Simulationable/amrez-nova-eop-services-api
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Init Git

Browse Source
This commit is contained in:
Thanakarn Klangkasame
2025-09-30 11:01:02 +07:00
commit 92e614674c
182 changed files with 9596 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
AMREZ.EOP.Application/UseCases/Authentications/AddEmailIdentityUseCase.cs Normal file
View File

@@ -0,0 +1,47 @@
using System.Data;
using AMREZ.EOP.Abstractions.Applications.Tenancy;
using AMREZ.EOP.Abstractions.Applications.UseCases.Authentications;
using AMREZ.EOP.Abstractions.Infrastructures.Common;
using AMREZ.EOP.Abstractions.Infrastructures.Repositories;
using AMREZ.EOP.Contracts.DTOs.Authentications.AddEmailIdentity;
using AMREZ.EOP.Domain.Shared._Users;
using Microsoft.AspNetCore.Http;
namespace AMREZ.EOP.Application.UseCases.Authentications;
public sealed class AddEmailIdentityUseCase : IAddEmailIdentityUseCase
{
private readonly ITenantResolver _resolver;
private readonly IUnitOfWork _uow;
private readonly IUserRepository _users;
private readonly IHttpContextAccessor _http;
public AddEmailIdentityUseCase(ITenantResolver r, IUnitOfWork uow, IUserRepository users, IHttpContextAccessor http)
{
_resolver = r;
_uow = uow;
_users = users;
_http = http;
}
public async Task<bool> ExecuteAsync(AddEmailIdentityRequest request, CancellationToken ct = default)
{
var http = _http.HttpContext ?? throw new InvalidOperationException("No HttpContext");
var tenant = _resolver.Resolve(http, request);
if (tenant is null) return false;
await _uow.BeginAsync(tenant, IsolationLevel.ReadCommitted, ct);
try
{
var email = request.Email.Trim().ToLowerInvariant();
await _users.AddIdentityAsync(request.UserId, IdentityType.Email, email, request.IsPrimary, ct);
await _uow.CommitAsync(ct);
return true;
}
catch
{
await _uow.RollbackAsync(ct);
throw;
}
}
}

47
AMREZ.EOP.Application/UseCases/Authentications/ChangePasswordUseCase.cs Normal file
View File

@@ -0,0 +1,47 @@
using System.Data;
using AMREZ.EOP.Abstractions.Applications.Tenancy;
using AMREZ.EOP.Abstractions.Applications.UseCases.Authentications;
using AMREZ.EOP.Abstractions.Infrastructures.Common;
using AMREZ.EOP.Abstractions.Infrastructures.Repositories;
using AMREZ.EOP.Abstractions.Security;
using AMREZ.EOP.Contracts.DTOs.Authentications.ChangePassword;
using Microsoft.AspNetCore.Http;
namespace AMREZ.EOP.Application.UseCases.Authentications;
public sealed class ChangePasswordUseCase : IChangePasswordUseCase
{
private readonly ITenantResolver _resolver;
private readonly IUnitOfWork _uow;
private readonly IUserRepository _users;
private readonly IPasswordHasher _hasher;
private readonly IHttpContextAccessor _http;
public ChangePasswordUseCase(ITenantResolver r, IUnitOfWork uow, IUserRepository users, IPasswordHasher h, IHttpContextAccessor http)
{ _resolver = r; _uow = uow; _users = users; _hasher = h; _http = http; }
public async Task<bool> ExecuteAsync(ChangePasswordRequest request, CancellationToken ct = default)
{
var http = _http.HttpContext ?? throw new InvalidOperationException("No HttpContext");
var tenant = _resolver.Resolve(http, request);
if (tenant is null) return false;
await _uow.BeginAsync(tenant, IsolationLevel.ReadCommitted, ct);
try
{
var user = await _users.FindByIdAsync(request.UserId, ct);
if (user is null) { await _uow.RollbackAsync(ct); return false; }
if (!_hasher.Verify(request.OldPassword, user.PasswordHash))
{ await _uow.RollbackAsync(ct); return false; }
var newHash = _hasher.Hash(request.NewPassword);
await _users.AddPasswordHistoryAsync(user.Id, user.PasswordHash, ct);
await _users.ChangePasswordAsync(user.Id, newHash, ct);
await _uow.CommitAsync(ct);
return true;
}
catch { await _uow.RollbackAsync(ct); throw; }
}
}

