API

EOS.sql

+USE [master]
+GO
+/****** Object:  Database [EOS]    Script Date: 18/06/2023 8:21:46 CH ******/
+CREATE DATABASE [EOS]
+ CONTAINMENT = NONE
+ ON  PRIMARY 
+( NAME = N'EOS', FILENAME = N'C:\Program Files\Microsoft SQL Server\MSSQL15.SQLEXPRESS\MSSQL\DATA\EOS.mdf' , SIZE = 8192KB , MAXSIZE = UNLIMITED, FILEGROWTH = 65536KB )
+ LOG ON 
+( NAME = N'EOS_log', FILENAME = N'C:\Program Files\Microsoft SQL Server\MSSQL15.SQLEXPRESS\MSSQL\DATA\EOS_log.ldf' , SIZE = 8192KB , MAXSIZE = 2048GB , FILEGROWTH = 65536KB )
+ WITH CATALOG_COLLATION = DATABASE_DEFAULT
+GO
+ALTER DATABASE [EOS] SET COMPATIBILITY_LEVEL = 150
+GO
+IF (1 = FULLTEXTSERVICEPROPERTY('IsFullTextInstalled'))
+begin
+EXEC [EOS].[dbo].[sp_fulltext_database] @action = 'enable'
+end
+GO
+ALTER DATABASE [EOS] SET ANSI_NULL_DEFAULT OFF 
+GO
+ALTER DATABASE [EOS] SET ANSI_NULLS OFF 
+GO
+ALTER DATABASE [EOS] SET ANSI_PADDING OFF 
+GO
+ALTER DATABASE [EOS] SET ANSI_WARNINGS OFF 
+GO
+ALTER DATABASE [EOS] SET ARITHABORT OFF 
+GO
+ALTER DATABASE [EOS] SET AUTO_CLOSE ON 
+GO
+ALTER DATABASE [EOS] SET AUTO_SHRINK OFF 
+GO
+ALTER DATABASE [EOS] SET AUTO_UPDATE_STATISTICS ON 
+GO
+ALTER DATABASE [EOS] SET CURSOR_CLOSE_ON_COMMIT OFF 
+GO
+ALTER DATABASE [EOS] SET CURSOR_DEFAULT  GLOBAL 
+GO
+ALTER DATABASE [EOS] SET CONCAT_NULL_YIELDS_NULL OFF 
+GO
+ALTER DATABASE [EOS] SET NUMERIC_ROUNDABORT OFF 
+GO
+ALTER DATABASE [EOS] SET QUOTED_IDENTIFIER OFF 
+GO
+ALTER DATABASE [EOS] SET RECURSIVE_TRIGGERS OFF 
+GO
+ALTER DATABASE [EOS] SET  ENABLE_BROKER 
+GO
+ALTER DATABASE [EOS] SET AUTO_UPDATE_STATISTICS_ASYNC OFF 
+GO
+ALTER DATABASE [EOS] SET DATE_CORRELATION_OPTIMIZATION OFF 
+GO
+ALTER DATABASE [EOS] SET TRUSTWORTHY OFF 
+GO
+ALTER DATABASE [EOS] SET ALLOW_SNAPSHOT_ISOLATION OFF 
+GO
+ALTER DATABASE [EOS] SET PARAMETERIZATION SIMPLE 
+GO
+ALTER DATABASE [EOS] SET READ_COMMITTED_SNAPSHOT OFF 
+GO
+ALTER DATABASE [EOS] SET HONOR_BROKER_PRIORITY OFF 
+GO
+ALTER DATABASE [EOS] SET RECOVERY SIMPLE 
+GO
+ALTER DATABASE [EOS] SET  MULTI_USER 
+GO
+ALTER DATABASE [EOS] SET PAGE_VERIFY CHECKSUM  
+GO
+ALTER DATABASE [EOS] SET DB_CHAINING OFF 
+GO
+ALTER DATABASE [EOS] SET FILESTREAM( NON_TRANSACTED_ACCESS = OFF ) 
+GO
+ALTER DATABASE [EOS] SET TARGET_RECOVERY_TIME = 60 SECONDS 
+GO
+ALTER DATABASE [EOS] SET DELAYED_DURABILITY = DISABLED 
+GO
+ALTER DATABASE [EOS] SET ACCELERATED_DATABASE_RECOVERY = OFF  
+GO
+ALTER DATABASE [EOS] SET QUERY_STORE = OFF
+GO
+USE [EOS]
+GO
+/****** Object:  Table [dbo].[Question]    Script Date: 18/06/2023 8:21:46 CH ******/
+SET ANSI_NULLS ON
+GO
+SET QUOTED_IDENTIFIER ON
+GO
+CREATE TABLE [dbo].[Question](
+	[QuestionID] [int] IDENTITY(1,1) NOT NULL,
+	[CategoryID] [int] NOT NULL,
+	[SubjectID] [int] NOT NULL,
+	[Answer] [nvarchar](max) NOT NULL,
+	[Status] [int] NOT NULL,
+ CONSTRAINT [PK_Question] PRIMARY KEY CLUSTERED 
+(
+	[QuestionID] ASC
+)WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON, OPTIMIZE_FOR_SEQUENTIAL_KEY = OFF) ON [PRIMARY]
