SocialPub/PrivaPub/Controllers/ClientToServer/RootUserController.cs
2023-02-19 00:43:43 +01:00

405 lines
13 KiB
C#

using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Localization;
using PrivaPub.ClientModels;
using PrivaPub.ClientModels.Resources;
using PrivaPub.ClientModels.User;
using PrivaPub.Extensions;
using PrivaPub.Models.User;
using PrivaPub.Resources;
using PrivaPub.Services;
using PrivaPub.StaticServices;
using System.ComponentModel.DataAnnotations;
namespace PrivaPub.Controllers.ClientToServer
{
[ApiController,
Route("clientapi/user")]
public class RootUserController : ControllerBase
{
readonly IRootUsersService UsersService;
readonly AuthTokenManager AuthTokenManager;
readonly ILogger<RootUserController> Logger;
readonly IStringLocalizer Localizer;
public RootUserController(IRootUsersService usersService,
AuthTokenManager authTokenManager,
IStringLocalizer<GenericRes> localizer,
ILogger<RootUserController> logger)
{
UsersService = usersService;
AuthTokenManager = authTokenManager;
Localizer = localizer;
Logger = logger;
}
#region User endpoints
[HttpPost, Route("/clientapi/user/signup"), Authorize(Policy = Policies.IsUser), AllowAnonymous]
public async Task<IActionResult> SignUp(LoginForm signUpForm)
{
if (User.Identity?.IsAuthenticated ?? false) return Redirect("/");
var result = new WebResult();
if (!ModelState.IsValid)
return BadRequest(result.Invalidate(Localizer["Invalid model."]));
try
{
result = await UsersService.SignUpAsync(signUpForm);
if (!result.IsValid)
return StatusCode(result.StatusCode, result);
(var user, var userSettings) = ((RootUser, ViewAvatarServer))result.Data;
var jwtUser = AuthTokenManager.GenerateToken(user, userSettings);
Logger.LogInformation(
$"{nameof(SignUp)}();IP:[{HttpContext.Connection?.RemoteIpAddress}];\nUser-Agent:[{Request.Headers["User-Agent"]}];\nUserId:[{user.ID}]");
return Ok(jwtUser);
}
catch (Exception ex)
{
Logger.LogError(ex, $"{nameof(User)}.{nameof(SignUp)}()");
return BadRequest(result.Invalidate(ex.Message));
}
}
[HttpPost, Route("/clientapi/user/login"), Authorize(Policy = Policies.IsUser), AllowAnonymous]
public async Task<IActionResult> Login(LoginForm loginForm)
{
if (User.Identity?.IsAuthenticated ?? false) return Redirect("/discussions");
var result = new WebResult();
if (!ModelState.IsValid)
return BadRequest(result.Invalidate(Localizer["Invalid model."]));
try
{
result = await UsersService.LoginAsync(loginForm);
if (!result.IsValid)
return StatusCode(result.StatusCode, result);
var (user, userSettings) =
((RootUser, ViewAvatarServer))result.Data;
var jwtUser = AuthTokenManager.GenerateToken(user, userSettings);
Logger.LogInformation(
$"{nameof(Login)}();IP:[{HttpContext.Connection?.RemoteIpAddress}];\nUser-Agent:[{Request.Headers["User-Agent"]}];\nUserId:[{user.ID}]");
return Ok(jwtUser);
}
catch (Exception ex)
{
Logger.LogError(ex, $"{nameof(User)}.{nameof(Login)}()");
return BadRequest(result.Invalidate(ex.Message));
}
}
//[HttpPost, Authorize(Policy = Policies.IsUser), AllowAnonymous]
//public async Task<IActionResult> InvitationSignUp(InvitationLoginForm signUpForm)
//{
// if (User.Identity?.IsAuthenticated ?? false) return Redirect("/discussions");
// var result = new WebResult();
// if (!ModelState.IsValid)
// return BadRequest(result.Invalidate(Localizer["Invalid model."]));
// try
// {
// result = await DiscussionsService.GetInvitationConfiguration(signUpForm.InvitationCode, includePassword: true);
// if (!result.IsValid)
// return StatusCode(result.StatusCode, result);
// var configuration = result.Data as InvitationConfiguration;
// if (configuration.IsPasswordRequired && signUpForm.InvitationPassword != configuration.Password)
// {
// result.Invalidate(Localizer["Invalid password."], StatusCodes.Status406NotAcceptable);
// return StatusCode(result.StatusCode, result);
// }
// result = await UsersService.SignUpAsync(new LoginForm
// {
// Username = signUpForm.Username,
// Password = signUpForm.Password,
// LightThemeIndexColour = signUpForm.ThemeIndexColour,
// ThemeIsDarkMode = signUpForm.ThemeIsDarkMode,
// InvitationPassword = signUpForm.InvitationPassword
