sherl/hermes
1
0
Fork 0
mirror of https://github.com/GCMatters/hermes.git synced 2026-02-04 13:40:13 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
ef7ec0fc33aa8f5676b21906b0f1d50cf50dfbf0
hermes/WebApp/Endpoints/AuthEndpoints.cs
AleksDw bebf47a2ba Auth endpoints
2025-05-18 17:43:47 +02:00

138 lines
4.6 KiB
C#
Raw Blame History

using Microsoft.AspNetCore.Http.HttpResults;
using Microsoft.EntityFrameworkCore;
using System.Security.Cryptography;
using System.Text;
using WebApp.Data;
using WebApp.DTOs;
using WebApp.Entities;
using WebApp.Mapping;
namespace WebApp.Endpoints
{
public static class AuthEndpoints
{
public static RouteGroupBuilder MapAuthEndpoints(this WebApplication app)
{
const string GetUserEndpointName = "GetUser";
var group = app.MapGroup("api/auth")
.WithParameterValidation();
group.MapPost("/login", async (LoginDto dto, ApplicationDbContext context, GeneralUseHelpers guh) =>
{
var user = await context.WebUsers.FirstOrDefaultAsync(u => u.Email == dto.Email);
string hashedPassword = HashPasswordSHA512(dto.Password);
if (user == null || user.Password != hashedPassword)
{
return Results.Json(new { message = "Wrong email or password." }, statusCode: 401);
}
var token = await guh.CreateNewToken(user.UserId);
return Results.Ok(new
{
message = "Login successful.",
token = token.Value
});
});
group.MapPost("/logout", async (HttpContext httpContext, GeneralUseHelpers guh) =>
{
var token = await guh.GetTokenFromHTTPContext(httpContext);
if (token == null)
{
return Results.Json(new { message = "No valid token found." }, statusCode: 401);
}
await guh.DeleteToken(token);
httpContext.Response.Cookies.Delete("token");
return Results.Ok(new { success = true });
});
group.MapGet("/my_account", async (HttpContext httpContext, GeneralUseHelpers guh) =>
{
var token = await guh.GetTokenFromHTTPContext(httpContext);
if(token == null)
{
return Results.Json(new { message = "No valid token found." }, statusCode: 401);
}
User? user = await guh.GetUserFromToken(token);
if(user == null)
{
return Results.Json(new {message = "No user found."}, statusCode: 404);
}
return Results.Ok(user.ToUserSummaryDto());
})
.WithName(GetUserEndpointName);
group.MapGet("/my_events", async (HttpContext httpContext, GeneralUseHelpers guh, ApplicationDbContext context) =>
{
var token = await guh.GetTokenFromHTTPContext(httpContext);
if (token == null)
{
return Results.Json(new { message = "No valid token found." }, statusCode: 401);
}
User? user = await guh.GetUserFromToken(token);
if (user == null)
{
return Results.Json(new { message = "No user found." }, statusCode: 404);
}
if(!user.IsOrganisation)
{
var events = await context.EventRegistrations
.Where(er => er.VolunteerId == user.UserId)
.Select(er => er.Event.ToEventSummaryNoErDto())
.ToListAsync();
return Results.Ok(events);
}
else
{
var org = await context.Organisations.FirstOrDefaultAsync(o => o.UserId == user.UserId);
if(org == null)
{
return Results.Json(new { message = "No organisation found for this user." }, statusCode: 404);
}
var events = await context.Events
.Where(e => e.OrganisationId == org.OrganisationId)
.Select(e => e.ToEventSummaryDto())
.ToListAsync();
return Results.Ok(events);
}
});
return group;
}
static string HashPasswordSHA512(string password)
{
using (var sha512 = SHA512.Create())
{
byte[] bytes = Encoding.ASCII.GetBytes(password);
byte[] hash = sha512.ComputeHash(bytes);
string hashstring = BitConverter.ToString(hash).Replace("-", "").ToLower();
return hashstring;
}
}
}
}
Reference in New Issue View Git Blame Copy Permalink