.GetTable<User>().Where(user => user.Username.Equals(username) && user.Password.Equals(password)).ToListAsync().Result;
-            if (strunz.Count == 1)
+            if (result.Count == 1)
            {
-                var loggedUser = HttpContext.Session.GetString("username");
+                var loggedUser = HttpContext.Session.GetString(Username);
                if (loggedUser==null || !loggedUser.Equals(username))
                {
-                    HttpContext.Session.SetString("username", username);
+                    User user = result.First();
-                    HttpContext.Session.SetString("email", strunz.First().Email);
+                    HttpContext.Session.SetString(Username, username);
-                    HttpContext.Session.SetString("name", strunz.First().Name);
+                    HttpContext.Session.SetString("email", user.Email);
-                    HttpContext.Session.SetString("isdoc", strunz.First().Doctor?"true":"false");
+                    HttpContext.Session.SetString("name", user.Name);
-                    //HttpContext.Session.SetString("lastname", strunz.First().LastName);
+                    HttpContext.Session.SetString("role", user.Role);
                    //HttpContext.Session.SetString("lastname", user.LastName);
                    response.Success = true;
-                    response.Message = "";
+                    response.Message = Request.Query["ReturnUrl"];
                }
                else
                {
@@ -82,24 +54,32 @@ namespace IdentityDemo.Controllers
        }
        [HttpPost]
-        public ActionResult _register(Register register)
+        public ActionResult _register(User user)
        {
            JsonResponse response = new JsonResponse() { Success = true };
            if(ModelState.IsValid)
            {
                User user = new User() { Username = register.Username, Email = register.Email, Password = register.Password};
                try
                {
                    Db.Insert(user);
                    _login(user.Username, user.Password);
                }
                catch
                {
-                    return Json(new JsonResponse() { Success = false, Message = "Username already exist" });
+                    response.Success = false;
                    response.Message = "Username already exists";
                }
                _login(user.Username, user.Password);
                return Json(new JsonResponse() { Success = true });
            }
-            return Json(new JsonResponse() { Success = false, Message = "Modello non valido" });
+            else
            {
                response.Success = false;
                response.Message = "Modello non valido";
            }
            return Json(response);
        }
        internal class JsonResponse
        {
            public bool Success { get; internal set; }
--- a/SeniorAssistant/Controllers/HomeController.cs
+++ b/SeniorAssistant/Controllers/HomeController.cs
@@ -1,17 +1,12 @@
-using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
 namespace SeniorAssistant.Controllers
 {
    [ApiExplorerSettings(IgnoreApi = true)]
-    public class HomeController : Controller
+    public class HomeController : BaseController
    {
        private readonly ISession session;
        public HomeController(IHttpContextAccessor httpContextAccessor)
        {
            this.session = httpContextAccessor.HttpContext.Session;
        }
        [Route("")]
        [Route("Home")]
        [Route("Index")]
@@ -23,33 +18,41 @@ namespace SeniorAssistant.Controllers
        [Route("Heartbeat")]
        public IActionResult Heartbeat()
        {
-            return View();
+            return CheckAuthorized("Heartbeat");
        }
        [Route("Sleep")]
        public IActionResult Sleep()
        {
-            return View();
+            return CheckAuthorized("Sleep");
        }
        [Route("Step")]
        public IActionResult Step()
        {
-            return View();
+            return CheckAuthorized("Step");
        }
        [Route("Users")]
        public IActionResult Users()
        {
-            return View();
+            return CheckAuthorized("Users");
        }
        [Route("User/{User}")]
        public IActionResult SingleUser(string user)
        {
-            if(session.GetString("username") == null)
+            return CheckAuthorized("Data", user);
-                return RedirectToAction("Index");
+        }
-            return View("data", user);
+
        private IActionResult CheckAuthorized(string view, object model = null)
        {
            if (HttpContext.Session.GetString("username") == null)
            {
                model = "/" + view;
                view = "Index";
            }
