ReiMerc/temperature-alarm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request 'Jeppe' (#2) from Jeppe into master

Browse Source 
Reviewed-on: #2
This commit is contained in:
Jeppe 2025-03-24 08:45:54 +00:00
commit 007c0e093c
6 changed files with 290 additions and 100 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

63
backend/Api/BusinessLogic/DeviceLogic.cs Normal file
View File

@ -0,0 +1,63 @@
using Api.DBAccess;
using Api.Models;
using Microsoft.AspNetCore.Mvc;
using static System.Runtime.InteropServices.JavaScript.JSType;
namespace Api.BusinessLogic
{
public class DeviceLogic
{
private readonly DbAccess _dbAccess;
private readonly IConfiguration _configuration;
public DeviceLogic(IConfiguration configuration, DbAccess dbAccess)
{
_dbAccess = dbAccess;
_configuration = configuration;
}
public async Task<IActionResult> GetDevices(int userId)
{
var profile = await _dbAccess.ReadUser(userId);
if (profile == null) { return new ConflictObjectResult(new { message = "Could not find user" }); }
var devices = await _dbAccess.ReadDevices(userId);
if (devices.Count == 0) { return new ConflictObjectResult(new { message = "Could not find any devices connected to the user" }); }
return new OkObjectResult(devices);
}
public async Task<IActionResult> AddDevice(Device device, int userId)
{
var profile = await _dbAccess.ReadUser(userId);
if (profile == null) { return new ConflictObjectResult(new { message = "Could not find user" }); }
return await _dbAccess.CreateDevice(device, userId);
}
public async Task<IActionResult> GetLogs(int deviceId)
{
var device = await _dbAccess.ReadDevice(deviceId);
if (device == null) { return new ConflictObjectResult(new { message = "Could not find device" }); }
var logs = await _dbAccess.ReadLogs(deviceId);
if (logs.Count == 0) { return new ConflictObjectResult(new { message = "Could not find any logs connected to the device" }); }
return new OkObjectResult(logs);
}
public async Task<IActionResult> EditDevice(Device device, int deviceId)
{
var device1 = _dbAccess.ReadDevice(deviceId);
if (device1 == null) { return new ConflictObjectResult(new { message = "Could not find device" }); }
return await _dbAccess.UpdateDevice(device, deviceId);
}
}
}

