Ignore files

.gitignore

@@ -4,5 +4,4 @@ obj
 /.vs/FIT5032-Assignment
 /.vs
 packages/
-FIT5032-Assignment/App_Data/FIT5032_Assignment.mdf
+FIT5032-Assignment/App_Data/
-FIT5032-Assignment/App_Data/FIT5032_Assignment_log.ldf

FIT5032-Assignment/Controllers/HomeController.cs

@@ -20,6 +20,9 @@ using System.Net.Http;
 using System.Threading.Tasks;
 using Newtonsoft.Json;
 using System.Net.Http.Headers;
+using System.Dynamic;
+using RestSharp;
+using RestSharp.Authenticators;
 
 namespace FIT5032_Assignment.Controllers {
 
@@ -32,6 +35,15 @@ namespace FIT5032_Assignment.Controllers {
     public string Email { get; set; }
   }
 
+  public class PassageUserFindReply {
+    public int Total_Users { get; set; }
+    public List<PassageUserFindReplyUser> Users { get; set; }
+  }
+
+  public class PassageUserFindReplyUser {
+    public string Id { get; set; }
+  }
+
   // Database
   public class Database1Entities : DbContext {
     public DbSet<Users> Users { get; set; }
@@ -65,7 +77,7 @@ namespace FIT5032_Assignment.Controllers {
 
       return new RsaSecurityKey(rsa);
     }
-    private String loginVerify(string token) {
+    private String psgCredentialVerify(string token) {
 
       var jwtHandler = new JwtSecurityTokenHandler();
       var jwtToken = jwtHandler.ReadJwtToken(token);
@@ -107,7 +119,21 @@ namespace FIT5032_Assignment.Controllers {
 
       return sub;
     }
-
+    private Users loginInfo(string user) {
+      var db = new Database1Entities();
+      var credential = db.Credentials.Where(res => (res.uniqueIdCode == user) && (res.provider == 0));
+      if (credential.Count() == 0) {
+        return null;
+      } else {
+        var userUuid = credential.First().user;
+        var dbUser = db.Users.Where(res => res.uuid == userUuid);
+        if (dbUser.Count() == 0) {
+          return null;
+        } else {
+          return dbUser.First();
+        }
+      }
+    }
     private Database1Entities db = new Database1Entities();
 
     private string GenerateRandomString(int length) {
@@ -128,7 +154,7 @@ namespace FIT5032_Assignment.Controllers {
     public ActionResult Index() {
       // If user logged in, show user name
       if (Request.Cookies["psg_auth_token"] != null) {
-        var user = loginVerify(Request.Cookies["psg_auth_token"].Value);
+        var user = psgCredentialVerify(Request.Cookies["psg_auth_token"].Value);
         if (user != null) {
           var db = new Database1Entities();
           var credential = db.Credentials.Where(res => (res.uniqueIdCode == user) && (res.provider == 0));
@@ -155,7 +181,7 @@ namespace FIT5032_Assignment.Controllers {
       var psg_auth_token = Request.Cookies["psg_auth_token"];
       Trace.WriteLine(psg_auth_token.Value);
       // JWT Verify
-      string sub = loginVerify(psg_auth_token.Value);
+      string sub = psgCredentialVerify(psg_auth_token.Value);
       if (sub == null) {
         return RedirectToAction("Login");
       } else {
@@ -181,7 +207,7 @@ namespace FIT5032_Assignment.Controllers {
 
       // Verify user is logged in
       var psg_auth_token = Request.Cookies["psg_auth_token"];
-      var user = loginVerify(psg_auth_token.Value);
+      var user = psgCredentialVerify(psg_auth_token.Value);
       if (user == null) {
         return RedirectToAction("Login");
       }
@@ -254,7 +280,7 @@ namespace FIT5032_Assignment.Controllers {
           // Redirect to home page
           return RedirectToAction("Index");
         }
-        var user = loginVerify(Request.Cookies["psg_auth_token"].Value);
+        var user = psgCredentialVerify(Request.Cookies["psg_auth_token"].Value);
         if (user == null) {
           // Redirect to home page
           return RedirectToAction("Index");
@@ -277,32 +303,107 @@ namespace FIT5032_Assignment.Controllers {
     }
 
