Merge pull request #4 from jioo/v2.1.1

v2.1.1

Author: jioo

readme.md

@@ -48,6 +48,9 @@ cd .\tests\Api\
 
 # Run tests 
 dotnet test
+
+# or Run with file watcher
+dotnet watch test
 ```
 
 ### Local Publish ###
@@ -62,6 +65,7 @@ dotnet-cake build.cake --task="Publish"
 * Swagger for api documentation (URL: http://localhost:5000/swagger/index.html)
 * CQRS Pattern (Command Query Responsibility Segregation)
 * Authentication based on Identity Framework & JWT Bearer
+* Integration Tests with XUnit
 * Material design
 * Realtime update on employee logs
 * ![Realtime Demo](realtime-demo.gif)

src/Api/Constants/AttendanceConfig.cs

@@ -4,7 +4,6 @@ public class AttendanceConfig
     {
         public const string TimeIn = "09:00";
         public const string TimeOut = "18:00";
-        public const string GracePeriod = "15";
-
+        public const int GracePeriod = 15;
     }
 }

src/Api/Entities/Config.cs

@@ -7,6 +7,6 @@ public class Config
         public Guid Id { get; set; }
         public string TimeIn { get; set; }
         public string TimeOut { get; set; }
-        public string GracePeriod { get; set; }
+        public int GracePeriod { get; set; }
     }
 }

src/Api/Extensions/ListExtensions.cs

@@ -7,7 +7,7 @@ namespace WebApi.Extensions
     public static class ListExtensions
     {
         /// <summary>
-        /// 
+        /// Apply sort filters based on parameters
         /// </summary>
         /// <param name="queryable"></param>
         /// <param name="parameters"></param>

src/Api/Features/Accounts/AccountsController.cs

@@ -4,6 +4,10 @@
 using Microsoft.AspNetCore.Authorization;
 using WebApi.Entities;
 using MediatR;
+using System.Security.Claims;
+using Microsoft.AspNetCore.Http;
+using WebApi.Features.Employees;
+using WebApi.Utils;
 
 namespace WebApi.Features.Accounts
 {
@@ -12,24 +16,37 @@ namespace WebApi.Features.Accounts
     public class AccountsController : ControllerBase
     {
         private readonly IMediator _mediator;
+        private readonly IHttpContextAccessor _httpContext;
 
-        public AccountsController(IMediator mediator)
+        public AccountsController(IMediator mediator, IHttpContextAccessor httpContext)
         {
             _mediator = mediator;
+            _httpContext = httpContext;
         }
 
         // POST: api/accounts/register
+        /// <summary>
+        /// Register new employee
+        /// </summary>
+        /// <remarks>
+        /// Unique card no. and username filter will be applied
+        /// </remarks>
+        /// <param name="viewModel"></param>
         [Authorize(Roles = "Admin")]
         [HttpPost("register")]
+        [ProducesResponseType(typeof(EmployeeViewModel), StatusCodes.Status201Created)]
+        [ProducesResponseType(typeof(ErrorHandler), StatusCodes.Status400BadRequest)]
         public async Task<IActionResult> Register(RegisterViewModel viewModel)
         {
             // mediator from Features/Employees
             var isCardExist = await _mediator.Send(new Employees.IsCardExists.Query(Guid.Empty, viewModel.CardNo));
-            if (isCardExist) return BadRequest("Card No. is already in use");
+            if (isCardExist) 
+                return BadRequest(new ErrorHandler{ Description = "Card No. is already in use" });
 
             // mediator from Features/Employees
             var isUsernameExist = await _mediator.Send(new Auth.IsUserExists.Query(viewModel.UserName));
-            if(isUsernameExist) return BadRequest($"Username {viewModel.UserName} is already taken");
+            if (isUsernameExist) 
+                return BadRequest(new ErrorHandler{ Description = $"Username {viewModel.UserName} is already taken" });
 
             // Create user account
             var employeeInfo = await _mediator.Send(new Register.Command(viewModel));
@@ -38,28 +55,44 @@ public async Task<IActionResult> Register(RegisterViewModel viewModel)
         }
 
         // PUT: api/accounts/update-password
+        /// <summary>
+        /// Update an Employee password
+        /// </summary>
+        /// <param name="viewModel"></param>
         [Authorize(Roles = "Admin")]
         [HttpPut("update-password")]
-        public async Task<IActionResult> UpdatePassword(ChangePasswordViewModel viewModel)
+        [ProducesResponseType(StatusCodes.Status200OK)]
+        [ProducesResponseType(typeof(ErrorHandler), StatusCodes.Status400BadRequest)]
+        public async Task<IActionResult> UpdatePassword(UpdatePasswordViewModel viewModel)
         {
             // Change a specific Employee account's password
             var result = await _mediator.Send(new UpdatePassword.Command(viewModel));
-            if(!result) return StatusCode(500);
+            if (!result) 
+                return BadRequest(new ErrorHandler{ Description = "Unable to update password." });
 
             return Ok();
         }
 
         // PUT: api/accounts/change-password
+        /// <summary>
+        /// Update your current password
+        /// </summary>
+        /// <param name="viewModel"></param>
         [HttpPut("change-password")]
+        [ProducesResponseType(StatusCodes.Status200OK)]
+        [ProducesResponseType(typeof(ErrorHandler), StatusCodes.Status400BadRequest)]
         public async Task<IActionResult> ChangePassword(ChangePasswordViewModel viewModel)
         {
             // Check if Old password is correct
-            var validatePassword = await _mediator.Send(new Auth.ValidatePassword.Query(viewModel.UserName, viewModel.OldPassword));