138
backend/Api/BusinessLogic/UserLogic.cs Normal file
View File

@ -0,0 +1,138 @@
using Api.DBAccess;
using Api.Models;
using Microsoft.AspNetCore.Http.HttpResults;
using Microsoft.AspNetCore.Mvc;
using Microsoft.IdentityModel.Tokens;
using System.IdentityModel.Tokens.Jwt;
using System.Security.Claims;
using System.Security.Cryptography;
using System.Text;
using System.Text.RegularExpressions;
namespace Api.BusinessLogic
{
public class UserLogic
{
private readonly DbAccess _dbAccess;
private readonly IConfiguration _configuration;
public UserLogic(IConfiguration configuration, DbAccess dbAccess)
{
_dbAccess = dbAccess;
_configuration = configuration;
}
public async Task<IActionResult> RegisterUser(User user)
{
if (!new Regex(@".+@.+\..+").IsMatch(user.Email))
{
return new ConflictObjectResult(new { message = "Invalid email address" });
}
if (!PasswordSecurity(user.Password))
{
return new ConflictObjectResult(new { message = "Password is not up to the security standard" });
}
if (user.Devices == null)
{
user.Devices = new List<Device>();
}
string salt = Guid.NewGuid().ToString();
string hashedPassword = ComputeHash(user.Password, SHA256.Create(), salt);
user.Salt = salt;
user.Password = hashedPassword;
return await _dbAccess.CreateUser(user);
}
public async Task<IActionResult> Login(Login login)
{
User user = await _dbAccess.Login(login);
if (user == null || user.Id == 0) { return new ConflictObjectResult(new { message = "Could not find user" }); }
string hashedPassword = ComputeHash(login.Password, SHA256.Create(), user.Salt);
if (user.Password == hashedPassword)
{
var token = GenerateJwtToken(user);
return new OkObjectResult(new { token, user.UserName, user.Id });
}
return new ConflictObjectResult(new { message = "Invalid password" });
}
public async Task<IActionResult> EditProfile(User user, int userId)
{
if (!new Regex(@".+@.+\..+").IsMatch(user.Email))
{
return new ConflictObjectResult(new { message = "Invalid email address" });
}
if (!PasswordSecurity(user.Password))
{
return new ConflictObjectResult(new { message = "Password is not up to the security standard" });
}
var profile = await _dbAccess.ReadUser(userId);
string hashedPassword = ComputeHash(user.Password, SHA256.Create(), profile.Salt);
user.Password = hashedPassword;
return await _dbAccess.UpdateUser(user, userId);
}
public async Task<IActionResult> DeleteUser(int userId)
{
return await _dbAccess.DeleteUser(userId);
}
private static string ComputeHash(string input, HashAlgorithm algorithm, string salt)
{
Byte[] inputBytes = Encoding.UTF8.GetBytes(input);
Byte[] saltBytes = Encoding.UTF8.GetBytes(salt);
// Combine salt and input bytes
Byte[] saltedInput = new Byte[saltBytes.Length + inputBytes.Length];
saltBytes.CopyTo(saltedInput, 0);
inputBytes.CopyTo(saltedInput, saltBytes.Length);
Byte[] hashedBytes = algorithm.ComputeHash(saltedInput);
return BitConverter.ToString(hashedBytes);
}
public bool PasswordSecurity(string password)
{
var hasMinimum8Chars = new Regex(@".{8,}");
return hasMinimum8Chars.IsMatch(password);
}
private string GenerateJwtToken(User user)
{
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.Sub, user.Id.ToString()),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(ClaimTypes.Name, user.UserName)
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes
(_configuration["JwtSettings:Key"]));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken(
_configuration["JwtSettings:Issuer"],
_configuration["JwtSettings:Audience"],
claims,
expires: DateTime.Now.AddMinutes(30),
signingCredentials: creds);
return new JwtSecurityTokenHandler().WriteToken(token);
}
}
}

21
backend/Api/Controllers/DeviceController.cs
View File

@ -2,6 +2,7 @@
using Api.Models;
using Api.DBAccess;
using Microsoft.AspNetCore.Authorization;
using Api.BusinessLogic;
namespace Api.Controllers
{
@ -10,46 +11,42 @@ namespace Api.Controllers
public class DeviceController : Controller
{
private readonly DbAccess _dbAccess;
private readonly DeviceLogic _deviceLogic;
public DeviceController(DbAccess dbAccess)
public DeviceController(DbAccess dbAccess, DeviceLogic deviceLogic)
{
_dbAccess = dbAccess;
_deviceLogic = deviceLogic;
}
[Authorize]
[HttpGet]
[HttpGet("{userId}")]
public async Task<IActionResult> GetDevices(int userId)
{
List<Device> devices = await _dbAccess.ReadDevices(userId);
if (devices.Count == 0) { return BadRequest(new { error = "There is no devices that belong to this userID" }); }
return Ok(devices);
return await _deviceLogic.GetDevices(userId);
}
[Authorize]
[HttpPost("adddevice/{userId}")]
public async Task<IActionResult> AddDevice([FromBody] Device device, int userId)
{
bool success = await _dbAccess.CreateDevice(device, userId);
if (!success) { return BadRequest(new { error = "This device already exist" }); }
return Ok();
return await _deviceLogic.AddDevice(device, userId);
}
[Authorize]
[HttpGet("logs/{deviceId}")]
public async Task<IActionResult> GetLogs(int deviceId)
{
List<TemperatureLogs> logs = await _dbAccess.ReadLogs(deviceId);
if (logs.Count == 0) { return BadRequest(new { error = "There is no logs that belong to this deviceId" }); }
return Ok(logs);
return await _deviceLogic.GetLogs(deviceId);
}
[Authorize]
[HttpPut("Edit/{deviceId}")]
public async Task<IActionResult> EditDevice([FromBody] Device device, int deviceId)
{
bool success = await _dbAccess.UpdateDevice(device, deviceId);
if (!success) { return BadRequest(new { error = "Device can't be edited" }); }
return Ok();
return await _deviceLogic.EditDevice(device, deviceId);
}
}
}