36
AMREZ.EOP.Application/UseCases/Authentications/DisableMfaUseCase.cs Normal file
View File

@@ -0,0 +1,36 @@
using System.Data;
using AMREZ.EOP.Abstractions.Applications.Tenancy;
using AMREZ.EOP.Abstractions.Applications.UseCases.Authentications;
using AMREZ.EOP.Abstractions.Infrastructures.Common;
using AMREZ.EOP.Abstractions.Infrastructures.Repositories;
using AMREZ.EOP.Contracts.DTOs.Authentications.DisableMfa;
using Microsoft.AspNetCore.Http;
namespace AMREZ.EOP.Application.UseCases.Authentications;
public sealed class DisableMfaUseCase : IDisableMfaUseCase
{
private readonly ITenantResolver _resolver;
private readonly IUnitOfWork _uow;
private readonly IUserRepository _users;
private readonly IHttpContextAccessor _http;
public DisableMfaUseCase(ITenantResolver r, IUnitOfWork uow, IUserRepository users, IHttpContextAccessor http)
{ _resolver = r; _uow = uow; _users = users; _http = http; }
public async Task<bool> ExecuteAsync(DisableMfaRequest request, CancellationToken ct = default)
{
var http = _http.HttpContext ?? throw new InvalidOperationException("No HttpContext");
var tenant = _resolver.Resolve(http, request);
if (tenant is null) return false;
await _uow.BeginAsync(tenant, IsolationLevel.ReadCommitted, ct);
try
{
await _users.DisableMfaFactorAsync(request.FactorId, ct);
await _uow.CommitAsync(ct);
return true;
}
catch { await _uow.RollbackAsync(ct); throw; }
}
}

36
AMREZ.EOP.Application/UseCases/Authentications/EnableTotpUseCase.cs Normal file
View File

@@ -0,0 +1,36 @@
using System.Data;
using AMREZ.EOP.Abstractions.Applications.Tenancy;
using AMREZ.EOP.Abstractions.Applications.UseCases.Authentications;
using AMREZ.EOP.Abstractions.Infrastructures.Common;
using AMREZ.EOP.Abstractions.Infrastructures.Repositories;
using AMREZ.EOP.Contracts.DTOs.Authentications.EnableTotp;
using Microsoft.AspNetCore.Http;
namespace AMREZ.EOP.Application.UseCases.Authentications;
public sealed class EnableTotpUseCase : IEnableTotpUseCase
{
private readonly ITenantResolver _resolver;
private readonly IUnitOfWork _uow;
private readonly IUserRepository _users;
private readonly IHttpContextAccessor _http;
public EnableTotpUseCase(ITenantResolver r, IUnitOfWork uow, IUserRepository users, IHttpContextAccessor http)
{ _resolver = r; _uow = uow; _users = users; _http = http; }
public async Task<EnableTotpResponse?> ExecuteAsync(EnableTotpRequest request, CancellationToken ct = default)
{
var http = _http.HttpContext ?? throw new InvalidOperationException("No HttpContext");
var tenant = _resolver.Resolve(http, request);
if (tenant is null) return null;
await _uow.BeginAsync(tenant, IsolationLevel.ReadCommitted, ct);
try
{
var factor = await _users.AddTotpFactorAsync(request.UserId, request.Label, request.Secret, ct);
await _uow.CommitAsync(ct);
return new EnableTotpResponse(factor.Id, request.Label);
}
catch { await _uow.RollbackAsync(ct); throw; }
}
}

