using Microsoft.AspNetCore.Mvc; using DevExpress.ExpressApp.Security; using DevExpress.ExpressApp.Core; using DurnyklyYol.Module.BusinessObjects; using Microsoft.AspNetCore.Authorization; using DevExpress.ExpressApp.WebApi.Services; using Swashbuckle.AspNetCore.Annotations; using DevExpress.Data.Filtering; using DurnyklyYol.Blazor.Server.DTO; namespace DurnyklyYol.Blazor.Server.Controllers { [ApiController] [Route("api/[controller]")] public class ClientController : Microsoft.AspNetCore.Mvc.ControllerBase { private readonly IDataService dataService; private readonly ISecurityProvider securityProvider; private readonly INonSecuredObjectSpaceFactory _nonSecuredObjectSpaceFactory; public ClientController( IDataService dataService, ISecurityProvider securityProvider, INonSecuredObjectSpaceFactory nonSecuredObjectSpaceFactory ) { this.dataService = dataService; this.securityProvider = securityProvider; this._nonSecuredObjectSpaceFactory = nonSecuredObjectSpaceFactory; } [HttpPost(nameof(Register))] [SwaggerOperation("Register account")] [ProducesResponseType(StatusCodes.Status200OK, Type = typeof(string) )] // Success response [ProducesResponseType(StatusCodes.Status409Conflict, Type = typeof(string))] // Conflict response [ProducesResponseType(StatusCodes.Status400BadRequest, Type = typeof(string))] [ProducesResponseType(StatusCodes.Status500InternalServerError, Type = typeof(string))] public async Task Register([FromForm] RegisterDto registerDto) { // Validate input if (!ModelState.IsValid) { return BadRequest(ModelState); } // Check if dataService is null if (dataService == null) { return StatusCode(500, "Data service is not available"); } using var objectSpace = _nonSecuredObjectSpaceFactory.CreateNonSecuredObjectSpace(typeof(ApplicationUser)); //var objectSpace = dataService.GetObjectSpace(typeof(ApplicationUser)); // Check if username already exists var existingUser = objectSpace.FindObject(CriteriaOperator.Parse("UserName == ?", registerDto.Username)); if (existingUser != null) { return Conflict("Username already exists."); } // Create new user var result = objectSpace.CreateObject(); result.UserName = registerDto.Username; result.FullName = registerDto.Name; result.Telefon = registerDto.Phone; result.SetPassword(registerDto.Password); objectSpace.CommitChanges(); // Create a new UserLoginInfo ApplicationUserLoginInfo loginInfo = objectSpace.CreateObject(); loginInfo.User = result; loginInfo.LoginProviderName = "Password"; // Use "Standard" for standard authentication loginInfo.ProviderUserKey = result.Oid.ToString(); // Use the username as the provider key objectSpace.CommitChanges(); return Ok("User registered successfully."); } [HttpDelete(nameof(DeleteAccount))] [SwaggerOperation("Delete account")] [Authorize] [ProducesResponseType(StatusCodes.Status204NoContent, Type = typeof(string))] // Success response [ProducesResponseType(StatusCodes.Status404NotFound, Type = typeof(string))] // Not found response [ProducesResponseType(StatusCodes.Status500InternalServerError, Type = typeof(string))] public IActionResult DeleteAccount() { try { // Check if securityProvider is null if (securityProvider == null) { return StatusCode(500, "Security provider is not available"); } // Check if dataService is null if (dataService == null) { return StatusCode(500, "Data service is not available"); } var objectSpace = dataService.GetObjectSpace(); var userID = (Guid)securityProvider.GetSecurity().UserId; var strategy = (SecurityStrategy)securityProvider.GetSecurity(); if (!strategy.CanWrite(typeof(Client))) return Forbid("You do not have permissions to update a client!"); var user = (Client)strategy.User; if (user == null) { return NotFound("User not found."); } var client = objectSpace.GetObject(user); if (client == null) { return NotFound("Client not found."); } client.Delete(); objectSpace.CommitChanges(); return NoContent(); } catch (Exception ex) { // Log exception details for debugging return StatusCode(500, $"An error occurred while deleting the account: {ex.Message}"); } } [HttpGet(nameof(GetClient))] [Authorize] [SwaggerOperation("Get client information")] [ProducesResponseType(StatusCodes.Status500InternalServerError, Type = typeof(string))] [ProducesResponseType(StatusCodes.Status200OK, Type = typeof(string))] public IActionResult GetClient() { // Check if securityProvider is null if (securityProvider == null) { return StatusCode(500, "Security provider is not available"); } // Check if dataService is null if (dataService == null) { return StatusCode(500, "Data service is not available"); } var objectSpace = dataService.GetObjectSpace(); var userID = (Guid)securityProvider.GetSecurity().UserId; var clients = objectSpace.GetObjectsQuery() .Select(sl => new { Fulname = sl.FullName, Oid = sl.Oid, PhoneNo = sl.Telefon}) .First(cl => cl.Oid == userID); return Ok(clients); } [HttpPost(nameof(FirebaseToken))] [Authorize] [SwaggerOperation("Updates clients firebase token")] [ProducesResponseType(StatusCodes.Status500InternalServerError, Type = typeof(string))] [ProducesResponseType(StatusCodes.Status200OK, Type = typeof(string))] [ProducesResponseType(StatusCodes.Status403Forbidden, Type = typeof(string))] [ProducesResponseType(StatusCodes.Status400BadRequest, Type = typeof(string))] public IActionResult FirebaseToken([FromQuery] string token) { // Check if securityProvider is null if (securityProvider == null) { return StatusCode(500, "Security provider is not available"); } // Check if dataService is null if (dataService == null) { return StatusCode(500, "Data service is not available"); } var strategy = (SecurityStrategy)securityProvider.GetSecurity(); if(!strategy.CanWrite(typeof(Client))) return Forbid("You do not have permissions to update a client!"); var user = (Client)strategy.User; if (user == null || string.IsNullOrEmpty(token)) { return BadRequest(); } var objectSpace = dataService.GetObjectSpace(typeof(Client)); var client = objectSpace.GetObject(user); // Update the token and commit changes client.FirebaseToken = token; objectSpace.CommitChanges(); return Ok("Firebase token updated successfully."); } } }