48
backend/Api/Controllers/UserController.cs
View File

@ -6,6 +6,7 @@ using System.IdentityModel.Tokens.Jwt;
using System.Security.Claims;
using System.Text;
using Microsoft.AspNetCore.Authorization;
using Api.BusinessLogic;
namespace Api.Controllers
{
@ -13,71 +14,38 @@ namespace Api.Controllers
[Route("api/[controller]")]
public class UserController : Controller
{
private readonly DbAccess _dbAccess;
private readonly IConfiguration _configuration;
private readonly UserLogic _userLogic;
public UserController(IConfiguration configuration, DbAccess dbAccess)
public UserController(UserLogic userLogic)
{
_dbAccess = dbAccess;
_configuration = configuration;
_userLogic = userLogic;
}
[HttpPost("Login")]
public async Task<IActionResult> Login([FromBody] Login login)
{
User user = await _dbAccess.Login(login);
if (user == null || user.Id == 0) { return Unauthorized(new { error = "Invalid username or password" }); }
var token = GenerateJwtToken(user);
return Ok(new { token, user.UserName, user.Id });
return await _userLogic.Login(login);
}
[HttpPost("Create")]
public async Task<IActionResult> CreateUser([FromBody] User user)
{
bool success = await _dbAccess.CreateUser(user);
if (!success) { return BadRequest(new { error = "User can't be created" }); }
return Ok();
return await _userLogic.RegisterUser(user);
}
[Authorize]
[HttpPut("Edit/{userId}")]
public async Task<IActionResult> EditUser([FromBody] User user, int userId)
{
bool success = await _dbAccess.UpdateUser(user, userId);
if (!success) { return BadRequest(new { error = "User can't be edited" }); }
return Ok();
return await _userLogic.EditProfile(user, userId);
}
[Authorize]
[HttpDelete("Delete/{userId}")]
public async Task<IActionResult> DeleteUser(int userId)
{
bool success = await _dbAccess.DeleteUser(userId);
if (!success) { return BadRequest(new { error = "User can't be deleted" }); }
return Ok();
return await _userLogic.DeleteUser(userId);
}
private string GenerateJwtToken(User user)
{
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.Sub, user.Id.ToString()),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(ClaimTypes.Name, user.UserName)
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes
(_configuration["JwtSettings:Key"]));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken(
_configuration["JwtSettings:Issuer"],
_configuration["JwtSettings:Audience"],
claims,
expires: DateTime.Now.AddMinutes(30),
signingCredentials: creds);
return new JwtSecurityTokenHandler().WriteToken(token);
}
}
}