+) ON [PRIMARY] TEXTIMAGE_ON [PRIMARY]
+GO
+/****** Object:  Table [dbo].[QuestionCategory]    Script Date: 18/06/2023 8:21:46 CH ******/
+SET ANSI_NULLS ON
+GO
+SET QUOTED_IDENTIFIER ON
+GO
+CREATE TABLE [dbo].[QuestionCategory](
+	[CategoryID] [int] IDENTITY(1,1) NOT NULL,
+	[CategoryName] [nvarchar](50) NOT NULL,
+	[Status] [int] NOT NULL,
+ CONSTRAINT [PK_QuestionCategory] PRIMARY KEY CLUSTERED 
+(
+	[CategoryID] ASC
+)WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON, OPTIMIZE_FOR_SEQUENTIAL_KEY = OFF) ON [PRIMARY]
+) ON [PRIMARY]
+GO
+/****** Object:  Table [dbo].[Subject]    Script Date: 18/06/2023 8:21:46 CH ******/
+SET ANSI_NULLS ON
+GO
+SET QUOTED_IDENTIFIER ON
+GO
+CREATE TABLE [dbo].[Subject](
+	[SubjectID] [int] IDENTITY(1,1) NOT NULL,
+	[CategoryID] [int] NOT NULL,
+	[SubjectName] [nvarchar](100) NOT NULL,
+	[Status] [int] NOT NULL,
+ CONSTRAINT [PK_Subject] PRIMARY KEY CLUSTERED 
+(
+	[SubjectID] ASC
+)WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON, OPTIMIZE_FOR_SEQUENTIAL_KEY = OFF) ON [PRIMARY]
+) ON [PRIMARY]
+GO
+/****** Object:  Table [dbo].[SubjectCategory]    Script Date: 18/06/2023 8:21:46 CH ******/
+SET ANSI_NULLS ON
+GO
+SET QUOTED_IDENTIFIER ON
+GO
+CREATE TABLE [dbo].[SubjectCategory](
+	[CategoryID] [int] IDENTITY(1,1) NOT NULL,
+	[CategoryName] [nvarchar](50) NOT NULL,
+	[Status] [int] NOT NULL,
+ CONSTRAINT [PK_SubjectCategory] PRIMARY KEY CLUSTERED 
+(
+	[CategoryID] ASC
+)WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON, OPTIMIZE_FOR_SEQUENTIAL_KEY = OFF) ON [PRIMARY]
+) ON [PRIMARY]
+GO
+/****** Object:  Table [dbo].[User]    Script Date: 18/06/2023 8:21:46 CH ******/
+SET ANSI_NULLS ON
+GO
+SET QUOTED_IDENTIFIER ON
+GO
+CREATE TABLE [dbo].[User](
+	[Email] [nvarchar](255) NOT NULL,
+	[Password] [nvarchar](25) NOT NULL,
+	[Fullname] [nvarchar](255) NULL,
+	[Phone] [int] NULL,
+	[Role] [int] NULL,
+	[Status] [int] NULL,
+ CONSTRAINT [PK_User] PRIMARY KEY CLUSTERED 
+(
+	[Email] ASC,
+	[Password] ASC
+)WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON, OPTIMIZE_FOR_SEQUENTIAL_KEY = OFF) ON [PRIMARY]
+) ON [PRIMARY]
+GO
+ALTER TABLE [dbo].[Question]  WITH CHECK ADD  CONSTRAINT [FK_Question_QuestionCategory] FOREIGN KEY([CategoryID])
+REFERENCES [dbo].[QuestionCategory] ([CategoryID])
+GO
+ALTER TABLE [dbo].[Question] CHECK CONSTRAINT [FK_Question_QuestionCategory]
+GO
+ALTER TABLE [dbo].[Question]  WITH CHECK ADD  CONSTRAINT [FK_Question_Subject] FOREIGN KEY([SubjectID])
+REFERENCES [dbo].[Subject] ([SubjectID])
+GO
+ALTER TABLE [dbo].[Question] CHECK CONSTRAINT [FK_Question_Subject]
+GO
+ALTER TABLE [dbo].[Subject]  WITH CHECK ADD  CONSTRAINT [FK_Subject_SubjectCategory] FOREIGN KEY([CategoryID])
+REFERENCES [dbo].[SubjectCategory] ([CategoryID])
+GO
+ALTER TABLE [dbo].[Subject] CHECK CONSTRAINT [FK_Subject_SubjectCategory]
+GO
+USE [master]
+GO
+ALTER DATABASE [EOS] SET  READ_WRITE 
+GO