     [HttpPost]
-    public ActionResult ImageUpload(Models.ImageUploadForm model) {
+    public async Task<ActionResult> ImageUpload(Models.ImageUploadForm model) {
       try {
         if (Request.Cookies["psg_auth_token"] == null) {
-          // Redirect to home page
+          // Return 401 error
+          return new HttpStatusCodeResult(HttpStatusCode.Unauthorized);
+        }
+        var userCre = psgCredentialVerify(Request.Cookies["psg_auth_token"].Value);
+        var user = loginInfo(userCre);
+        if (user.role != 2) {
+          // Return 403 error if user is not doctor
           return new HttpStatusCodeResult(HttpStatusCode.Forbidden) ;
         }
-        var user = loginVerify(Request.Cookies["psg_auth_token"].Value);
+
-        if (user == null) {
+        // check recived items
-          // Redirect to home page
+        if (!ModelState.IsValid) {
-          return new HttpStatusCodeResult(HttpStatusCode.Forbidden);
+          ModelState.AddModelError("patientEmail", "Form not valid");
-        } else {
+          return View(model);
-          // Detect if user is doctor or patient
+        }
+
+        // check uploaded file
+        if (model.imageFile == null) {
+          ModelState.AddModelError("imageFile", "Please upload a file");
+          return View(model);
+        }
+        // check format: png, jpg
+        if (model.imageFile.ContentType != "image/png" && model.imageFile.ContentType != "image/jpeg") {
+          ModelState.AddModelError("imageFile", "Please upload a png or jpg file");
+          return View(model);
+        }
+
+        // Check if the email have a patient profile
         var db = new Database1Entities();
-          var credential = db.Credentials.Where(res => (res.uniqueIdCode == user) && (res.provider == 0));
+        // Find the account associated with the email
-          if (credential.Count() == 0) {
+        var app_id = "ZHM5whW5xsZEczTn2loffzjN";
-            // return error 403
+        var url = $"https://api.passage.id/v1/apps/{app_id}/users?identifier={model.patientEmail}";
-            return new HttpStatusCodeResult(HttpStatusCode.Forbidden);
+        var res = httpClient.GetStringAsync(url).Result;
+        if (JsonConvert.DeserializeObject<PassageUserFindReply>(res).Total_Users == 0) {
+          ModelState.AddModelError("patientEmail", "No patient found");
+          return View(model);
         }
-          var dbUser = db.Users.Where(res => res.uuid == credential.First().user);
+        var patientId = JsonConvert.DeserializeObject<PassageUserFindReply>(res).Users[0].Id;
-          // print dbUser
+        var patientCredential = db.Credentials.Where(c => (c.uniqueIdCode == patientId) && (c.provider == 0));
-          Trace.WriteLine(dbUser.First());
+        if (patientCredential.Count() == 0) {
+          ModelState.AddModelError("patientEmail", "No patient found");
+          return View(model);
+        }
+        var patientUuid = patientCredential.First().user;
+        var patient = db.Users.Where(u => u.uuid == patientUuid);
+        if (patient.Count() == 0 || patient.First().role != 1) {
+          ModelState.AddModelError("patientEmail", "No patient found");
+          return View(model);
+        }
+
+        // Store file to server
+        var fileId = Guid.NewGuid().ToString();
+        var fileName = fileId + Path.GetExtension(model.imageFile.FileName);
+        var filePath = Path.Combine(Server.MapPath("~/App_Data/upload_images"), fileName);
+        model.imageFile.SaveAs(filePath);
+
+        // Create image entity to database
+        var appointmentId = Guid.NewGuid().ToString();
+        var imageId = Guid.NewGuid().ToString();
+        var appointment = new Appointments {
+          uuid = appointmentId,
+          patient = patientUuid,
+          responsibleBy = user.uuid,
+          createdAt = DateTime.Now,
+          appointmentDate = DateTime.Now,
+          status = 0,
+          createdBy = 1
+        };
+        var image = new Images {
+          uuid = imageId,
+          appointment = appointmentId,
+          patient = patientUuid,
+          responsibleBy = user.uuid,
+          createdAt = DateTime.Now,
+          file = fileName,
+          status = 0,
+        };
+
+        // Send attached email with mailgun
+        var doctorName = user.displayName;
+        RestClient client = new RestClient(new RestClientOptions ("https://api.mailgun.net/v3/test.astrian.moe") {
+          Authenticator = new HttpBasicAuthenticator("api", "365900a7818241eafcbbf82e59cf99e8-5465e583-b4966e64"),
+        });
+        var request = new RestRequest("messages", Method.Post);
+        request.AddParameter("from", "Xpectrum <xpectrum@test.astrian.moe>");
+        request.AddParameter("to", model.patientEmail);
+        request.AddParameter("subject", "Xpectrum: New image available");
+        request.AddParameter("text", $"Hi {patient.First().displayName},\n\nDr. {doctorName} has uploaded a new image for you.\n\nPlease check the attachment.\n\nBest regards,\nXpectrum");
+        request.AddFile("attachment", filePath);
+
+        // Send request
+        var response = await client.ExecuteAsync(request);
+        Trace.WriteLine(response.Content);
+
         return View();
-        }
       } catch (Exception e) {
         Trace.WriteLine(e);
-        return RedirectToAction("Index");
+        return new HttpStatusCodeResult(HttpStatusCode.BadGateway);
       }
     }
   }

