sherl/QuotifyBE
1
0
Fork 0
mirror of https://github.com/QuotifyTeam/QuotifyBE.git synced 2025-12-16 23:20:06 +01:00
Code Issues Packages Projects Releases Wiki Activity

feat: provide user data on login, minor fix to seeding, logical fixes

Browse Source
This commit is contained in:
eee4
2025-07-16 16:51:54 +02:00
parent 4b7b731679
commit 09bc6637a8
9 changed files with 88 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
Controllers/AuthController.cs
View File

@@ -4,6 +4,7 @@ using QuotifyBE.Data;
using QuotifyBE.Entities; using QuotifyBE.Entities;
using QuotifyBE.DTOs; using QuotifyBE.DTOs;
using System.Threading.Tasks; using System.Threading.Tasks;
using QuotifyBE.Mapping;
namespace QuotifyBE.Controllers; namespace QuotifyBE.Controllers;
@@ -35,13 +36,13 @@ public class AuthController : ControllerBase
/// in the Authorization header, e.g.: Authorization: bearer {jwt} /// in the Authorization header, e.g.: Authorization: bearer {jwt}
/// </remarks> /// </remarks>
/// <param name="formUser">User's credentials (email and password)</param> /// <param name="formUser">User's credentials (email and password)</param>
/// <returns>JWT valid for 5 minutes.</returns> /// <returns>JWT valid for 5 minutes and basic user data.</returns>
/// <response code="200">Returned on request with valid credentials</response> /// <response code="200">Returned on request with valid credentials. Contains the token, but also user data.</response>
/// <response code="400">Returned on request with missing form data (email, password or both)</response> /// <response code="400">Returned on request with missing form data (email, password or both)</response>
/// <response code="401">Returned on request with unknown pair of email and password (wrong password)</response> /// <response code="401">Returned on request with unknown pair of email and password (wrong password)</response>
/// <response code="404">Returned on request with unknwon email</response> /// <response code="404">Returned on request with unknwon email</response>
[HttpPost("login")] [HttpPost("login")]
[ProducesResponseType(200)] [ProducesResponseType(typeof(SuccessfulLoginDTO), 200)]
[ProducesResponseType(typeof(ErrorDTO), 400)] [ProducesResponseType(typeof(ErrorDTO), 400)]
[ProducesResponseType(typeof(ErrorDTO), 401)] [ProducesResponseType(typeof(ErrorDTO), 401)]
[ProducesResponseType(typeof(ErrorDTO), 404)] [ProducesResponseType(typeof(ErrorDTO), 404)]
@@ -60,19 +61,22 @@ public class AuthController : ControllerBase
return NotFound(new {status = "error", error_msg = "User not found"}); return NotFound(new {status = "error", error_msg = "User not found"});
} }
// Hash the password and compare with the user-provided one // Hash the password and compare with the user-provided one
string hashedFormPassword = guhf.HashWithSHA512(formUser.Password); string hashedFormPassword = guhf.HashWithSHA512(formUser.Password);
if (hashedFormPassword == user.PasswordHash) if (hashedFormPassword == user.PasswordHash)
{ {
// All set - generate the token and return it // All set - generate the token and return it
var token = guhf.GenerateJwtToken(formUser.Email); var token = guhf.GenerateJwtToken(formUser.Email);
return Ok(new { status = "ok", token }); SuccessfulLoginDTO response = user.ToSuccessfulLoginDTO(token);
return Ok(response);
} else return Unauthorized(new {status = "error", error_msg = "Unknown pair of email and password"}); } else return Unauthorized(new {status = "error", error_msg = "Unknown pair of email and password"});
} }
// GET /api/v1/auth/some_values // GET /api/v1/auth/some_values
/// <summary> /// <summary>
/// Dummy, authed endpoint /// [AUTHED] Dummy, authed endpoint
/// </summary> /// </summary>
/// <remarks> /// <remarks>
/// Dummy, authed endpoint used to test JWTs. /// Dummy, authed endpoint used to test JWTs.

