Compare commits

...

4 Commits

Author SHA1 Message Date
1c600e8d4d Ignore files 2023-10-12 14:05:55 +11:00
243a7dce87 Email sending 2023-10-12 14:04:54 +11:00
8155446527 File uploading & email sending 2023-10-12 11:59:26 +11:00
18fe6822d4 Verify input when upload image 2023-10-12 10:52:50 +11:00
7 changed files with 145 additions and 40 deletions

3
.gitignore vendored
View File

@ -4,5 +4,4 @@ obj
/.vs/FIT5032-Assignment
/.vs
packages/
FIT5032-Assignment/App_Data/FIT5032_Assignment.mdf
FIT5032-Assignment/App_Data/FIT5032_Assignment_log.ldf
FIT5032-Assignment/App_Data/

View File

@ -20,6 +20,9 @@ using System.Net.Http;
using System.Threading.Tasks;
using Newtonsoft.Json;
using System.Net.Http.Headers;
using System.Dynamic;
using RestSharp;
using RestSharp.Authenticators;
namespace FIT5032_Assignment.Controllers {
@ -32,6 +35,15 @@ namespace FIT5032_Assignment.Controllers {
public string Email { get; set; }
}
public class PassageUserFindReply {
public int Total_Users { get; set; }
public List<PassageUserFindReplyUser> Users { get; set; }
}
public class PassageUserFindReplyUser {
public string Id { get; set; }
}
// Database
public class Database1Entities : DbContext {
public DbSet<Users> Users { get; set; }
@ -65,7 +77,7 @@ namespace FIT5032_Assignment.Controllers {
return new RsaSecurityKey(rsa);
}
private String loginVerify(string token) {
private String psgCredentialVerify(string token) {
var jwtHandler = new JwtSecurityTokenHandler();
var jwtToken = jwtHandler.ReadJwtToken(token);
@ -107,7 +119,21 @@ namespace FIT5032_Assignment.Controllers {
return sub;
}
private Users loginInfo(string user) {
var db = new Database1Entities();
var credential = db.Credentials.Where(res => (res.uniqueIdCode == user) && (res.provider == 0));
if (credential.Count() == 0) {
return null;
} else {
var userUuid = credential.First().user;
var dbUser = db.Users.Where(res => res.uuid == userUuid);
if (dbUser.Count() == 0) {
return null;
} else {
return dbUser.First();
}
}
}
private Database1Entities db = new Database1Entities();
private string GenerateRandomString(int length) {
@ -128,7 +154,7 @@ namespace FIT5032_Assignment.Controllers {
public ActionResult Index() {
// If user logged in, show user name
if (Request.Cookies["psg_auth_token"] != null) {
var user = loginVerify(Request.Cookies["psg_auth_token"].Value);
var user = psgCredentialVerify(Request.Cookies["psg_auth_token"].Value);
if (user != null) {
var db = new Database1Entities();
var credential = db.Credentials.Where(res => (res.uniqueIdCode == user) && (res.provider == 0));
@ -155,7 +181,7 @@ namespace FIT5032_Assignment.Controllers {
var psg_auth_token = Request.Cookies["psg_auth_token"];
Trace.WriteLine(psg_auth_token.Value);
// JWT Verify
string sub = loginVerify(psg_auth_token.Value);
string sub = psgCredentialVerify(psg_auth_token.Value);
if (sub == null) {
return RedirectToAction("Login");
} else {
@ -181,7 +207,7 @@ namespace FIT5032_Assignment.Controllers {
// Verify user is logged in
var psg_auth_token = Request.Cookies["psg_auth_token"];
var user = loginVerify(psg_auth_token.Value);
var user = psgCredentialVerify(psg_auth_token.Value);
if (user == null) {
return RedirectToAction("Login");
}
@ -254,7 +280,7 @@ namespace FIT5032_Assignment.Controllers {
// Redirect to home page
return RedirectToAction("Index");
}
var user = loginVerify(Request.Cookies["psg_auth_token"].Value);
var user = psgCredentialVerify(Request.Cookies["psg_auth_token"].Value);
if (user == null) {
// Redirect to home page
return RedirectToAction("Index");
@ -277,32 +303,107 @@ namespace FIT5032_Assignment.Controllers {
}
[HttpPost]
public ActionResult ImageUpload(Models.ImageUploadForm model) {
public async Task<ActionResult> ImageUpload(Models.ImageUploadForm model) {
try {
if (Request.Cookies["psg_auth_token"] == null) {
// Redirect to home page
return new HttpStatusCodeResult(HttpStatusCode.Forbidden);
// Return 401 error
return new HttpStatusCodeResult(HttpStatusCode.Unauthorized);
}
var user = loginVerify(Request.Cookies["psg_auth_token"].Value);
