sherl/QuotifyBE
1
0
Fork 0
mirror of https://github.com/QuotifyTeam/QuotifyBE.git synced 2025-12-16 15:20:06 +01:00
Code Issues Packages Projects Releases Wiki Activity

feat: provide user data on login, minor fix to seeding, logical fixes

Browse Source
This commit is contained in:
eee4
2025-07-16 16:51:54 +02:00
parent 4b7b731679
commit 09bc6637a8
9 changed files with 88 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
Controllers/AuthController.cs
View File

@@ -4,6 +4,7 @@ using QuotifyBE.Data;
using QuotifyBE.Entities;
using QuotifyBE.DTOs;
using System.Threading.Tasks;
using QuotifyBE.Mapping;
namespace QuotifyBE.Controllers;
@@ -35,13 +36,13 @@ public class AuthController : ControllerBase
/// in the Authorization header, e.g.: Authorization: bearer {jwt}
/// </remarks>
/// <param name="formUser">User's credentials (email and password)</param>
/// <returns>JWT valid for 5 minutes.</returns>
/// <response code="200">Returned on request with valid credentials</response>
/// <returns>JWT valid for 5 minutes and basic user data.</returns>
/// <response code="200">Returned on request with valid credentials. Contains the token, but also user data.</response>
/// <response code="400">Returned on request with missing form data (email, password or both)</response>
/// <response code="401">Returned on request with unknown pair of email and password (wrong password)</response>
/// <response code="404">Returned on request with unknwon email</response>
[HttpPost("login")]
[ProducesResponseType(200)]
[ProducesResponseType(typeof(SuccessfulLoginDTO), 200)]
[ProducesResponseType(typeof(ErrorDTO), 400)]
[ProducesResponseType(typeof(ErrorDTO), 401)]
[ProducesResponseType(typeof(ErrorDTO), 404)]
@@ -60,19 +61,22 @@ public class AuthController : ControllerBase
return NotFound(new {status = "error", error_msg = "User not found"});
}
// Hash the password and compare with the user-provided one
string hashedFormPassword = guhf.HashWithSHA512(formUser.Password);
if (hashedFormPassword == user.PasswordHash)
{
// All set - generate the token and return it
var token = guhf.GenerateJwtToken(formUser.Email);
return Ok(new { status = "ok", token });
SuccessfulLoginDTO response = user.ToSuccessfulLoginDTO(token);
return Ok(response);
} else return Unauthorized(new {status = "error", error_msg = "Unknown pair of email and password"});
}
// GET /api/v1/auth/some_values
/// <summary>
/// Dummy, authed endpoint
/// [AUTHED] Dummy, authed endpoint
/// </summary>
/// <remarks>
/// Dummy, authed endpoint used to test JWTs.