-            if (!validatePassword) return BadRequest("Incorrect password");
+            var currentUser = _httpContext.HttpContext.User.FindFirstValue(ClaimTypes.NameIdentifier);
+            var validatePassword = await _mediator.Send(new Auth.ValidatePassword.Query(currentUser, viewModel.OldPassword));
+            if (!validatePassword) 
+                return BadRequest(new ErrorHandler{ Description = "Incorrect password." });
 
             // Change account password
             var result = await _mediator.Send(new ChangePassword.Command(viewModel));
-            if(!result.Succeeded) return BadRequest("Unable to change password");
+            if (!result.Succeeded) 
+                return BadRequest(new ErrorHandler{ Description = "Unable to change password." });
 
             return Ok();
         }

src/Api/Features/Accounts/ChangePassword.cs

@@ -1,5 +1,6 @@
 using System;
 using System.Linq;
+using System.Security.Claims;
 using System.Threading;
 using System.Threading.Tasks;
 using MediatR;
@@ -9,9 +10,6 @@
 
 namespace WebApi.Features.Accounts
 {
-    /// <summary>
-    /// Change account password
-    /// </summary>
     public class ChangePassword
     {
         public class Command : IRequest<IdentityResult>
@@ -40,9 +38,7 @@ public async Task<IdentityResult> Handle(Command request, CancellationToken canc
                 try
                 {
                     // Get the username in sub type claim
-                    var username = _httpContext.HttpContext.User.Claims
-                        .First(m => m.Type == "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier")
-                        .Value;
+                    var username =  _httpContext.HttpContext.User.FindFirstValue(ClaimTypes.NameIdentifier);
 
                     // Get account details
                     var user = await _manager.FindByNameAsync(username);
@@ -51,7 +47,8 @@ public async Task<IdentityResult> Handle(Command request, CancellationToken canc
                     return await _manager.ChangePasswordAsync(
                         user, 
                         request.ViewModel.OldPassword, 
-                        request.ViewModel.NewPassword);
+                        request.ViewModel.NewPassword
+                    );
                 }
                 catch (Exception e)
                 {

src/Api/Features/Accounts/ChangePasswordViewModel.cs

@@ -1,9 +1,13 @@
+using System.ComponentModel.DataAnnotations;
+
 namespace WebApi.Features.Accounts
 {
     public class ChangePasswordViewModel 
     {
-        public string UserName { get; set; }
+        [Required]
         public string OldPassword { get; set; }
+        [Required]
+        [StringLength(100, ErrorMessage = "The {0} must be at least {2} characters long.", MinimumLength = 6)]
         public string NewPassword { get; set; }
     }
 }

src/Api/Features/Accounts/Register.cs

@@ -9,9 +9,6 @@
 
 namespace WebApi.Features.Accounts
 {
-    /// <summary>
-    /// Create employee account
-    /// </summary>
     public class Register
     {
         public class Command : IRequest<EmployeeViewModel>

src/Api/Features/Accounts/UpdatePassword.cs

@@ -1,5 +1,6 @@
 
 using System;
+using System.Linq;
 using System.Threading;
 using System.Threading.Tasks;
 using MediatR;
@@ -8,19 +9,16 @@
 
 namespace WebApi.Features.Accounts
 {
-    /// <summary>
-    /// Change a specific Employee account's password
-    /// </summary>
     public class UpdatePassword
     {
         public class Command : IRequest<bool>
         {
-            public Command(ChangePasswordViewModel viewModel)
+            public Command(UpdatePasswordViewModel viewModel)
             {
                 ViewModel = viewModel;
             }
 
-            public ChangePasswordViewModel ViewModel { get; }
+            public UpdatePasswordViewModel ViewModel { get; }
         }
 
         public class CommandHandler : IRequestHandler<Command, bool>
@@ -36,14 +34,19 @@ public async Task<bool> Handle(Command request, CancellationToken cancellationTo
             {
                 try
                 {
+                    // Validate User
+                    var validateUser = _manager.Users.FirstOrDefault(m => m.UserName == request.ViewModel.UserName);
+                    if(validateUser == null)
+                        return false;
+                        
                     // Get account details
                     var user = await _manager.FindByNameAsync(request.ViewModel.UserName);
 
                     // Remove the existing password
                     await _manager.RemovePasswordAsync(user);
 
                     // Add the new password
-                    var result = await _manager.AddPasswordAsync(user, request.ViewModel.NewPassword);
+                    var result = await _manager.AddPasswordAsync(user, request.ViewModel.Password);
 
                     return (result.Succeeded) ? true : false;
                 }

src/Api/Features/Accounts/UpdatePasswordViewModel.cs

@@ -0,0 +1,13 @@
+using System.ComponentModel.DataAnnotations;
+
+namespace WebApi.Features.Accounts
+{
+    public class UpdatePasswordViewModel
+    {
+        [Required]
+        public string UserName { get; set; }
+        [Required]
+        [StringLength(100, ErrorMessage = "The {0} must be at least {2} characters long.", MinimumLength = 6)]
+        public string Password { get; set; }
+    }
+}