FIT5032-Assignment/FIT5032-Assignment.csproj

@@ -61,8 +61,8 @@
     <Reference Include="JWT, Version=10.0.0.0, Culture=neutral, PublicKeyToken=6f98bca0f40f2ecf, processorArchitecture=MSIL">
       <HintPath>..\packages\JWT.10.1.0\lib\net462\JWT.dll</HintPath>
     </Reference>
-    <Reference Include="Microsoft.Bcl.AsyncInterfaces, Version=6.0.0.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
+    <Reference Include="Microsoft.Bcl.AsyncInterfaces, Version=7.0.0.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.Bcl.AsyncInterfaces.6.0.0\lib\net461\Microsoft.Bcl.AsyncInterfaces.dll</HintPath>
+      <HintPath>..\packages\Microsoft.Bcl.AsyncInterfaces.7.0.0\lib\net462\Microsoft.Bcl.AsyncInterfaces.dll</HintPath>
     </Reference>
     <Reference Include="Microsoft.CSharp" />
     <Reference Include="Microsoft.IdentityModel.Abstractions, Version=7.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
@@ -80,6 +80,9 @@
     <Reference Include="Newtonsoft.Json, Version=13.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed, processorArchitecture=MSIL">
       <HintPath>..\packages\Newtonsoft.Json.13.0.2\lib\net45\Newtonsoft.Json.dll</HintPath>
     </Reference>
+    <Reference Include="RestSharp, Version=110.2.0.0, Culture=neutral, PublicKeyToken=598062e77f915f75, processorArchitecture=MSIL">
+      <HintPath>..\packages\RestSharp.110.2.0\lib\net471\RestSharp.dll</HintPath>
+    </Reference>
     <Reference Include="System" />
     <Reference Include="System.Buffers, Version=4.0.3.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
       <HintPath>..\packages\System.Buffers.4.5.1\lib\net461\System.Buffers.dll</HintPath>
@@ -101,11 +104,11 @@
     </Reference>
     <Reference Include="System.Runtime.Serialization" />
     <Reference Include="System.Security" />
-    <Reference Include="System.Text.Encodings.Web, Version=6.0.0.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
+    <Reference Include="System.Text.Encodings.Web, Version=7.0.0.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
-      <HintPath>..\packages\System.Text.Encodings.Web.6.0.0\lib\net461\System.Text.Encodings.Web.dll</HintPath>
+      <HintPath>..\packages\System.Text.Encodings.Web.7.0.0\lib\net462\System.Text.Encodings.Web.dll</HintPath>
     </Reference>
-    <Reference Include="System.Text.Json, Version=6.0.0.7, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
+    <Reference Include="System.Text.Json, Version=7.0.0.2, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
-      <HintPath>..\packages\System.Text.Json.6.0.7\lib\net461\System.Text.Json.dll</HintPath>
+      <HintPath>..\packages\System.Text.Json.7.0.2\lib\net462\System.Text.Json.dll</HintPath>
     </Reference>
     <Reference Include="System.Threading.Tasks.Extensions, Version=4.2.0.1, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
       <HintPath>..\packages\System.Threading.Tasks.Extensions.4.5.4\lib\net461\System.Threading.Tasks.Extensions.dll</HintPath>

