manager-service/ManagerService/Controllers/AuthenticationController.cs

using Manager.Services;
using ManagerService.Data;
using ManagerService.DTOs;
using ManagerService.Service.Services;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Logging;
using Mqtt.Client.AspNetCore.Services;
using NSwag.Annotations;
using System;
using System.Collections.Generic;
using System.Net;
using System.Linq;

namespace ManagerService.Service.Controllers
{
    /// <summary>
    /// Authentication controller
    /// </summary>
    [ApiController, Route("api/[controller]")]
    [Authorize]
    [OpenApiTag("Authentication", Description = "Authentication management")]
    public class AuthenticationController : ControllerBase
    {
        private readonly ILogger<AuthenticationController> _logger;
        private readonly TokensService _tokensService;
        /*private readonly UserDatabaseService _UserDatabaseService;
        private readonly DeviceDatabaseService _DeviceDatabaseService;
        private readonly ConfigurationDatabaseService _ConfigurationDatabaseService;*/
        private readonly MyInfoMateDbContext _myInfoMateDbContext;


        public AuthenticationController(ILogger<AuthenticationController> logger, TokensService tokensService, MyInfoMateDbContext myInfoMateDbContext/*UserDatabaseService UserDatabaseService, DeviceDatabaseService DeviceDatabaseService, ConfigurationDatabaseService ConfigurationDatabaseService*/)
        {
            _logger = logger;
            _tokensService = tokensService;
            _myInfoMateDbContext = myInfoMateDbContext;
            //_UserDatabaseService = UserDatabaseService;
            //_DeviceDatabaseService = DeviceDatabaseService;
            //_ConfigurationDatabaseService = ConfigurationDatabaseService;
        }

        /// <summary>
        /// Authenticate (business)
        /// </summary>
        /// <param name="email">user email</param>
        /// <param name="password">user password</param>
        /// <returns>Token descriptor</returns>
        private ObjectResult Authenticate(string email, string password)
        {
            try
            {
#if DEBUG
                email = "test@email.be";
                password = "kljqsdkljqsd"; // password = "kljqsdkljqsd"; // W/7aj4NB60i3YFKJq50pbw==
#endif
                // Set user token ? 
                var user = _myInfoMateDbContext.Users.FirstOrDefault(u => u.Email.ToLower() == email.ToLower());
                //var user = _UserDatabaseService.GetByEmail(email.ToLower());

                if (user == null)
                    throw new KeyNotFoundException("User not found");

                var token = _tokensService.Authenticate(user, password);

                MqttClientService.SetServices(_myInfoMateDbContext);//_DeviceDatabaseService, _ConfigurationDatabaseService);

                return new OkObjectResult(token);
            }
            catch (UnauthorizedAccessException ex)
            {
                _logger?.LogError(ex, $"Authentication error for user '{email}': unauthorized access");
                return Unauthorized(ex);
            }
            catch (Exception ex)
            {
                _logger?.LogError(ex, $"Authenticate error for user '{email}'");
                return Problem($"Authenticate error for user '{email}': {ex.Message}");
            }
        }

        /// <summary>
        /// Authenticate with form parameters (used by Swagger test client)
        /// </summary>
        /// <param name="tokenRequest">Swagger token request</param>
        /// <returns>Token descriptor</returns>
        [AllowAnonymous]
        [HttpPost("Token")]
        [Consumes("application/x-www-form-urlencoded")]
        [ProducesResponseType(typeof(TokenDTO), (int) HttpStatusCode.OK)]
        [ProducesResponseType(typeof(string), (int) HttpStatusCode.Unauthorized)]
        [ProducesResponseType(typeof(string), (int) HttpStatusCode.InternalServerError)]
        public ObjectResult AuthenticateWithForm([FromForm] SwaggerTokenRequest tokenRequest)
        {
            return Authenticate(tokenRequest.username, tokenRequest.password);
        }

        /// <summary>
        /// Authenticate with Json parameters (used by most clients)
        /// </summary>
        /// <param name="login">Login DTO</param>
        /// <returns>Token descriptor</returns>
        [AllowAnonymous]
        [HttpPost("Authenticate")]
        [Consumes("application/json")]
        [ProducesResponseType(typeof(TokenDTO), (int)HttpStatusCode.OK)]
        [ProducesResponseType(typeof(string), (int)HttpStatusCode.Unauthorized)]
        [ProducesResponseType(typeof(string), (int)HttpStatusCode.InternalServerError)]
        public ObjectResult AuthenticateWithJson([FromBody] LoginDTO login)
        {
            return Authenticate(login.email.ToLower(), login.password);
        }
    }
}