// }, signUpForm.InvitationCode, configuration.IsPasswordRequired);
// if (!result.IsValid)
// return StatusCode(result.StatusCode, result);
// (var user, var userSettings) = ((User, ViewUserSettings))result.Data;
// var jwtUser = AuthTokenManager.GenerateToken(user, userSettings);
// Logger.LogInformation(
// $"{nameof(InvitationSignUp)}();IP:[{HttpContext.Connection?.RemoteIpAddress}];\nUser-Agent:[{Request.Headers["User-Agent"]}];\nUserId:[{user.ID}]");
// return Ok(jwtUser);
// }
// catch (Exception ex)
// {
// Logger.LogError(ex, $"{nameof(User)}.{nameof(InvitationSignUp)}()");
// return BadRequest(result.Invalidate(ex.Message));
// }
//}
//[HttpPost, Authorize(Policy = Policies.IsUser), AllowAnonymous]
//public async Task<IActionResult> InvitationLogin(InvitationLoginForm loginForm)
//{
// if (User.Identity?.IsAuthenticated ?? false) return Redirect("/discussions" + loginForm.InvitationCode);
// var result = new WebResult();
// if (!ModelState.IsValid)
// return BadRequest(result.Invalidate(Localizer["Invalid model."]));
// try
// {
// result = await DiscussionsService.GetInvitationConfiguration(loginForm.InvitationCode, includePassword: true);
// if (!result.IsValid)
// return StatusCode(result.StatusCode, result);
// var configuration = result.Data as InvitationConfiguration;
// if (configuration.IsPasswordRequired && loginForm.InvitationPassword != configuration.Password)
// {
// result.Invalidate(Localizer["Invalid password."], StatusCodes.Status406NotAcceptable);
// return StatusCode(result.StatusCode, result);
// }
// result = await UsersService.LoginAsync(new LoginForm
// {
// Username = loginForm.Username,
// Password = loginForm.Password,
// ThemeIsDarkMode = loginForm.ThemeIsDarkMode,
// LightThemeIndexColour = loginForm.ThemeIndexColour,
// InvitationPassword = loginForm.InvitationPassword
// }, loginForm.InvitationCode);
// if (!result.IsValid)
// return StatusCode(result.StatusCode, result);
// var (user, userSettings/*, userCurrentTier*/) = ((User, ViewUserSettings/*, UserCurrentTier*/))result.Data;
// var jwtUser = AuthTokenManager.GenerateToken(user, userSettings, 0
// /*userCurrentTier == null ? default : (userCurrentTier.EndPeriod - DateTime.UtcNow).Days*/);
// Logger.LogInformation(
// $"{nameof(InvitationLogin)}();IP:[{HttpContext.Connection?.RemoteIpAddress}];\nUser-Agent:[{Request.Headers["User-Agent"]}];\nUserId:[{user.ID}]");
// return Ok(jwtUser);
// }
// catch (Exception ex)
// {
// Logger.LogError(ex, $"{nameof(User)}.{nameof(InvitationLogin)}()");
// return BadRequest(result.Invalidate(ex.Message));
// }
//}
[HttpGet, Route("/clientapi/user/logout"), Authorize(Policy = Policies.IsUser)]
public IActionResult Logout()
{
var result = new WebResult();
try
{
return Ok();
}
catch (Exception ex)
{
Logger.LogError(ex, $"{nameof(User)}.{nameof(Logout)}()");
return BadRequest(result.Invalidate(ex.Message));
}
}
[HttpPost, Route("/clientapi/user/update"), Authorize(Policy = Policies.IsUser)]
public async Task<IActionResult> UpdateUser(UserForm userEmailForm)
{
var result = new WebResult();
if (!ModelState.IsValid)
return BadRequest(result.Invalidate(Localizer["Invalid model."]));
try
{
result = await UsersService.UpdateUserAsync(userEmailForm, User.GetUserId());
if (!result.IsValid)
return StatusCode(result.StatusCode, result);
return Ok();
}
catch (Exception ex)
{
Logger.LogError(ex, $"{nameof(User)}.{nameof(UpdateUser)}()");
return BadRequest(result.Invalidate(ex.Message));
}
}
[HttpPost, Route("/clientapi/user/update/settings"), Authorize(Policy = Policies.IsUser)]
public async Task<IActionResult> UpdateUserSettings(ViewAvatarServer userSettings)
{
var result = new WebResult();
if (!ModelState.IsValid)
return BadRequest(result.Invalidate(Localizer["Invalid model."]));
try
{
result = await UsersService.UpdateUserSettingsAsync(userSettings, User.GetUserId());
if (!result.IsValid)
return StatusCode(result.StatusCode, result);
return Ok();
}
catch (Exception ex)
{
Logger.LogError(ex, $"{nameof(User)}.{nameof(UpdateUserSettings)}()");
return BadRequest(result.Invalidate(ex.Message));
}
}
[HttpPost, Route("/clientapi/user/update/password"), Authorize(Policy = Policies.IsUser)]