            return View(view, model);
        }
    }
 }
--- a/SeniorAssistant/Controllers/Services/BaseController.cs
+++ b/SeniorAssistant/Controllers/Services/BaseController.cs
@@ -1,10 +1,13 @@
-using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
 using SeniorAssistant.Data;
 namespace SeniorAssistant.Controllers
 {
    public abstract class BaseController : Controller
    {
        protected static readonly string Username = "username";
        IDataContextFactory<SeniorDataContext> dbFactory;
        SeniorDataContext db;
@@ -20,5 +23,10 @@ namespace SeniorAssistant.Controllers
            base.Dispose(disposing);
        }
        protected bool IsLogged()
        {
            return HttpContext.Session.GetString(Username) != null;
        }
    }
 }
--- a/SeniorAssistant/Models/Register.cs
+++ b/SeniorAssistant/Models/Register.cs
@@ -1,15 +0,0 @@
 using System;
 using System.Collections.Generic;
 using System.Linq;
 using System.Threading.Tasks;
 namespace SeniorAssistant.Models
 {
    public class Register
    {
        public string Username { get; set; }
        public string Email { get; set; }
        public string Password { get; set; }
        public bool Doctor { get; set; }
    }
 }
--- a/SeniorAssistant/Models/User.cs
+++ b/SeniorAssistant/Models/User.cs
@@ -17,11 +17,10 @@ namespace SeniorAssistant.Models
        public string Password { get; set; }
        [NotNull]
-        public bool Doctor { get; set; }
+        public string Role { get; set; }
        public string Name { get; set; }
        public string LastName { get; set; }
    }
 }
--- a/SeniorAssistant/Startup.cs
+++ b/SeniorAssistant/Startup.cs
@@ -5,6 +5,7 @@ using LinqToDB.DataProvider.SQLite;
 using Microsoft.AspNetCore.Builder;
 using Microsoft.AspNetCore.Hosting;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.Data.Sqlite;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
@@ -15,6 +16,10 @@ using SeniorAssistant.Extensions;
 using Swashbuckle.AspNetCore.Swagger;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.Extensions.DependencyInjection.Extensions;
 using Microsoft.AspNetCore.Authentication.JwtBearer;
 using Microsoft.AspNetCore.Authentication.Cookies;
 using Microsoft.AspNetCore.Mvc.Authorization;
 using Microsoft.AspNetCore.Mvc;
 namespace SeniorAssistant
 {
@@ -31,7 +36,15 @@ namespace SeniorAssistant
        // For more information on how to configure your application, visit https://go.microsoft.com/fwlink/?LinkID=398940
        public void ConfigureServices(IServiceCollection services)
        {
-            services.AddMvc();
+            services.AddMvc();// config =>
 //            {
 //                var policy = new AuthorizationPolicyBuilder()
 //                                 .RequireAuthenticatedUser()
 //                                 .Build();
 //                config.Filters.Add(new AuthorizeFilter(policy));
 //            })
 //            .SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
            services.AddSession();
            services.AddSwaggerGen(c =>
@@ -54,20 +67,30 @@ namespace SeniorAssistant
            services.Configure<Kendo>(Configuration.GetSection("kendo"));
            services.Configure<Theme>(Configuration.GetSection("theme"));
 //            services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
 //                .AddCookie(options => {
 //                options.LoginPath = "/";
 //                options.AccessDeniedPath = "/";
 //            });
 //            services.AddDefaultIdentity<IdentityUser>().AddRoles<IdentityRole>()
 //                .AddEntityFrameworkStores<ApplicationDbContext>();
            services.TryAddSingleton<IHttpContextAccessor, HttpContextAccessor>();
-            services.AddSingleton<IEnumerable<IMenuItem>>(new IMenuItem[]
+            services.AddSingleton<IList<IMenuItem>>(new List<IMenuItem>
            {
-                new SubMenu
+                new MenuItem("Index", "/"),
                new SubMenu()
                {
-                    Text = "Link veloci",
+                    Text = "Raw Data",
                    Items = new MenuItem[]
                    {
-                        new MenuItem("User", "/"),
+                        new MenuItem("Users", "/users"),
                        new MenuItem("Heartbeat", "/heartbeat"),
                        new MenuItem("Sleep", "/sleep"),
                        new MenuItem("Step", "/step")
                    }
-                },
+                }
            });
            var dbFactory = new SeniorDataContextFactory(
@@ -90,6 +113,7 @@ namespace SeniorAssistant
            app.UseSession();
            app.UseStaticFiles();
 //            app.UseAuthentication();
            // Enable middleware to serve generated Swagger as a JSON endpoint.