EOS_Teacher/API/API.csproj

+<Project Sdk="Microsoft.NET.Sdk.Web">
+
+  <PropertyGroup>
+    <TargetFramework>net6.0</TargetFramework>
+    <Nullable>enable</Nullable>
+    <ImplicitUsings>enable</ImplicitUsings>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="6.0.19" />
+    <PackageReference Include="Microsoft.AspNetCore.Identity.EntityFrameworkCore" Version="6.0.19" />
+    <PackageReference Include="Microsoft.AspNetCore.OData" Version="8.2.0" />
+    <PackageReference Include="Swashbuckle.AspNetCore" Version="6.5.0" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <ProjectReference Include="..\BusinessLayer\BusinessLayer.csproj" />
+  </ItemGroup>
+
+</Project>

EOS_Teacher/API/API.csproj.user

+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="Current" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <PropertyGroup>
+    <Controller_SelectedScaffolderID>MvcControllerEmptyScaffolder</Controller_SelectedScaffolderID>
+    <Controller_SelectedScaffolderCategoryPath>root/Common/MVC/Controller</Controller_SelectedScaffolderCategoryPath>
+    <WebStackScaffolding_ControllerDialogWidth>650</WebStackScaffolding_ControllerDialogWidth>
+  </PropertyGroup>
+</Project>
\ No newline at end of file

EOS_Teacher/API/AppSetttings.cs

+namespace API
+{
+    public class AppSettings
+    {
+        public string SecretKey { get; set; }
+    }
+}
\ No newline at end of file

EOS_Teacher/API/Controllers/ExamController.cs

+using BusinessLayer.IRepository;
+using DataAccess.DAOs;
+using DataAccess.DTOs.Request;
+using DataAccess.Models;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.OData.Query;
+using System.Data;
+
+// For more information on enabling Web API for empty projects, visit https://go.microsoft.com/fwlink/?LinkID=397860
+
+namespace API.Controllers
+{
+    [Route("api/[controller]")]
+    [ApiController]
+    public class ExamController : ControllerBase
+    {
+        private IExamRepository _examRepository;
+
+        public ExamController(IExamRepository examRepository)
+        {
+            _examRepository = examRepository;
+        }
+
+        [HttpGet]
+        [EnableQuery]
+        [Authorize(AuthenticationSchemes = "Bearer", Roles = "1")]
+        public IActionResult Get()
+        {
+            return Ok(_examRepository.GetExamList());
+        }
+    }
+}

