WIP list children

2023-12-19 00:49:00 +01:00 · 2023-12-19 00:49:00 +01:00 · ced67bfe43
commit ced67bfe43
parent f0c1fe2457
2 changed files with 63 additions and 0 deletions
--- a/backend/Controllers/UserController.cs
+++ b/backend/Controllers/UserController.cs
@ -125,4 +125,18 @@ public class UserController : ControllerBase

 		return new JsonResult(data);
 	}
+
+	[HttpGet("Children")]
+	[MiddlewareFilter(typeof(ParentMiddlewareBuilder))]
+	public IActionResult ListChildren()
+	{
+		var users = ApplicationState.DbContext!.Users
+			.Where(user => !user.IsParent)
+			.Select(user => new {
+				username => user.Username,
+				dispenses = user.Dispenses,
+			});
+
+		return new JsonResult(users);
+	}
 }
--- a/backend/Middleware/ParentMiddleware.cs
+++ b/backend/Middleware/ParentMiddleware.cs
@ -0,0 +1,49 @@
+using backend.Application;
+
+namespace backend.Middleware;
+
+public class ParentMiddleware
+{
+	private readonly RequestDelegate _next;
+
+	public ParentMiddleware(RequestDelegate next)
+	{
+		_next = next;
+	}
+
+	public async Task InvokeAsync(HttpContext context)
+	{
+		if (context.Request.Cookies["session"] == null) {
+			context.Response.Clear();
+			context.Response.StatusCode = 401;
+			await context.Response.WriteAsync("You are not logged in");
+			return;
+		}
+
+		var user = ApplicationState.DbContext!.Users.FirstOrDefault(user => user.SessionToken == context.Request.Cookies["session"]!.ToString());
+		if (user == null) {
+			context.Response.Clear();
+			context.Response.StatusCode = 401;
+			await context.Response.WriteAsync("Invalid session token");
+			return;
+		}
+
+		if (!user.IsParent) {
+			context.Response.Clear();
+			context.Response.StatusCode = 403;
+			await context.Response.WriteAsync("You are not a parent");
+			return;
+		}
+
+		await _next(context);
+	}
+}
+
+public class ParentMiddlewareBuilder
+{
+	public void Configure(IApplicationBuilder app)
+	{
+		app.UseMiddleware<ParentMiddleware>();
+	}
+}
+