51
AMREZ.EOP.Application/UseCases/Authentications/LoginUseCase.cs Normal file
View File

@@ -0,0 +1,51 @@
using System.Data;
using AMREZ.EOP.Abstractions.Applications.Tenancy;
using AMREZ.EOP.Abstractions.Applications.UseCases.Authentications;
using AMREZ.EOP.Abstractions.Infrastructures.Common;
using AMREZ.EOP.Abstractions.Infrastructures.Repositories;
using AMREZ.EOP.Abstractions.Security;
using AMREZ.EOP.Contracts.DTOs.Authentications.Login;
using Microsoft.AspNetCore.Http;
namespace AMREZ.EOP.Application.UseCases.Authentications;
public sealed class LoginUseCase : ILoginUseCase
{
private readonly ITenantResolver _tenantResolver;
private readonly IUserRepository _users;
private readonly IPasswordHasher _hasher;
private readonly IHttpContextAccessor _http;
private readonly IUnitOfWork _uow;
public LoginUseCase(ITenantResolver r, IUserRepository u, IPasswordHasher h, IHttpContextAccessor http, IUnitOfWork uow)
{ _tenantResolver = r; _users = u; _hasher = h; _http = http; _uow = uow; }
public async Task<LoginResponse?> ExecuteAsync(LoginRequest request, CancellationToken ct = default)
{
var http = _http.HttpContext ?? throw new InvalidOperationException("No HttpContext");
var tenant = _tenantResolver.Resolve(http, request);
if (tenant is null) return null;
await _uow.BeginAsync(tenant, IsolationLevel.ReadCommitted, ct);
try
{
var email = request.Email.Trim().ToLowerInvariant();
var user = await _users.FindActiveByEmailAsync(email, ct);
if (user is null || !_hasher.Verify(request.Password, user.PasswordHash))
{
await _uow.RollbackAsync(ct);
return null;
}
await _uow.CommitAsync(ct);
// NOTE: ไม่ใช้ DisplayName ใน Entity แล้ว — ส่งกลับเป็นค่าว่าง/ไปดึงจาก HR ฝั่ง API
return new LoginResponse(user.Id, string.Empty, email, tenant.Id);
}
catch
{
await _uow.RollbackAsync(ct);
throw;
}
}
}

45
AMREZ.EOP.Application/UseCases/Authentications/LogoutAllUseCase.cs Normal file
View File

@@ -0,0 +1,45 @@
using System.Data;
using AMREZ.EOP.Abstractions.Applications.Tenancy;
using AMREZ.EOP.Abstractions.Applications.UseCases.Authentications;
using AMREZ.EOP.Abstractions.Infrastructures.Common;
using AMREZ.EOP.Abstractions.Infrastructures.Repositories;
using AMREZ.EOP.Contracts.DTOs.Authentications.LogoutAll;
using Microsoft.AspNetCore.Http;
namespace AMREZ.EOP.Application.UseCases.Authentications;
public sealed class LogoutAllUseCase : ILogoutAllUseCase
{
private readonly ITenantResolver _resolver;
private readonly IUnitOfWork _uow;
private readonly IUserRepository _users;
private readonly IHttpContextAccessor _http;
public LogoutAllUseCase(ITenantResolver r, IUnitOfWork uow, IUserRepository users, IHttpContextAccessor http)
{
_resolver = r;
_uow = uow;
_users = users;
_http = http;
}
public async Task<int> ExecuteAsync(LogoutAllRequest request, CancellationToken ct = default)
{
var http = _http.HttpContext ?? throw new InvalidOperationException("No HttpContext");
var tenant = _resolver.Resolve(http, request);
if (tenant is null) return 0;
await _uow.BeginAsync(tenant, IsolationLevel.ReadCommitted, ct);
try
{
var n = await _users.RevokeAllSessionsAsync(request.UserId, ct);
await _uow.CommitAsync(ct);
return n;
}
catch
{
await _uow.RollbackAsync(ct);
throw;
}
}
}

36
AMREZ.EOP.Application/UseCases/Authentications/LogoutUseCase.cs Normal file
View File

@@ -0,0 +1,36 @@
using System.Data;
using AMREZ.EOP.Abstractions.Applications.Tenancy;
using AMREZ.EOP.Abstractions.Applications.UseCases.Authentications;
using AMREZ.EOP.Abstractions.Infrastructures.Common;
using AMREZ.EOP.Abstractions.Infrastructures.Repositories;
using AMREZ.EOP.Contracts.DTOs.Authentications.Logout;
using Microsoft.AspNetCore.Http;
namespace AMREZ.EOP.Application.UseCases.Authentications;
public sealed class LogoutUseCase : ILogoutUseCase
{
private readonly ITenantResolver _resolver;
private readonly IUnitOfWork _uow;
private readonly IUserRepository _users;
private readonly IHttpContextAccessor _http;
public LogoutUseCase(ITenantResolver r, IUnitOfWork uow, IUserRepository users, IHttpContextAccessor http)
{ _resolver = r; _uow = uow; _users = users; _http = http; }
public async Task<bool> ExecuteAsync(LogoutRequest request, CancellationToken ct = default)
{
var http = _http.HttpContext ?? throw new InvalidOperationException("No HttpContext");
var tenant = _resolver.Resolve(http, request);
if (tenant is null) return false;
await _uow.BeginAsync(tenant, IsolationLevel.ReadCommitted, ct);
try
{
var n = await _users.RevokeSessionAsync(request.UserId, request.SessionId, ct);
await _uow.CommitAsync(ct);
return n > 0;
}
catch { await _uow.RollbackAsync(ct); throw; }
}
}