EOS_Teacher/API/Controllers/ExamQuestionController.cs

+using BusinessLayer.IRepository;
+using BusinessLayer.Repository;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.OData.Query;
+using System.Data;
+
+namespace API.Controllers
+{
+    [Route("api/[controller]")]
+    [ApiController]
+    public class ExamQuestionController : ControllerBase
+    {
+        private IExamQuestionRepository _examQuestionRepository;
+
+        public ExamQuestionController(IExamQuestionRepository examQuestionRepository)
+        {
+            _examQuestionRepository = examQuestionRepository;
+        }
+
+        [HttpGet("{examId}")]
+        [EnableQuery]
+        [Authorize(AuthenticationSchemes = "Bearer", Roles = "1")]
+        public IActionResult Get(int examId)
+        {
+            return Ok(_examQuestionRepository.GetAllExamQuestions(examId));
+        }
+    }
+}

EOS_Teacher/API/Controllers/QuestionCategoryController.cs

+using BusinessLayer.IRepository;
+using BusinessLayer.Repository;
+using DataAccess.DTOs;
+using DataAccess.Models;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.OData.Query;
+using System.Data;
+
+namespace API.Controllers
+{
+    [Route("api/[controller]")]
+    [ApiController]
+    public class QuestionCategoryController : ControllerBase
+    {
+        private IQuestionCategoryRepository _questionCategoryRepository;
+
+        public QuestionCategoryController(IQuestionCategoryRepository questionCategoryRepository)
+        {
+            _questionCategoryRepository = questionCategoryRepository;
+        }
+
+        [HttpGet]
+        [EnableQuery]
+        [Authorize(AuthenticationSchemes = "Bearer")]
+        public IActionResult Get(int? status)
+        {
+            return Ok(_questionCategoryRepository.GetAll(status));
+        }
+
+        [HttpGet("Id")]
+        [Authorize(AuthenticationSchemes = "Bearer")]
+        public IActionResult Get(int id, int? status)
+        {
+            return Ok(_questionCategoryRepository.GetById(id, status));
+        }
+
+        [HttpPost]
+        [Authorize(AuthenticationSchemes = "Bearer", Roles = "0")]
+        public void Post([FromBody] QuestionCategoryDTO questionCategoryDTO)
+        {
+            if(Exist(questionCategoryDTO))
+            {
+                return;
+            }
+            _questionCategoryRepository.Add(questionCategoryDTO);
+        }
+
+        [HttpPut]
+        [Authorize(AuthenticationSchemes = "Bearer", Roles = "0")]
+        public void Put([FromBody] QuestionCategoryDTO questionCategoryDTO)
+        {
+            if (Exist(questionCategoryDTO))
+            {
+                return;
+            }
+            _questionCategoryRepository.Update(questionCategoryDTO);
+        }
+
+        [HttpDelete]
+        [Authorize(AuthenticationSchemes = "Bearer", Roles = "0")]
+        public void Delete(int id)
+        {
+            _questionCategoryRepository.Delete(id);
+        }
+
+        private bool Exist(QuestionCategoryDTO questionCategoryDTO)
+        {
+            var item = _questionCategoryRepository.GetByName(questionCategoryDTO.CategoryId, questionCategoryDTO.CategoryName);
+            return item != null;
+        }
+    }
+}