47
Controllers/QuoteController.cs
View File

@@ -33,7 +33,7 @@ public class QuotesController : ControllerBase
/// <param name="page_no">The page number</param>
/// <returns>A page (10 quotes)</returns>
/// <response code="200">Returned on valid request</response>
/// <response code="404">Returned when requested page is invalid or does not exist</response>
/// <response code="404">Returned when requested page is invalid</response>
[HttpGet("page/{page_no}")]
[ProducesResponseType(typeof(List<QuoteShortDTO>), 200)]
[ProducesResponseType(typeof(ErrorDTO), 404)]
@@ -44,22 +44,24 @@ public class QuotesController : ControllerBase
if (page_no <= 0)
{
return NotFound(new ErrorDTO { Status = "error", error_msg = "Numer strony musi być większy niż 0." });
return NotFound(new ErrorDTO { Status = "error", Error_msg = "Numer strony musi być większy niż 0" });
}
var quotes = await _db.Quotes.Include(q => q.QuoteCategories).ThenInclude(qc => qc.Category).Include(q => q.User).Include(q => q.Image).OrderBy(q => q.Id).Skip((page_no-1)*PageSize).Take(PageSize).ToListAsync();
var quotes = await _db.Quotes
.Include(q => q.QuoteCategories)
.ThenInclude(qc => qc.Category)
.Include(q => q.User)
.Include(q => q.Image)
.OrderBy(q => q.Id)
.Skip((page_no - 1) * PageSize)
.Take(PageSize)
.ToListAsync();
var result = quotes
.Select(q => q.ToQuoteShortDTO())
.ToList();
if (quotes == null || totalQuotes == 0)
{
return NotFound(new ErrorDTO { Status = "error", error_msg = "Brak cytatów na tej stronie." });
}
var result = quotes.Select(q => q.ToQuoteShortDTO(_db)).ToList();
//return NotFound(new { status = "error", error_msg = "Not implemented" });
return Ok(result);
}
// GET /api/v1/quotes/{id}
@@ -86,29 +88,31 @@ public class QuotesController : ControllerBase
if (quote == null)
return NotFound(new { status = "error", error_msg = "Quote not found" });
return Ok(quote.ToQuoteShortDTO(_db));
return Ok(quote.ToQuoteShortDTO());
}
// POST /api/v1/quotes/new
/// <summary>
/// Add a new quote
/// [AUTHED] Add a new quote
/// </summary>
/// <returns>Newly created quote's id</returns>
/// <param name="request">Form data containing required quote information</param>
/// <response code="201">Returned on valid request</response>
/// <response code="400">Returned when any of the categories does not exist</response>
/// <response code="401">Returned when user's id does not match the creator's id</response>
/// <response code="403">Returned when user's id does not match the creator's id</response>
[HttpPost("new")]
[Authorize]
[ProducesResponseType(201)] // ?
[ProducesResponseType(201)] // ? FIXME
[ProducesResponseType(typeof(ErrorDTO), 400)]
[ProducesResponseType(typeof(ErrorDTO), 401)]
[ProducesResponseType(typeof(ErrorDTO), 403)]
public async Task<IActionResult> CreateQuote([FromBody] CreateQuoteDTO request)
{
// Get user ID from claims
// FIXME
var userIdClaim = User.FindFirst(ClaimTypes.NameIdentifier)?.Value;
if (userIdClaim == null || !int.TryParse(userIdClaim, out int userId))
return Unauthorized(new {status = "error", error_msg = "Invalid user ID"});
// https://stackoverflow.com/a/47708867
return StatusCode(403, new ErrorDTO { Status = "error", Error_msg = "Invalid user ID" });
// Find or create image
Image? image = null;
@@ -140,7 +144,7 @@ public class QuotesController : ControllerBase
{
var categoryExists = await _db.Categories.AnyAsync(c => c.Id == categoryId);
if (!categoryExists)
return BadRequest(new {status = "error", error_msg = $"Category ID {categoryId} not found"});
return BadRequest(new ErrorDTO { Status = "error", Error_msg = $"Category ID {categoryId} not found"});
quote.QuoteCategories.Add(new QuoteCategory
{
@@ -170,12 +174,11 @@ public class QuotesController : ControllerBase
{
var totalQuotes = await _db.Quotes.CountAsync();
if (totalQuotes == 0)
return NotFound(new { status = "error", error_msg = "No quotes to choose from" });
return NotFound(new ErrorDTO { Status = "error", Error_msg = "No quotes to choose from" });
var random = new Random();
var skip = random.Next(0, totalQuotes);
// FIXME
var quote = await _db.Quotes
.Include(q => q.QuoteCategories!)
.ThenInclude(qc => qc.Category)
@@ -184,7 +187,7 @@ public class QuotesController : ControllerBase
.FirstOrDefaultAsync();
if (quote == null)
return NotFound();
return NotFound(new ErrorDTO { Status = "error", Error_msg = "Unknown error - couldn't get quote"});
Image? image = null;
if (quote.ImageId != 0)

4
Controllers/Seed.cs
View File

@@ -28,8 +28,8 @@ namespace QuotifyBE.Controllers
{
Name="admin",
Email = "admin@mail.com",
PasswordHash = guhf.HashWithSHA512("admin")
// hashed twice, once by frontend, and second time by backend
PasswordHash = guhf.HashWithSHA512(guhf.HashWithSHA512("admin"))
};
_db.Users.Add(Admin);
await _db.SaveChangesAsync();

5
DTOs/ErrorDTO.cs
View File

@@ -2,6 +2,7 @@ namespace QuotifyBE.DTOs;
public record class ErrorDTO
{
public string Status { get; set; }
public string error_msg { get; set; }
required public string Status { get; set; }
required public string Error_msg { get; set; }
}

9
DTOs/SuccessfulLoginDTO.cs Normal file
View File

@@ -0,0 +1,9 @@
namespace QuotifyBE.DTOs;
public record class SuccessfulLoginDTO
{
required public string Status { get; set; }
required public string Token { get; set; }
required public UserInfoDTO User { get; set; }
};

9
DTOs/UserInfoDTO.cs Normal file
View File

@@ -0,0 +1,9 @@
namespace QuotifyBE.DTOs;
public record class UserInfoDTO
{
public int Id { get; set; }
required public string Name { get; set; }
required public string Email { get; set; }
};

2
Entities/User.cs
View File

@@ -1,4 +1,4 @@
namespace QuotifyBE.Entities
namespace QuotifyBE.Entities
{
public class User
{

2
Mapping/QuoteMapping.cs
View File

@@ -8,7 +8,7 @@ namespace QuotifyBE.Mapping;
public static class QuoteMapping
{
public static QuoteShortDTO ToQuoteShortDTO(this Quote quote, ApplicationDbContext db)
public static QuoteShortDTO ToQuoteShortDTO(this Quote quote)
{
List<string> categoryNames = [];

29
Mapping/UserMapping.cs Normal file
View File

@@ -0,0 +1,29 @@
using QuotifyBE.DTOs;
using QuotifyBE.Entities;
namespace QuotifyBE.Mapping;
public static class UserMapping
{
public static SuccessfulLoginDTO ToSuccessfulLoginDTO(this User user, string token)
{
return new SuccessfulLoginDTO
{
Status = "ok",
Token = token,
User = user.ToUserInfoDTO()
};
}
public static UserInfoDTO ToUserInfoDTO(this User user)
{
return new UserInfoDTO
{
Id = user.Id,
Name = user.Name,
Email = user.Email
};
}
}