            app.UseSwagger();
@@ -126,19 +150,15 @@ namespace SeniorAssistant
                db.CreateTableIfNotExists<Heartbeat>();
                db.CreateTableIfNotExists<Sleep>();
                db.CreateTableIfNotExists<Step>();
-                try
+                db.CreateTableIfNotExists<User>();
-                {
+
                    db.CreateTable<User>();
                int count = 0;
                foreach (string user in names)
                {
                    var username = baseUsername + count;
-                        db.InsertOrReplace(new User { Name = user, Username = username, Password = username, Email = username + "@email.st" } );
+                    db.InsertOrReplace(new User { Role = "user", Name = user, Username = username, Password = username, Email = username + "@email.st" } );
                    count++;
                }
                }
                catch
                { }
                Random rnd = new Random();
                DateTime now = new DateTime(DateTime.Now.Year, DateTime.Now.Month, DateTime.Now.Day);
--- a/SeniorAssistant/Views/Home/Data.cshtml
+++ b/SeniorAssistant/Views/Home/Data.cshtml
@@ -1,18 +1,31 @@
-@model string
+@inject IHttpContextAccessor HttpContextAccessor
@model string
@{
    ViewBag.Title = "Hello Razor";
    var session = HttpContextAccessor.HttpContext.Session;
    // Questa variabile serve a sapere se si e' autorizzati o meno.
    // Per ora e' semplice ma magari si puo' peggiorare utilizzando il ruolo di Doc... etc
    // (Utilizzare inject DbContext)
    bool auth = session.GetString("username").Equals(Model);
 }
-<div id="chart"></div>
+@if (!auth)
-
+{
-<script>
+    <p class="box-title text-red">Non sei autorizzato a vedere i dati di @Model</p>
 }
 else
 {
    // Aggiungere un qualcosa per scegliere le ore da vedere (Max 48?)
    <div id="chart"></div>
    <script>
        var base_url = "@Url.Content("~/api/")";
        var end_url = "/@Model/last/48";
        $.getJSON(base_url + "heartbeat" + end_url, function (heartbeat) {
            $.getJSON(base_url + "step" + end_url, function (steps) {
                $.getJSON(base_url + "sleep" + end_url, function (sleep) {
                    var sleepArr = [];
                    sleep.forEach( function (el) {
                        sleepArr.push({ "time": el.time, "value": 1 });
@@ -90,4 +103,5 @@
                })
            })
        });
-</script>
+    </script>
 }
--- a/SeniorAssistant/Views/Home/Index.cshtml
+++ b/SeniorAssistant/Views/Home/Index.cshtml
@@ -5,21 +5,27 @@ logo sito
    disattivare l-aside e le opzioni
 se non loggato deve tornare qua
 -->
@model string
@inject IHttpContextAccessor HttpContextAccessor
@{
    ViewBag.Title = "Hello Razor";
    string session = HttpContextAccessor.HttpContext.Session.GetString("username");
 }
 <div class="content">
    @if (session == null)
    {
        @if (Model != null)
        {
            <p class="text-red box-title">Per poter accedere alla pagina [@Model] e' necessario essere loggati</p>
        }
        <div class="login-box">
            @{ await Html.RenderPartialAsync("Login"); }
        </div>
        <div class="login-box">
-            @{ await Html.RenderPartialAsync("Register"); 
+            @{ await Html.RenderPartialAsync("Register"); }
            }
        </div>
    }
--- a/SeniorAssistant/Views/Shared/Login.cshtml
+++ b/SeniorAssistant/Views/Shared/Login.cshtml
@@ -1,8 +1,4 @@
-<a href="#" class="dropdown-toggle" data-toggle="dropdown">
+<ul style="list-style-type:none">
    <!-- The user image in the navbar-->
    <!-- hidden-xs hides the username on small devices so only the image appears. -->
 </a>
 <ul style="list-style-type:none">
    <li class="user-header">
        <input type="text" id="username" placeholder="username" />
        <input type="password" id="password" placeholder="password" />
@@ -23,19 +19,17 @@
            dataType: "json",
            type: "POST",
            success: function (data) {
                console.log(data);
                var msg = $("#msg");
                if (data.success) {
                    msg.hide();
                    // app.navigate("");
                    window.location.reload();
                } else {
