slik-dispenser/backend/Controllers/UserController.cs

169 lines
4.5 KiB
C#
Raw Normal View History

2023-12-06 13:11:11 +00:00
using Microsoft.AspNetCore.Mvc;
using backend.Application;
using backend.Models;
using System.Text.Json.Nodes;
using Microsoft.AspNetCore.Identity;
2023-12-08 00:05:55 +00:00
using System.Web;
using backend.Middleware;
2023-12-19 12:37:13 +00:00
using backend.Migrations;
2023-12-06 13:11:11 +00:00
namespace backend.Controllers;
[ApiController]
public class UserController : ControllerBase
{
2023-12-08 00:05:55 +00:00
[HttpPost("Register")]
public IActionResult Register([FromBody] JsonObject input)
{
// Validate
if (String.IsNullOrEmpty(input["username"]?.ToString()) || String.IsNullOrEmpty(input["password"]?.ToString())) {
return BadRequest("Username and password required");
}
if (ApplicationState.DbContext!.Users.FirstOrDefault(user => user.Username == input["username"]!.ToString()) != null) {
return BadRequest("User already exists");
}
2023-12-08 00:05:55 +00:00
// Hash password
var passwordHasher = new PasswordHasher<object>();
string hashedPassword = passwordHasher.HashPassword(null, input["password"]!.ToString());
// Generate touch code
string touchCode = "";
for (int i = 0; i < 4; i++) {
touchCode += (1 + new Random().Next() % 5).ToString();
}
// Create user
var user = new User {
Username = input["username"]!.ToString(),
Password = hashedPassword,
TouchCode = touchCode,
IsParent = false,
2023-12-08 00:05:55 +00:00
};
// Save user
ApplicationState.DbContext!.Add(user);
2023-12-06 13:11:11 +00:00
ApplicationState.DbContext!.SaveChanges();
2023-12-08 00:05:55 +00:00
Console.WriteLine("Created user: " + user.Username);
return Ok();
}
[HttpPost("Login")]
public IActionResult Login([FromBody] JsonObject input)
{
// Validate
if (String.IsNullOrEmpty(input["username"]?.ToString()) || String.IsNullOrEmpty(input["password"]?.ToString())) {
return BadRequest("Username and password required");
}
if (Request.Cookies["session"] != null) {
return BadRequest("You are already logged in");
}
// Get user
var user = ApplicationState.DbContext!.Users.FirstOrDefault(user => user.Username == input["username"]!.ToString());
if (user == null) {
return BadRequest("Invalid username");
}
// Verify password
var passwordHasher = new PasswordHasher<object>();
if (passwordHasher.VerifyHashedPassword(null, user.Password, input["password"]!.ToString()) == PasswordVerificationResult.Failed) {
return BadRequest("Invalid password");
}
// Create session token if necessary
if (string.IsNullOrEmpty(user.SessionToken)) {
user.SessionToken = Guid.NewGuid().ToString();
ApplicationState.DbContext!.SaveChanges();
}
// Set session cookie
Response.Cookies.Append("session", user.SessionToken);
Console.WriteLine(user.Username + " has logged in");
2023-12-08 00:05:55 +00:00
return Ok();
}
[HttpPost("Logout")]
[MiddlewareFilter(typeof(AuthenticationMiddlewareBuilder))]
public IActionResult LogOut()
{
// Get user
var user = ApplicationState.DbContext!.Users.FirstOrDefault(user => user.SessionToken == Request.Cookies["session"]!.ToString());
if (user == null) {
return BadRequest("Invalid session token");
}
// Log out
user.SessionToken = null;
ApplicationState.DbContext!.SaveChanges();
Response.Cookies.Delete("session");
return Ok();
}
[HttpGet("UserInfo")]
[MiddlewareFilter(typeof(AuthenticationMiddlewareBuilder))]
public IActionResult UserInfo()
{
// Get user
var user = ApplicationState.DbContext!.Users.FirstOrDefault(user => user.SessionToken == Request.Cookies["session"]!.ToString());
if (user == null) {
return BadRequest("Invalid session token");
}
var data = new {
username = user.Username,
touchCode = user.TouchCode,
isParent = user.IsParent,
2023-12-19 12:37:13 +00:00
dispenses = user.Dispenses,
};
return new JsonResult(data);
}
2023-12-18 23:49:00 +00:00
[HttpGet("Children")]
[MiddlewareFilter(typeof(ParentMiddlewareBuilder))]
public IActionResult ListChildren()
{
var users = ApplicationState.DbContext!.Users
.Where(user => !user.IsParent)
.Select(user => new {
id = user.Id,
2023-12-19 12:37:13 +00:00
username = user.Username,
2023-12-18 23:49:00 +00:00
dispenses = user.Dispenses,
});
return new JsonResult(users);
}
[HttpPut]
[Route("Children/{id}/Dispenses")]
[MiddlewareFilter(typeof(ParentMiddlewareBuilder))]
public IActionResult UpdateChildDispenses(int id, [FromBody] JsonObject input)
{
int dispenses;
if (!int.TryParse(input["dispenses"]?.ToString(), out dispenses)) {
return BadRequest("Dispenses must be number");
}
if (dispenses < 0) {
return BadRequest("Dispenses cannot be less than 0");
}
var user = ApplicationState.DbContext!.Users.Find(id);
if (user == null) {
return BadRequest("Invalid user ID");
}
user.Dispenses = dispenses;
ApplicationState.DbContext!.SaveChanges();
return Ok();
}
2023-12-06 13:11:11 +00:00
}