FIT5032-Assignment/Models/ImageUploadForm.cs

@@ -5,6 +5,7 @@ namespace FIT5032_Assignment.Models {
   public class ImageUploadForm {
     [Required]
     [Display(Name = "Assign to patient (email)")]
+    [EmailAddress]
     public string patientEmail { get; set; }
 
     [Required]

FIT5032-Assignment/Views/Home/ImageUpload.cshtml

@@ -23,7 +23,7 @@
         <div class="form-group">
             @Html.LabelFor(model => model.imageFile, htmlAttributes: new { @class = "control-label col-md-2" })
             <div class="col-md-10">
-                <input type="file" name="imageFile" id="imageFile" />
+                <input type="file" name="imageFile" id="imageFile" accept="image/png, image/jpeg" />
                 @Html.ValidationMessageFor(model => model.imageFile, "", new { @class = "text-danger" })
             </div>
         </div>

FIT5032-Assignment/Web.config

@@ -62,11 +62,11 @@
       </dependentAssembly>
       <dependentAssembly>
         <assemblyIdentity name="System.Text.Json" publicKeyToken="cc7b13ffcd2ddd51" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-6.0.0.7" newVersion="6.0.0.7" />
+        <bindingRedirect oldVersion="0.0.0.0-7.0.0.2" newVersion="7.0.0.2" />
       </dependentAssembly>
       <dependentAssembly>
         <assemblyIdentity name="System.Text.Encodings.Web" publicKeyToken="cc7b13ffcd2ddd51" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-6.0.0.0" newVersion="6.0.0.0" />
+        <bindingRedirect oldVersion="0.0.0.0-7.0.0.0" newVersion="7.0.0.0" />
       </dependentAssembly>
     </assemblyBinding>
   </runtime>

FIT5032-Assignment/packages.config

@@ -12,7 +12,7 @@
   <package id="Microsoft.AspNet.Razor" version="3.2.9" targetFramework="net48" />
   <package id="Microsoft.AspNet.Web.Optimization" version="1.1.3" targetFramework="net48" />
   <package id="Microsoft.AspNet.WebPages" version="3.2.9" targetFramework="net48" />
-  <package id="Microsoft.Bcl.AsyncInterfaces" version="6.0.0" targetFramework="net48" />
+  <package id="Microsoft.Bcl.AsyncInterfaces" version="7.0.0" targetFramework="net48" />
   <package id="Microsoft.CodeDom.Providers.DotNetCompilerPlatform" version="2.0.1" targetFramework="net48" />
   <package id="Microsoft.IdentityModel.Abstractions" version="7.0.0" targetFramework="net48" />
   <package id="Microsoft.IdentityModel.JsonWebTokens" version="7.0.0" targetFramework="net48" />
@@ -22,13 +22,14 @@
   <package id="Microsoft.Web.Infrastructure" version="2.0.1" targetFramework="net48" />
   <package id="Modernizr" version="2.8.3" targetFramework="net48" />
   <package id="Newtonsoft.Json" version="13.0.2" targetFramework="net48" />
+  <package id="RestSharp" version="110.2.0" targetFramework="net48" />
   <package id="System.Buffers" version="4.5.1" targetFramework="net48" />
   <package id="System.IdentityModel.Tokens.Jwt" version="7.0.0" targetFramework="net48" />
   <package id="System.Memory" version="4.5.5" targetFramework="net48" />
   <package id="System.Numerics.Vectors" version="4.5.0" targetFramework="net48" />
   <package id="System.Runtime.CompilerServices.Unsafe" version="6.0.0" targetFramework="net48" />
-  <package id="System.Text.Encodings.Web" version="6.0.0" targetFramework="net48" />
+  <package id="System.Text.Encodings.Web" version="7.0.0" targetFramework="net48" />
-  <package id="System.Text.Json" version="6.0.7" targetFramework="net48" />
+  <package id="System.Text.Json" version="7.0.2" targetFramework="net48" />
   <package id="System.Threading.Tasks.Extensions" version="4.5.4" targetFramework="net48" />
   <package id="System.ValueTuple" version="4.5.0" targetFramework="net48" />
   <package id="WebGrease" version="1.6.0" targetFramework="net48" />