EOS_Teacher/API/Controllers/QuestionController.cs

+using BusinessLayer.IRepository;
+using BusinessLayer.Repository;
+using DataAccess.DTOs;
+using DataAccess.DTOs.Request;
+using DataAccess.Models;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.OData.Query;
+
+namespace API.Controllers
+{
+    [Route("api/[controller]")]
+    [ApiController]
+    public class QuestionController : ControllerBase
+    {
+        private IQuestionRepository _questionRepository;
+
+        public QuestionController(IQuestionRepository questionRepository)
+        {
+            _questionRepository = questionRepository;
+        }
+
+        [HttpGet]
+        [EnableQuery]
+        [Authorize(AuthenticationSchemes = "Bearer", Roles = "1")]
+        public IActionResult Get()
+        {
+            return Ok(_questionRepository.GetAll());
+        }
+
+        [HttpGet("Id")]
+        [Authorize(AuthenticationSchemes = "Bearer", Roles = "1")]
+        public IActionResult Get(int id)
+        {
+            return Ok(_questionRepository.GetById(id));
+        }
+
+        [HttpPost]
+        [Authorize(AuthenticationSchemes = "Bearer", Roles = "1")]
+        public void Post([FromBody] QuestionRequestDTO questionDTO)
+        {
+            if (Exist(questionDTO))
+            {
+                return;
+            }
+            _questionRepository.Add(questionDTO);
+        }
+
+        [HttpPut]
+        [Authorize(AuthenticationSchemes = "Bearer", Roles = "1")]
+        public void Put([FromBody] QuestionRequestDTO questionDTO)
+        {
+            _questionRepository.Update(questionDTO);
+        }
+
+        [HttpDelete]
+        [Authorize(AuthenticationSchemes = "Bearer", Roles = "1")]
+        public void Delete(int id)
+        {
+            _questionRepository.Delete(id);
+        }
+        private bool Exist(QuestionRequestDTO questionRequestDTO)
+        {
+            var item = _questionRepository.GetByContent(questionRequestDTO.QuestionId, questionRequestDTO.Content);
+            return item != null;
+        }
+    }
+}

EOS_Teacher/API/Controllers/SubjectCategoryController.cs

+using BusinessLayer.IRepository;
+using BusinessLayer.Repository;
+using DataAccess.DAOs;
+using DataAccess.DTOs;
+using DataAccess.Models;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.OData.Query;
+using System.Data;
+
+namespace API.Controllers
+{
+    [Route("api/[controller]")]
+    [ApiController]
+    public class SubjectCategoryController : ControllerBase
+    {
+        private ISubjectCategoryRepository _subjectCategoryRepository;
+
+        public SubjectCategoryController(ISubjectCategoryRepository subjectCategoryRepository)
+        {
+            _subjectCategoryRepository = subjectCategoryRepository;
+        }
+
+        [HttpGet]
+        [EnableQuery]
+        [Authorize(AuthenticationSchemes = "Bearer")]
+        public IActionResult Get(int? status)
+        {
+            return Ok(_subjectCategoryRepository.GetAll(status));
+        }
+
+        [HttpGet("Id")]
+        [Authorize(AuthenticationSchemes = "Bearer")]
+        public IActionResult Get(int id, int? status)
+        {
+            return Ok(_subjectCategoryRepository.GetById(id, status));
+        }
+
+        [HttpGet("Name")]
+        [Authorize(AuthenticationSchemes = "Bearer")]
+        public IActionResult Get(string name)
+        {
+            return Ok(_subjectCategoryRepository.GetByName(name));
+        }
+
+        [HttpPost]
+        [Authorize(AuthenticationSchemes = "Bearer", Roles = "0")]
+        public void Post([FromBody] SubjectCategoryDTO subjectCategoryDTO)
+        {
+            if (Exist(subjectCategoryDTO))
+            {
+                return;
+            }
+            _subjectCategoryRepository.Add(subjectCategoryDTO);
+        }
+
+        [HttpPut]
+        [Authorize(AuthenticationSchemes = "Bearer", Roles = "0")]
+        public void Put([FromBody] SubjectCategoryDTO subjectCategoryDTO)
+        {
+            if (Exist(subjectCategoryDTO))
+            {
+                return;
+            }
+            _subjectCategoryRepository.Update(subjectCategoryDTO);
+        }
+
+        [HttpDelete]
+        [Authorize(AuthenticationSchemes = "Bearer", Roles = "0")]
+        public void Delete(int id)
+        {
+            _subjectCategoryRepository.Delete(id);
+        }
+        private bool Exist(SubjectCategoryDTO subjectCategory)
+        {
+            var item = _subjectCategoryRepository.GetByName(subjectCategory.CategoryId, subjectCategory.CategoryName);
+            return item != null;
+        }
+    }
+}