                    msg.html(data.message).show();
                    $("#user-menu").addClass("open");
                }
                return false;
            },
            error: function (xhr, status, error) {
-                alert(xhr.responseText)
+                alert(xhr.status+" "+xhr.responseText)
            }
        })
    });
--- a/SeniorAssistant/Views/Shared/Profile.cshtml
+++ b/SeniorAssistant/Views/Shared/Profile.cshtml
@@ -1,5 +1,4 @@
-@model User
+@inject IHttpContextAccessor HttpContextAccessor
@inject IHttpContextAccessor HttpContextAccessor
@{
    var session = HttpContextAccessor.HttpContext.Session;
--- a/SeniorAssistant/Views/Shared/Register.cshtml
+++ b/SeniorAssistant/Views/Shared/Register.cshtml
@@ -1,8 +1,10 @@
 <ul style="list-style: none">
    <li class="user-header">
-        <input type="text" id="regUsername" placeholder="username" />
+        <input type="text" id="regUsername" placeholder="Username" required />
-        <input type="password" id="regPassword" placeholder="password" />
+        <input type="text" id="regName" placeholder="Name" />
-        <input type="email" id="regEmail" placeholder="example@qualcosa.qualcosa" />
+        <input type="text" id="regLastname" placeholder="Lastname" />
        <input type="password" id="regPassword" placeholder="Password" required />
        <input type="email" id="regEmail" placeholder="Email" required />
        <label>Doc?</label><input type="checkbox" id="regDoctor" />
        <div>
            <button class="btn-default btn btn-flat" id="register-btn">Register</button>
@@ -13,20 +15,26 @@
 <script>
    $("#register-btn").on("click", function () {
-        var regUsername = $("#regUsername").val();
+        var username = $("#regUsername").val();
-        var regPassword = $("#regPassword").val();
+        var name = $("#regName").val();
-        var regEmail = $("#regEmail").val();
+        var lastname = $("#regLastname").val();
-        var regDoctor = $("#regDoctor").is(":checked");
+        var password = $("#regPassword").val();
        var email = $("#regEmail").val();
        var role = $("#regDoctor").is(":checked")? "Doctor":"User";
        $.ajax({
            url: "/Account/_register",
-            data: { Username: regUsername, Password: regPassword, Email: regEmail},
+            data: {
                Username: username,
                Name: name,
                Lastname: lastname,
                Password: password,
                Email: email,
                Role: role
            },
            dataType: "json",
            type: "POST",
            success: function (data) {
                //se data.success->reload 
                //se data.fail->indica errori
                console.log(data);
                var msg = $("#msg-reg");
                if (data.success) {
                    window.location.reload();
--- a/SeniorAssistant/Views/Shared/SidebarMenu.cshtml
+++ b/SeniorAssistant/Views/Shared/SidebarMenu.cshtml
@@ -1,9 +1,18 @@
-@inject IEnumerable<IMenuItem> Menu
+@inject IList<IMenuItem> Menu
@inject IHttpContextAccessor HttpContextAccessor
@{
    string session = HttpContextAccessor.HttpContext.Session.GetString("username");
    if (session != null) {
        Menu = new List<IMenuItem>(Menu);
        Menu.Insert(1, new MenuItem("Personal Data", "/user/" + session));
    }
 }
 <ul class="sidebar-menu" data-widget="tree">
-    @foreach(var menuItem in Menu)
+    @foreach (var menuItem in Menu)
    {
-        switch(menuItem)
+        switch (menuItem)
        {
            case MenuItem single:
                <li>
--- a/SeniorAssistant/Views/Shared/_Layout.cshtml
+++ b/SeniorAssistant/Views/Shared/_Layout.cshtml
@@ -17,7 +17,7 @@ scratch. This page gets rid of all links and provides the needed markup only.
 <head>
    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
-    <title>@ViewBag.Title</title>
+    <title>SeniorAssistant @ViewBag.Title</title>
    <!-- Tell the browser to be responsive to screen width -->
    <meta content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" name="viewport">
    <link rel="stylesheet" href="~/AdminLTE-2.4.3/bower_components/bootstrap/dist/css/bootstrap.min.css">
--- a/SeniorAssistant/senior.db
+++ b/SeniorAssistant/senior.db