sherl/hermes
1
0
Fork 0
mirror of https://github.com/GCMatters/hermes.git synced 2026-02-04 05:30:13 +01:00
Code Issues Packages Projects Releases Wiki Activity

Auth endpoints

Browse Source
This commit is contained in:
AleksDw
2025-05-18 17:43:47 +02:00
parent 1eb104945a
commit bebf47a2ba
6 changed files with 174 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

108
WebApp/Endpoints/AuthEndpoints.cs
View File

@@ -1,9 +1,11 @@
using Microsoft.EntityFrameworkCore;
using Microsoft.AspNetCore.Http.HttpResults;
using Microsoft.EntityFrameworkCore;
using System.Security.Cryptography;
using System.Text;
using WebApp.Data;
using WebApp.DTOs;
using WebApp.Entities;
using WebApp.Mapping;
namespace WebApp.Endpoints
{
@@ -12,33 +14,23 @@ namespace WebApp.Endpoints
public static RouteGroupBuilder MapAuthEndpoints(this WebApplication app)
{
var group = app.MapGroup("auth")
const string GetUserEndpointName = "GetUser";
var group = app.MapGroup("api/auth")
.WithParameterValidation();
group.MapPost("/login", async (LoginDto dto, ApplicationDbContext context) =>
group.MapPost("/login", async (LoginDto dto, ApplicationDbContext context, GeneralUseHelpers guh) =>
{
var user = await context.WebUsers.FirstOrDefaultAsync(u => u.Email == dto.Email);
if (user == null)
{
return Results.Json(new {message = "Wrong email or password."}, statusCode: 401);
}
string hashedPassword = HashPasswordSHA512(dto.Password);
if(user.Password != hashedPassword)
if (user == null || user.Password != hashedPassword)
{
return Results.Json(new { message = "Wrong email or password." }, statusCode: 401);
}
var token = new Token
{
UserId = user.UserId,
Value = "lah-" + Guid.NewGuid().ToString(),
ValidUntil = DateTime.UtcNow.AddDays(7),
};
context.Tokens.Add(token);
await context.SaveChangesAsync();
var token = await guh.CreateNewToken(user.UserId);
return Results.Ok(new
{
@@ -47,6 +39,87 @@ namespace WebApp.Endpoints
});
});
group.MapPost("/logout", async (HttpContext httpContext, GeneralUseHelpers guh) =>
{
var token = await guh.GetTokenFromHTTPContext(httpContext);
if (token == null)
{
return Results.Json(new { message = "No valid token found." }, statusCode: 401);
}
await guh.DeleteToken(token);
httpContext.Response.Cookies.Delete("token");
return Results.Ok(new { success = true });
});
group.MapGet("/my_account", async (HttpContext httpContext, GeneralUseHelpers guh) =>
{
var token = await guh.GetTokenFromHTTPContext(httpContext);
if(token == null)
{
return Results.Json(new { message = "No valid token found." }, statusCode: 401);
}
User? user = await guh.GetUserFromToken(token);
if(user == null)
{
return Results.Json(new {message = "No user found."}, statusCode: 404);
}
return Results.Ok(user.ToUserSummaryDto());
})
.WithName(GetUserEndpointName);
group.MapGet("/my_events", async (HttpContext httpContext, GeneralUseHelpers guh, ApplicationDbContext context) =>
{
var token = await guh.GetTokenFromHTTPContext(httpContext);
if (token == null)
{
return Results.Json(new { message = "No valid token found." }, statusCode: 401);
}
User? user = await guh.GetUserFromToken(token);
if (user == null)
{
return Results.Json(new { message = "No user found." }, statusCode: 404);
}
if(!user.IsOrganisation)
{
var events = await context.EventRegistrations
.Where(er => er.VolunteerId == user.UserId)
.Select(er => er.Event.ToEventSummaryNoErDto())
.ToListAsync();
return Results.Ok(events);
}
else
{
var org = await context.Organisations.FirstOrDefaultAsync(o => o.UserId == user.UserId);
if(org == null)
{
return Results.Json(new { message = "No organisation found for this user." }, statusCode: 404);
}
var events = await context.Events
.Where(e => e.OrganisationId == org.OrganisationId)
.Select(e => e.ToEventSummaryDto())
.ToListAsync();
return Results.Ok(events);
}
});
return group;
}
@@ -58,7 +131,6 @@ namespace WebApp.Endpoints
byte[] hash = sha512.ComputeHash(bytes);
string hashstring = BitConverter.ToString(hash).Replace("-", "").ToLower();
Console.WriteLine($"Hashed Password: {hashstring}");
return hashstring;
}
}