EOS_Teacher/API/Controllers/SubjectController.cs

+using BusinessLayer.IRepository;
+using BusinessLayer.Repository;
+using DataAccess.DTOs;
+using DataAccess.DTOs.Request;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.OData.Query;
+
+namespace API.Controllers
+{
+    [Route("api/[controller]")]
+    [ApiController]
+    public class SubjectController : ControllerBase
+    {
+        private ISubjectRepository _subjectRepository;
+
+        public SubjectController(ISubjectRepository subjectRepository)
+        {
+            _subjectRepository = subjectRepository;
+        }
+
+        [HttpGet]
+        [EnableQuery]
+        [Authorize(AuthenticationSchemes = "Bearer")]
+        public IActionResult Get(int? status)
+        {
+            return Ok(_subjectRepository.GetAll(status));
+        }
+
+        [HttpGet("Id")]
+        [Authorize(AuthenticationSchemes = "Bearer")]
+        public IActionResult Get(int id, int? status)
+        {
+            return Ok(_subjectRepository.GetById(id, status));
+        }
+
+        [HttpGet("Name")]
+        [Authorize(AuthenticationSchemes = "Bearer")]
+        public IActionResult Get(string name)
+        {
+            return Ok(_subjectRepository.GetByName(name));
+        }
+
+        [HttpPost]
+        [Authorize(AuthenticationSchemes = "Bearer", Roles = "0")]
+        public void Post([FromBody] SubjectRequestDTO subjectDTO)
+        {
+            if (Exist(subjectDTO))
+            {
+                return;
+            }
+            _subjectRepository.Add(subjectDTO);
+        }
+
+        [HttpPut]
+        [Authorize(AuthenticationSchemes = "Bearer", Roles = "0")]
+        public void Put([FromBody] SubjectRequestDTO subjectDTO)
+        {
+            if (Exist(subjectDTO))
+            {
+                return;
+            }
+            _subjectRepository.Update(subjectDTO);
+        }
+
+        [HttpDelete]
+        [Authorize(AuthenticationSchemes = "Bearer", Roles = "0")]
+        public void Delete(int id)
+        {
+            _subjectRepository.Delete(id);
+        }
+        private bool Exist(SubjectRequestDTO subjectRequestDTO)
+        {
+            var item = _subjectRepository.GetByName(subjectRequestDTO.SubjectId, subjectRequestDTO.SubjectName);
+            return item != null;
+        }
+    }
+}

EOS_Teacher/API/Controllers/UserController.cs

+using API.Helpers;
+using BusinessLayer.IRepository;
+using DataAccess.DTOs;
+using DataAccess.Models;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.OData.Query;
+using Microsoft.Extensions.Options;
+using Microsoft.IdentityModel.Tokens;
+using System.Data;
+using System.IdentityModel.Tokens.Jwt;
+using System.Security.Claims;
+using System.Text;
+
+namespace API.Controllers
+{
+    [Route("[controller]")]
+    [ApiController]
+    public class UserController : ControllerBase
+    {
+        private IUserRepository _userRepository;
+        private readonly AppSettings _appSettings;
+
+        public UserController(IUserRepository userRepository, IOptionsMonitor<AppSettings> optionsMonitor)
+        {
+            _userRepository = userRepository;
+            _appSettings = optionsMonitor.CurrentValue;
+        }
+
+        [HttpGet]
+        [EnableQuery]
+        [Authorize(AuthenticationSchemes = "Bearer")]
+        public IActionResult Get()
+        {
+           return Ok(_userRepository.GetAll());
+        }
+
+        [HttpGet("Login")]
+        public IActionResult Get(string email, string pwd) 
+        { 
+            var user = _userRepository.Get(email, pwd);
+            if (user == null)
+            {
+                return Ok(new RespondMessage
+                {
+                    Success = false,
+                    Message = "Invalid Email or Password"
+                });
+            }
+            else
+            {
+                return Ok(new RespondMessage
+                {
+                    Success = true,
+                    Message = "Authenticate success",
+                    Data = GenerateToken(user)
+                });
+            }
+        }
+
+        [HttpPost]
+        public void Post([FromBody] UserDTO userDTO)
+        {
+            _userRepository.Add(userDTO);
+        }
+
+        [HttpPut]
+        public void Put([FromBody] UserDTO userDTO)
+        { 
+            _userRepository.Update(userDTO);
+        }
+
+        [HttpDelete]
+        [Authorize(AuthenticationSchemes = "Bearer", Roles = "0")]
+        public void Delete([FromBody] UserDTO userDTO)
+        {
+            _userRepository.Delete(userDTO);
+        }
+
+        private string GenerateToken(UserDTO user)
+        {
+            var jwtTokenHandle = new JwtSecurityTokenHandler();
+
+            var secretKeyBytes = Encoding.UTF8.GetBytes(_appSettings.SecretKey);
+            var tokenDes = new SecurityTokenDescriptor
+            {
+                Subject = new ClaimsIdentity(new[]
+                {
+                    new Claim(ClaimTypes.Email, user.Email),
+
+                    //role
+                    new Claim(ClaimTypes.Role, user.Role.ToString()),
+                    new Claim("TokenId", Guid.NewGuid().ToString())
+                }),
+                Expires = DateTime.UtcNow.AddMinutes(30),
+                SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(secretKeyBytes), SecurityAlgorithms.HmacSha256Signature)
+
+            };
+
+            var token = jwtTokenHandle.CreateToken(tokenDes);
+            return jwtTokenHandle.WriteToken(token);
+        }
+    }
+}