47
Controllers/QuoteController.cs
View File

@@ -33,7 +33,7 @@ public class QuotesController : ControllerBase
/// <param name="page_no">The page number</param> /// <param name="page_no">The page number</param>
/// <returns>A page (10 quotes)</returns> /// <returns>A page (10 quotes)</returns>
/// <response code="200">Returned on valid request</response> /// <response code="200">Returned on valid request</response>
/// <response code="404">Returned when requested page is invalid or does not exist</response> /// <response code="404">Returned when requested page is invalid</response>
[HttpGet("page/{page_no}")] [HttpGet("page/{page_no}")]
[ProducesResponseType(typeof(List<QuoteShortDTO>), 200)] [ProducesResponseType(typeof(List<QuoteShortDTO>), 200)]
[ProducesResponseType(typeof(ErrorDTO), 404)] [ProducesResponseType(typeof(ErrorDTO), 404)]
@@ -44,22 +44,24 @@ public class QuotesController : ControllerBase
if (page_no <= 0) if (page_no <= 0)
{ {
return NotFound(new ErrorDTO { Status = "error", error_msg = "Numer strony musi być większy niż 0." }); return NotFound(new ErrorDTO { Status = "error", Error_msg = "Numer strony musi być większy niż 0" });
} }
var quotes = await _db.Quotes.Include(q => q.QuoteCategories).ThenInclude(qc => qc.Category).Include(q => q.User).Include(q => q.Image).OrderBy(q => q.Id).Skip((page_no-1)*PageSize).Take(PageSize).ToListAsync(); var quotes = await _db.Quotes
.Include(q => q.QuoteCategories)
.ThenInclude(qc => qc.Category)
.Include(q => q.User)
.Include(q => q.Image)
.OrderBy(q => q.Id)
.Skip((page_no - 1) * PageSize)
.Take(PageSize)
.ToListAsync();
var result = quotes
.Select(q => q.ToQuoteShortDTO())
.ToList();
if (quotes == null || totalQuotes == 0)
{
return NotFound(new ErrorDTO { Status = "error", error_msg = "Brak cytatów na tej stronie." });
}
var result = quotes.Select(q => q.ToQuoteShortDTO(_db)).ToList();
//return NotFound(new { status = "error", error_msg = "Not implemented" });
return Ok(result); return Ok(result);
} }
// GET /api/v1/quotes/{id} // GET /api/v1/quotes/{id}
@@ -86,29 +88,31 @@ public class QuotesController : ControllerBase
if (quote == null) if (quote == null)
return NotFound(new { status = "error", error_msg = "Quote not found" }); return NotFound(new { status = "error", error_msg = "Quote not found" });
return Ok(quote.ToQuoteShortDTO(_db)); return Ok(quote.ToQuoteShortDTO());
} }
// POST /api/v1/quotes/new // POST /api/v1/quotes/new
/// <summary> /// <summary>
/// Add a new quote /// [AUTHED] Add a new quote
/// </summary> /// </summary>
/// <returns>Newly created quote's id</returns> /// <returns>Newly created quote's id</returns>
/// <param name="request">Form data containing required quote information</param> /// <param name="request">Form data containing required quote information</param>
/// <response code="201">Returned on valid request</response> /// <response code="201">Returned on valid request</response>
/// <response code="400">Returned when any of the categories does not exist</response> /// <response code="400">Returned when any of the categories does not exist</response>
/// <response code="401">Returned when user's id does not match the creator's id</response> /// <response code="403">Returned when user's id does not match the creator's id</response>
[HttpPost("new")] [HttpPost("new")]
[Authorize] [Authorize]
[ProducesResponseType(201)] // ? [ProducesResponseType(201)] // ? FIXME
[ProducesResponseType(typeof(ErrorDTO), 400)] [ProducesResponseType(typeof(ErrorDTO), 400)]
[ProducesResponseType(typeof(ErrorDTO), 401)] [ProducesResponseType(typeof(ErrorDTO), 403)]
public async Task<IActionResult> CreateQuote([FromBody] CreateQuoteDTO request) public async Task<IActionResult> CreateQuote([FromBody] CreateQuoteDTO request)
{ {
// Get user ID from claims // Get user ID from claims
// FIXME
var userIdClaim = User.FindFirst(ClaimTypes.NameIdentifier)?.Value; var userIdClaim = User.FindFirst(ClaimTypes.NameIdentifier)?.Value;
if (userIdClaim == null || !int.TryParse(userIdClaim, out int userId)) if (userIdClaim == null || !int.TryParse(userIdClaim, out int userId))
return Unauthorized(new {status = "error", error_msg = "Invalid user ID"}); // https://stackoverflow.com/a/47708867
return StatusCode(403, new ErrorDTO { Status = "error", Error_msg = "Invalid user ID" });
// Find or create image // Find or create image
Image? image = null; Image? image = null;
@@ -140,7 +144,7 @@ public class QuotesController : ControllerBase
{ {
var categoryExists = await _db.Categories.AnyAsync(c => c.Id == categoryId); var categoryExists = await _db.Categories.AnyAsync(c => c.Id == categoryId);
if (!categoryExists) if (!categoryExists)
return BadRequest(new {status = "error", error_msg = $"Category ID {categoryId} not found"}); return BadRequest(new ErrorDTO { Status = "error", Error_msg = $"Category ID {categoryId} not found"});
quote.QuoteCategories.Add(new QuoteCategory quote.QuoteCategories.Add(new QuoteCategory
{ {
@@ -170,12 +174,11 @@ public class QuotesController : ControllerBase
{ {
var totalQuotes = await _db.Quotes.CountAsync(); var totalQuotes = await _db.Quotes.CountAsync();
if (totalQuotes == 0) if (totalQuotes == 0)
return NotFound(new { status = "error", error_msg = "No quotes to choose from" }); return NotFound(new ErrorDTO { Status = "error", Error_msg = "No quotes to choose from" });
var random = new Random(); var random = new Random();
var skip = random.Next(0, totalQuotes); var skip = random.Next(0, totalQuotes);
// FIXME
var quote = await _db.Quotes var quote = await _db.Quotes
.Include(q => q.QuoteCategories!) .Include(q => q.QuoteCategories!)
.ThenInclude(qc => qc.Category) .ThenInclude(qc => qc.Category)
@@ -184,7 +187,7 @@ public class QuotesController : ControllerBase
.FirstOrDefaultAsync(); .FirstOrDefaultAsync();
if (quote == null) if (quote == null)
return NotFound(); return NotFound(new ErrorDTO { Status = "error", Error_msg = "Unknown error - couldn't get quote"});
Image? image = null; Image? image = null;
if (quote.ImageId != 0) if (quote.ImageId != 0)