78
AMREZ.EOP.Application/UseCases/Authentications/RegisterUseCase.cs Normal file
View File

@@ -0,0 +1,78 @@
using System.Data;
using AMREZ.EOP.Abstractions.Applications.Tenancy;
using AMREZ.EOP.Abstractions.Applications.UseCases.Authentications;
using AMREZ.EOP.Abstractions.Infrastructures.Common;
using AMREZ.EOP.Abstractions.Infrastructures.Repositories;
using AMREZ.EOP.Abstractions.Security;
using AMREZ.EOP.Contracts.DTOs.Authentications.Register;
using AMREZ.EOP.Domain.Entities.Authentications;
using AMREZ.EOP.Domain.Shared._Users;
using Microsoft.AspNetCore.Http;
namespace AMREZ.EOP.Application.UseCases.Authentications;
public sealed class RegisterUseCase : IRegisterUseCase
{
private readonly ITenantResolver _tenantResolver;
private readonly IUnitOfWork _uow;
private readonly IUserRepository _users;
private readonly IPasswordHasher _hasher;
private readonly IHttpContextAccessor _http;
public RegisterUseCase(
ITenantResolver resolver,
IUnitOfWork uow,
IUserRepository users,
IPasswordHasher hasher,
IHttpContextAccessor http)
{
_tenantResolver = resolver; _uow = uow; _users = users; _hasher = hasher; _http = http;
}
public async Task<RegisterResponse?> ExecuteAsync(RegisterRequest request, CancellationToken ct = default)
{
var http = _http.HttpContext ?? throw new InvalidOperationException("No HttpContext");
var tenant = _tenantResolver.Resolve(http, request);
if (tenant is null) return null;
var emailNorm = request.Email.Trim().ToLowerInvariant();
await _uow.BeginAsync(tenant, IsolationLevel.ReadCommitted, ct);
try
{
if (await _users.EmailExistsAsync(emailNorm, ct))
{
await _uow.RollbackAsync(ct);
return null;
}
var hash = _hasher.Hash(request.Password);
var user = new User
{
PasswordHash = hash,
IsActive = true,
};
// แนบอัตลักษณ์แบบ Email (เก็บในตารางลูก)
user.Identities.Add(new UserIdentity
{
Type = IdentityType.Email,
Identifier = emailNorm,
IsPrimary = true,
VerifiedAt = null
});
await _users.AddAsync(user, ct);
await _uow.CommitAsync(ct);
// ไม่ส่ง DisplayName (ปล่อยให้ HR/Presentation สร้าง)
return new RegisterResponse(user.Id, string.Empty, emailNorm, tenant.Id);
}
catch
{
await _uow.RollbackAsync(ct);
throw;
}
}
}

37
AMREZ.EOP.Application/UseCases/Authentications/VerifyEmailUseCase.cs Normal file
View File

@@ -0,0 +1,37 @@
using System.Data;
using AMREZ.EOP.Abstractions.Applications.Tenancy;
using AMREZ.EOP.Abstractions.Applications.UseCases.Authentications;
using AMREZ.EOP.Abstractions.Infrastructures.Common;
using AMREZ.EOP.Abstractions.Infrastructures.Repositories;
using AMREZ.EOP.Contracts.DTOs.Authentications.VerifyEmail;
using AMREZ.EOP.Domain.Shared._Users;
using Microsoft.AspNetCore.Http;
namespace AMREZ.EOP.Application.UseCases.Authentications;
public sealed class VerifyEmailUseCase : IVerifyEmailUseCase
{
private readonly ITenantResolver _resolver;
private readonly IUnitOfWork _uow;
private readonly IUserRepository _users;
private readonly IHttpContextAccessor _http;
public VerifyEmailUseCase(ITenantResolver r, IUnitOfWork uow, IUserRepository users, IHttpContextAccessor http)
{ _resolver = r; _uow = uow; _users = users; _http = http; }
public async Task<bool> ExecuteAsync(VerifyEmailRequest request, CancellationToken ct = default)
{
var http = _http.HttpContext ?? throw new InvalidOperationException("No HttpContext");
var tenant = _resolver.Resolve(http, request);
if (tenant is null) return false;
await _uow.BeginAsync(tenant, IsolationLevel.ReadCommitted, ct);
try
{
await _users.VerifyIdentityAsync(request.UserId, IdentityType.Email, request.Email.Trim().ToLowerInvariant(), DateTimeOffset.UtcNow, ct);
await _uow.CommitAsync(ct);
return true;
}
catch { await _uow.RollbackAsync(ct); throw; }
}
}