EOS_Teacher/API/Helpers/RespondMessage.cs

+namespace API.Helpers
+{
+    public class RespondMessage
+    {
+        public bool Success { get; set; }
+        public string Message { get; set; }
+        public object Data { get; set; }
+    }
+}

EOS_Teacher/API/Program.cs

+using BusinessLayer.IRepository;
+using BusinessLayer.Mapping;
+using BusinessLayer.Repository;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Microsoft.AspNetCore.OData;
+using Microsoft.IdentityModel.Tokens;
+using Microsoft.OpenApi.Models;
+using System.Text;
+using System.Text.Json.Serialization;
+
+namespace API
+{
+    public class Program
+    {
+        public static void Main(string[] args)
+        {
+            var builder = WebApplication.CreateBuilder(args);
+
+            // Add-start
+
+            builder.Services.AddSwaggerGen();
+            builder.Services.AddControllers().AddOData(options =>
+            {
+                options.Filter().Select().OrderBy().Expand().SkipToken().Count();
+            });
+            builder.Services.AddEndpointsApiExplorer();
+            builder.Services.
+                AddSwaggerGen(x =>
+                {
+                    x.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
+                    {
+                        Description = "JWT Authorization",
+                        Name = "Authorization",
+                        In = ParameterLocation.Header,
+                        Type = SecuritySchemeType.ApiKey,
+                        Scheme = "Bearer"
+                    });
+                    x.AddSecurityRequirement(new OpenApiSecurityRequirement
+                    {
+                    {
+                        new OpenApiSecurityScheme
+                        {
+                            Reference = new OpenApiReference
+                            {
+                                Type = ReferenceType.SecurityScheme,
+                                Id = "Bearer"
+                            }
+                        },
+                        new string[] {}
+                    }
+                    });
+                });
+            builder.Services.AddCors(options =>
+            {
+                options.AddDefaultPolicy(builder =>
+                {
+                    builder.AllowAnyOrigin()
+                           .AllowAnyMethod()
+                           .AllowAnyHeader();
+                });
+            });
+
+            builder.Services.AddAutoMapper(typeof(MappingProfile));
+            builder.Services.AddAutoMapper(AppDomain.CurrentDomain.GetAssemblies());
+
+            builder.Services.AddSingleton<IUserRepository, UserRepository>();
+            builder.Services.AddSingleton<ISubjectCategoryRepository, SubjectCategoryRepository>();
+            builder.Services.AddSingleton<ISubjectRepository, SubjectRepository>();
+            builder.Services.AddSingleton<IQuestionCategoryRepository, QuestionCategoryRepository>();
+            builder.Services.AddSingleton<IQuestionRepository, QuestionRepository>();
+            builder.Services.AddSingleton<IExamRepository, ExamRepository>();
+            builder.Services.AddSingleton<IExamQuestionRepository, ExamQuestionRepository>();
+
+
+            // Add-end
+
+            builder.Services.Configure<AppSettings>(builder.Configuration.GetSection("AppSettings"));
+            var secretKey = builder.Configuration["AppSettings:SecretKey"];
+            var secretKeyByte = Encoding.UTF8.GetBytes(secretKey);
+
+            builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
+                .AddJwtBearer(o => o.TokenValidationParameters = new TokenValidationParameters
+                {
+
+                    ValidateIssuer = false,
+                    ValidateAudience = false,
+
+                    ValidateIssuerSigningKey = true,
+                    IssuerSigningKey = new SymmetricSecurityKey(secretKeyByte),
+                    ClockSkew = TimeSpan.Zero
+                });
+
+            var app = builder.Build();
+
+            // Add-start
+
+            if (app.Environment.IsDevelopment())
+            {
+                app.UseSwagger();
+                app.UseSwaggerUI();
+            }
+            app.MapControllers();
+
+            app.UseAuthentication();
+
+            app.UseAuthorization();
+
+            app.UseCors();
+
+            // Add-end
+
+            //app.MapGet("/", () => "Hello World!");
+
+            app.Run();
+        }
+    }
+}
\ No newline at end of file