4
Controllers/Seed.cs
View File

@@ -28,8 +28,8 @@ namespace QuotifyBE.Controllers
{ {
Name="admin", Name="admin",
Email = "admin@mail.com", Email = "admin@mail.com",
PasswordHash = guhf.HashWithSHA512("admin") // hashed twice, once by frontend, and second time by backend
PasswordHash = guhf.HashWithSHA512(guhf.HashWithSHA512("admin"))
}; };
_db.Users.Add(Admin); _db.Users.Add(Admin);
await _db.SaveChangesAsync(); await _db.SaveChangesAsync();

5
DTOs/ErrorDTO.cs
View File

@@ -2,6 +2,7 @@ namespace QuotifyBE.DTOs;
public record class ErrorDTO public record class ErrorDTO
{ {
public string Status { get; set; } required public string Status { get; set; }
public string error_msg { get; set; } required public string Error_msg { get; set; }
} }

9
DTOs/SuccessfulLoginDTO.cs Normal file
View File

@@ -0,0 +1,9 @@
namespace QuotifyBE.DTOs;
public record class SuccessfulLoginDTO
{
required public string Status { get; set; }
required public string Token { get; set; }
required public UserInfoDTO User { get; set; }
};

9
DTOs/UserInfoDTO.cs Normal file
View File

@@ -0,0 +1,9 @@
namespace QuotifyBE.DTOs;
public record class UserInfoDTO
{
public int Id { get; set; }
required public string Name { get; set; }
required public string Email { get; set; }
};

2
Entities/User.cs
View File

@@ -1,4 +1,4 @@
namespace QuotifyBE.Entities namespace QuotifyBE.Entities
{ {
public class User public class User
{ {

2
Mapping/QuoteMapping.cs
View File

@@ -8,7 +8,7 @@ namespace QuotifyBE.Mapping;
public static class QuoteMapping public static class QuoteMapping
{ {
public static QuoteShortDTO ToQuoteShortDTO(this Quote quote, ApplicationDbContext db) public static QuoteShortDTO ToQuoteShortDTO(this Quote quote)
{ {
List<string> categoryNames = []; List<string> categoryNames = [];

29
Mapping/UserMapping.cs Normal file
View File

@@ -0,0 +1,29 @@
using QuotifyBE.DTOs;
using QuotifyBE.Entities;
namespace QuotifyBE.Mapping;
public static class UserMapping
{
public static SuccessfulLoginDTO ToSuccessfulLoginDTO(this User user, string token)
{
return new SuccessfulLoginDTO
{
Status = "ok",
Token = token,
User = user.ToUserInfoDTO()
};
}
public static UserInfoDTO ToUserInfoDTO(this User user)
{
return new UserInfoDTO
{
Id = user.Id,
Name = user.Name,
Email = user.Email
};
}
}