if (user == null) {
// Redirect to home page
return new HttpStatusCodeResult(HttpStatusCode.Forbidden);
} else {
// Detect if user is doctor or patient
var userCre = psgCredentialVerify(Request.Cookies["psg_auth_token"].Value);
var user = loginInfo(userCre);
if (user.role != 2) {
// Return 403 error if user is not doctor
return new HttpStatusCodeResult(HttpStatusCode.Forbidden) ;
}
// check recived items
if (!ModelState.IsValid) {
ModelState.AddModelError("patientEmail", "Form not valid");
return View(model);
}
// check uploaded file
if (model.imageFile == null) {
ModelState.AddModelError("imageFile", "Please upload a file");
return View(model);
}
// check format: png, jpg
if (model.imageFile.ContentType != "image/png" && model.imageFile.ContentType != "image/jpeg") {
ModelState.AddModelError("imageFile", "Please upload a png or jpg file");
return View(model);
}
// Check if the email have a patient profile
var db = new Database1Entities();
var credential = db.Credentials.Where(res => (res.uniqueIdCode == user) && (res.provider == 0));
if (credential.Count() == 0) {
// return error 403
return new HttpStatusCodeResult(HttpStatusCode.Forbidden);
// Find the account associated with the email
var app_id = "ZHM5whW5xsZEczTn2loffzjN";
var url = $"https://api.passage.id/v1/apps/{app_id}/users?identifier={model.patientEmail}";
var res = httpClient.GetStringAsync(url).Result;
if (JsonConvert.DeserializeObject<PassageUserFindReply>(res).Total_Users == 0) {
ModelState.AddModelError("patientEmail", "No patient found");
return View(model);
}
var dbUser = db.Users.Where(res => res.uuid == credential.First().user);
// print dbUser
Trace.WriteLine(dbUser.First());
var patientId = JsonConvert.DeserializeObject<PassageUserFindReply>(res).Users[0].Id;
var patientCredential = db.Credentials.Where(c => (c.uniqueIdCode == patientId) && (c.provider == 0));
if (patientCredential.Count() == 0) {
ModelState.AddModelError("patientEmail", "No patient found");
return View(model);
}
var patientUuid = patientCredential.First().user;
var patient = db.Users.Where(u => u.uuid == patientUuid);
if (patient.Count() == 0 || patient.First().role != 1) {
ModelState.AddModelError("patientEmail", "No patient found");
return View(model);
}
// Store file to server
var fileId = Guid.NewGuid().ToString();
var fileName = fileId + Path.GetExtension(model.imageFile.FileName);
var filePath = Path.Combine(Server.MapPath("~/App_Data/upload_images"), fileName);
model.imageFile.SaveAs(filePath);
// Create image entity to database
var appointmentId = Guid.NewGuid().ToString();
var imageId = Guid.NewGuid().ToString();
var appointment = new Appointments {
uuid = appointmentId,
patient = patientUuid,
responsibleBy = user.uuid,
createdAt = DateTime.Now,
appointmentDate = DateTime.Now,
status = 0,
createdBy = 1
};
var image = new Images {
uuid = imageId,
appointment = appointmentId,
patient = patientUuid,
responsibleBy = user.uuid,
createdAt = DateTime.Now,
file = fileName,
status = 0,
};
// Send attached email with mailgun
var doctorName = user.displayName;
RestClient client = new RestClient(new RestClientOptions ("https://api.mailgun.net/v3/test.astrian.moe") {
Authenticator = new HttpBasicAuthenticator("api", "365900a7818241eafcbbf82e59cf99e8-5465e583-b4966e64"),
});
var request = new RestRequest("messages", Method.Post);
request.AddParameter("from", "Xpectrum <xpectrum@test.astrian.moe>");
request.AddParameter("to", model.patientEmail);
request.AddParameter("subject", "Xpectrum: New image available");
request.AddParameter("text", $"Hi {patient.First().displayName},\n\nDr. {doctorName} has uploaded a new image for you.\n\nPlease check the attachment.\n\nBest regards,\nXpectrum");
request.AddFile("attachment", filePath);
// Send request
var response = await client.ExecuteAsync(request);
Trace.WriteLine(response.Content);
return View();
}
} catch (Exception e) {
Trace.WriteLine(e);
return RedirectToAction("Index");
return new HttpStatusCodeResult(HttpStatusCode.BadGateway);
}
}
}