EOS_Teacher/API/Properties/launchSettings.json

+{
+  "iisSettings": {
+    "windowsAuthentication": false,
+    "anonymousAuthentication": true,
+    "iisExpress": {
+      "applicationUrl": "http://localhost:38195",
+      "sslPort": 1
+    }
+  },
+  "profiles": {
+    "API": {
+      "commandName": "Project",
+      "dotnetRunMessages": true,
+      "launchBrowser": true,
+      "launchUrl": "swagger",
+      "applicationUrl": "http://localhost:5172",
+      "environmentVariables": {
+        "ASPNETCORE_ENVIRONMENT": "Development"
+      }
+    },
+    "IIS Express": {
+      "commandName": "IISExpress",
+      "launchBrowser": true,
+      "environmentVariables": {
+        "ASPNETCORE_ENVIRONMENT": "Development"
+      }
+    }
+  }
+}

EOS_Teacher/API/appsettings.Development.json

+{
+  "Logging": {
+    "LogLevel": {
+      "Default": "Information",
+      "Microsoft.AspNetCore": "Warning"
+    }
+  }
+}

EOS_Teacher/API/appsettings.json

+{
+  "AppSettings": {
+    "SecretKey": "BR6dKqpExlzQNaitfmWt"
+  },
+  "Logging": {
+    "LogLevel": {
+      "Default": "Information",
+      "Microsoft.AspNetCore": "Warning"
+    }
+  },
+  "AllowedHosts": "*"
+}

EOS_Teacher/API/bin/Debug/net6.0/API.runtimeconfig.json

+{
+  "runtimeOptions": {
+    "tfm": "net6.0",
+    "frameworks": [
+      {
+        "name": "Microsoft.NETCore.App",
+        "version": "6.0.0"
+      },
+      {
+        "name": "Microsoft.AspNetCore.App",
+        "version": "6.0.0"
+      }
+    ],
+    "configProperties": {
+      "System.GC.Server": true,
+      "System.Reflection.NullabilityInfoContext.IsSupported": true,
+      "System.Runtime.Serialization.EnableUnsafeBinaryFormatterSerialization": false
+    }
+  }
+}
\ No newline at end of file

EOS_Teacher/API/bin/Debug/net6.0/appsettings.Development.json

+{
+  "Logging": {
+    "LogLevel": {
+      "Default": "Information",
+      "Microsoft.AspNetCore": "Warning"
+    }
+  }
+}

EOS_Teacher/API/bin/Debug/net6.0/appsettings.json

+{
+  "AppSettings": {
+    "SecretKey": "BR6dKqpExlzQNaitfmWt"
+  },
+  "Logging": {
+    "LogLevel": {
+      "Default": "Information",
+      "Microsoft.AspNetCore": "Warning"
+    }
+  },
+  "AllowedHosts": "*"
+}