public async Task<IActionResult> UpdatePassword(UserPasswordForm userPasswordForm)
{
var result = new WebResult();
if (!ModelState.IsValid)
return BadRequest(result.Invalidate(Localizer["Invalid model."]));
try
{
result = await UsersService.UpdateUserPasswordAsync(userPasswordForm, User.GetUserId());
if (!result.IsValid)
return StatusCode(result.StatusCode, result);
return Ok();
}
catch (Exception ex)
{
Logger.LogError(ex, $"{nameof(User)}.{nameof(UpdatePassword)}()");
return BadRequest(result.Invalidate(ex.Message));
}
}
//[HttpGet, Authorize(Policy = Policies.IsUser)]
//public async Task<IActionResult> GetUser()
//{
// var result = new WebResult();
// try
// {
// result = await UsersService.GetUserAsync(User.GetUserId());
// if (!result.IsValid)
// return StatusCode(result.StatusCode, result);
// return Ok(result.Data);
// }
// catch (Exception ex)
// {
// Logger.LogError(ex, $"{nameof(User)}.{nameof(GetUser)}()");
// return BadRequest(result.Invalidate(ex.Message));
// }
//}
[HttpGet, Route("/clientapi/user/settings"), Authorize(Policy = Policies.IsUser)]
public async Task<IActionResult> GetUserSettings()
{
var result = new WebResult();
try
{
result = await UsersService.GetUserSettingsAsync(User.GetUserId());
if (!result.IsValid)
return StatusCode(result.StatusCode, result);
return Ok(result.Data);
}
catch (Exception ex)
{
Logger.LogError(ex, $"{nameof(User)}.{nameof(GetUserSettings)}()");
return BadRequest(result.Invalidate(ex.Message));
}
}
[HttpPost, Route("/clientapi/user/recover/password"), AllowAnonymous]
public async Task<IActionResult> RecoverPassword(PasswordRecoveryForm passwordRecoveryForm)
{
var result = new WebResult();
if (!ModelState.IsValid)
return BadRequest(result.Invalidate(Localizer["Invalid model."]));
try
{
var host = $"{Request.Scheme}://{Request.Host.Host}";
result = await UsersService.SetupAndSendRecoveryEmail(passwordRecoveryForm, host);
if (!result.IsValid)
return StatusCode(result.StatusCode, result);
return Ok(result);
}
catch (Exception ex)
{
Logger.LogError(ex, $"{nameof(User)}.{nameof(RecoverPassword)}()");
return BadRequest(result.Invalidate(ex.Message));
}
}
[HttpPost, Route("/clientapi/user/recover/valid"), AllowAnonymous]
public async Task<IActionResult> IsValidRecoveryCode(
[FromBody,
Required(ErrorMessageResourceName = "Required", ErrorMessageResourceType = typeof(ErrorsResource)),
Display(Name = "RecoveryCode", ResourceType = typeof(FieldsNameResource))]
string recoveryCode)
{
var result = new WebResult();
try
{
result = await UsersService.IsValidRecoveryCode(recoveryCode);
if (!result.IsValid)
return StatusCode(result.StatusCode, result);
return Ok(result.Data);
}
catch (Exception ex)
{
Logger.LogError(ex, $"{nameof(User)}.{nameof(IsValidRecoveryCode)}()");
return BadRequest(result.Invalidate(ex.Message));
}
}
[HttpPost, Route("/clientapi/user/recover/update/password"), AllowAnonymous]
public async Task<IActionResult> ChangePassword(NewPasswordForm newPasswordForm)
{
var result = new WebResult();
if (!ModelState.IsValid)
return BadRequest(result.Invalidate(Localizer["Invalid model."]));
try
{
result = await UsersService.ChangePassword(newPasswordForm);
if (!result.IsValid)
return StatusCode(result.StatusCode, result);
return Ok(result.Data);
}
catch (Exception ex)
{
Logger.LogError(ex, $"{nameof(User)}.{nameof(ChangePassword)}()");
return BadRequest(result.Invalidate(ex.Message));
}
}
//[HttpDelete, Route("delete"), Authorize(Policy = Policies.IsUser)]
//public async Task<IActionResult> RemoveSelf()
//{
// var result = new WebResult();
// try
// {
// //result = await UsersService.RemoveUserAsync(User.GetUserId());
// if (!result.IsValid)
// return StatusCode(result.StatusCode, result);
// await HttpContext.SignOutAsync();
// return Ok();
// }
// catch (Exception ex)
// {
// Logger.LogError(ex, $"{nameof(User)}.{nameof(RemoveSelf)}()");
// return BadRequest(result.Invalidate(ex.Message));
// }
//}
#endregion User endpoints
#region Auth refresh
[HttpGet, Route("/clientapi/user/sniff/again"), Authorize(Policy = Policies.IsUser)]
public async Task<IActionResult> SniffAgain()
{
return Ok();
}
#endregion
}
}