View File

@ -61,8 +61,8 @@
<Reference Include="JWT, Version=10.0.0.0, Culture=neutral, PublicKeyToken=6f98bca0f40f2ecf, processorArchitecture=MSIL">
<HintPath>..\packages\JWT.10.1.0\lib\net462\JWT.dll</HintPath>
</Reference>
<Reference Include="Microsoft.Bcl.AsyncInterfaces, Version=6.0.0.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
<HintPath>..\packages\Microsoft.Bcl.AsyncInterfaces.6.0.0\lib\net461\Microsoft.Bcl.AsyncInterfaces.dll</HintPath>
<Reference Include="Microsoft.Bcl.AsyncInterfaces, Version=7.0.0.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
<HintPath>..\packages\Microsoft.Bcl.AsyncInterfaces.7.0.0\lib\net462\Microsoft.Bcl.AsyncInterfaces.dll</HintPath>
</Reference>
<Reference Include="Microsoft.CSharp" />
<Reference Include="Microsoft.IdentityModel.Abstractions, Version=7.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
@ -80,6 +80,9 @@
<Reference Include="Newtonsoft.Json, Version=13.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed, processorArchitecture=MSIL">
<HintPath>..\packages\Newtonsoft.Json.13.0.2\lib\net45\Newtonsoft.Json.dll</HintPath>
</Reference>
<Reference Include="RestSharp, Version=110.2.0.0, Culture=neutral, PublicKeyToken=598062e77f915f75, processorArchitecture=MSIL">
<HintPath>..\packages\RestSharp.110.2.0\lib\net471\RestSharp.dll</HintPath>
</Reference>
<Reference Include="System" />
<Reference Include="System.Buffers, Version=4.0.3.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
<HintPath>..\packages\System.Buffers.4.5.1\lib\net461\System.Buffers.dll</HintPath>
@ -101,11 +104,11 @@
</Reference>
<Reference Include="System.Runtime.Serialization" />
<Reference Include="System.Security" />
<Reference Include="System.Text.Encodings.Web, Version=6.0.0.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
<HintPath>..\packages\System.Text.Encodings.Web.6.0.0\lib\net461\System.Text.Encodings.Web.dll</HintPath>
<Reference Include="System.Text.Encodings.Web, Version=7.0.0.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
<HintPath>..\packages\System.Text.Encodings.Web.7.0.0\lib\net462\System.Text.Encodings.Web.dll</HintPath>
</Reference>
<Reference Include="System.Text.Json, Version=6.0.0.7, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
<HintPath>..\packages\System.Text.Json.6.0.7\lib\net461\System.Text.Json.dll</HintPath>
<Reference Include="System.Text.Json, Version=7.0.0.2, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
<HintPath>..\packages\System.Text.Json.7.0.2\lib\net462\System.Text.Json.dll</HintPath>
</Reference>
<Reference Include="System.Threading.Tasks.Extensions, Version=4.2.0.1, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
<HintPath>..\packages\System.Threading.Tasks.Extensions.4.5.4\lib\net461\System.Threading.Tasks.Extensions.dll</HintPath>

View File

@ -5,6 +5,7 @@ namespace FIT5032_Assignment.Models {
public class ImageUploadForm {
[Required]
[Display(Name = "Assign to patient (email)")]
[EmailAddress]
public string patientEmail { get; set; }
[Required]

View File

@ -23,7 +23,7 @@
<div class="form-group">
@Html.LabelFor(model => model.imageFile, htmlAttributes: new { @class = "control-label col-md-2" })
<div class="col-md-10">
<input type="file" name="imageFile" id="imageFile" />
<input type="file" name="imageFile" id="imageFile" accept="image/png, image/jpeg" />
@Html.ValidationMessageFor(model => model.imageFile, "", new { @class = "text-danger" })
</div>
</div>

View File

@ -62,11 +62,11 @@
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Text.Json" publicKeyToken="cc7b13ffcd2ddd51" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-6.0.0.7" newVersion="6.0.0.7" />
<bindingRedirect oldVersion="0.0.0.0-7.0.0.2" newVersion="7.0.0.2" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Text.Encodings.Web" publicKeyToken="cc7b13ffcd2ddd51" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-6.0.0.0" newVersion="6.0.0.0" />
<bindingRedirect oldVersion="0.0.0.0-7.0.0.0" newVersion="7.0.0.0" />
</dependentAssembly>
</assemblyBinding>
</runtime>

View File

@ -12,7 +12,7 @@
<package id="Microsoft.AspNet.Razor" version="3.2.9" targetFramework="net48" />
<package id="Microsoft.AspNet.Web.Optimization" version="1.1.3" targetFramework="net48" />
<package id="Microsoft.AspNet.WebPages" version="3.2.9" targetFramework="net48" />
<package id="Microsoft.Bcl.AsyncInterfaces" version="6.0.0" targetFramework="net48" />
<package id="Microsoft.Bcl.AsyncInterfaces" version="7.0.0" targetFramework="net48" />
<package id="Microsoft.CodeDom.Providers.DotNetCompilerPlatform" version="2.0.1" targetFramework="net48" />
<package id="Microsoft.IdentityModel.Abstractions" version="7.0.0" targetFramework="net48" />
<package id="Microsoft.IdentityModel.JsonWebTokens" version="7.0.0" targetFramework="net48" />
@ -22,13 +22,14 @@
<package id="Microsoft.Web.Infrastructure" version="2.0.1" targetFramework="net48" />
<package id="Modernizr" version="2.8.3" targetFramework="net48" />
<package id="Newtonsoft.Json" version="13.0.2" targetFramework="net48" />
<package id="RestSharp" version="110.2.0" targetFramework="net48" />
<package id="System.Buffers" version="4.5.1" targetFramework="net48" />
<package id="System.IdentityModel.Tokens.Jwt" version="7.0.0" targetFramework="net48" />
<package id="System.Memory" version="4.5.5" targetFramework="net48" />
<package id="System.Numerics.Vectors" version="4.5.0" targetFramework="net48" />
<package id="System.Runtime.CompilerServices.Unsafe" version="6.0.0" targetFramework="net48" />
<package id="System.Text.Encodings.Web" version="6.0.0" targetFramework="net48" />
<package id="System.Text.Json" version="6.0.7" targetFramework="net48" />
<package id="System.Text.Encodings.Web" version="7.0.0" targetFramework="net48" />
<package id="System.Text.Json" version="7.0.2" targetFramework="net48" />
<package id="System.Threading.Tasks.Extensions" version="4.5.4" targetFramework="net48" />
<package id="System.ValueTuple" version="4.5.0" targetFramework="net48" />
<package id="WebGrease" version="1.6.0" targetFramework="net48" />