115
backend/Api/DBAccess/DBAccess.cs
View File

@ -3,6 +3,8 @@ using Api.Models;
using System.Text;
using System.Runtime.Intrinsics.Arm;
using System.Security.Cryptography;
using Microsoft.AspNetCore.Mvc;
using static System.Runtime.InteropServices.JavaScript.JSType;
namespace Api.DBAccess
@ -16,29 +18,26 @@ namespace Api.DBAccess
_context = context;
}
public async Task<bool> CreateUser(User user)
public async Task<IActionResult> CreateUser(User user)
{
var users = await _context.Users.ToListAsync();
foreach (var item in users)
{
if (item.UserName == user.UserName || item.Email == user.Email)
if (item.UserName == user.UserName)
{
return false;
return new ConflictObjectResult(new { message = "Username is already in use." });
}
if (item.Email == user.Email)
{
return new ConflictObjectResult(new { message = "Email is being used already" });
}
}
if (user.Devices == null)
{
user.Devices = new List<Device>();
}
string salt = Guid.NewGuid().ToString();
string hashedPassword = ComputeHash(user.Password, SHA256.Create(), salt);
user.Salt = salt;
user.Password = hashedPassword;
_context.Users.Add(user);
return await _context.SaveChangesAsync() == 1;
return new OkObjectResult(await _context.SaveChangesAsync());
}
public async Task<User> Login(Login login)
@ -53,22 +52,34 @@ namespace Api.DBAccess
user = await _context.Users.FirstOrDefaultAsync(u => u.Email == login.EmailOrUsrn);
}
if (user == null) { return new User(); }
string hashedPassword = ComputeHash(user.Password, SHA256.Create(), user.Salt);
if (hashedPassword == user.Password)
{
return user;
}
return new User();
if (user == null || user.Id == 0) { return new User(); }
return user;
}
public async Task<bool> UpdateUser(User user, int userId)
public async Task<User> ReadUser(int userId)
{
return await _context.Users.FirstOrDefaultAsync(u => u.Id == userId);
}
public async Task<IActionResult> UpdateUser(User user, int userId)
{
var profile = await _context.Users.FirstOrDefaultAsync(u => u.Id == userId);
var users = await _context.Users.ToListAsync();
if (profile == null) { return false; }
if (profile == null) { return new ConflictObjectResult(new { message = "User does not exist" }); }
foreach (var item in users)
{
if (item.UserName == user.UserName)
{
return new ConflictObjectResult(new { message = "Username is already in use." });
}
if (item.Email == user.Email)
{
return new ConflictObjectResult(new { message = "Email is being used already" });
}
}
profile.UserName = user.UserName;
@ -76,10 +87,14 @@ namespace Api.DBAccess
profile.Password = user.Password;
return await _context.SaveChangesAsync() == 1;
bool saved = await _context.SaveChangesAsync() == 1;
if (saved) { return new OkObjectResult(profile); }
return new ConflictObjectResult(new { message = "Could not save to database" });
}
public async Task<bool> DeleteUser(int userId)
public async Task<IActionResult> DeleteUser(int userId)
{
var user = await _context.Users.Include(u => u.Devices).FirstOrDefaultAsync(u => u.Id == userId);
if (user != null)
@ -93,9 +108,13 @@ namespace Api.DBAccess
}
}
_context.Users.Remove(user);
return await _context.SaveChangesAsync() == 1;
bool saved = await _context.SaveChangesAsync() == 1;
if (saved) { return new OkObjectResult(saved); }
return new ConflictObjectResult(new { message = "Could not save to database" });
}
return false;
return new ConflictObjectResult(new { message = "Invalid user" });
}
public async Task<List<Device>> ReadDevices(int userId)
@ -109,23 +128,35 @@ namespace Api.DBAccess
return devices;
}
public async Task<bool> CreateDevice(Device device, int userId)
public async Task<IActionResult> CreateDevice(Device device, int userId)
{
var user = await _context.Users.Include(u => u.Devices).FirstOrDefaultAsync(u => u.Id == userId);
if (user == null || user.Devices == null) { return false; }
if (user == null || user.Devices == null) { return new ConflictObjectResult(new { message = "User did not have a device list" }); }
if (device.Logs == null) { device.Logs = new List<TemperatureLogs>(); }
user.Devices.Add(device);
return await _context.SaveChangesAsync() == 1;
bool saved = await _context.SaveChangesAsync() == 1;
if (saved) { return new OkObjectResult(saved); }
return new ConflictObjectResult(new { message = "Could not save to database" });
}
public async Task<bool> UpdateDevice(Device device, int deviceId)
public async Task<Device> ReadDevice(int deviceId)
{
return await _context.Devices.FirstOrDefaultAsync(d => d.Id == deviceId);
}
public async Task<IActionResult> UpdateDevice(Device device, int deviceId)
{
var device1 = await _context.Devices.FirstOrDefaultAsync(u => u.Id == deviceId);
if (device1 == null) { return new ConflictObjectResult(new { message = "Device does not exist" }); }
device1.TempLow = device.TempLow;
device1.TempHigh = device.TempHigh;
@ -134,7 +165,11 @@ namespace Api.DBAccess
device1.Name = device.Name;
return await _context.SaveChangesAsync() == 1;
bool saved = await _context.SaveChangesAsync() == 1;
if (saved) { return new OkObjectResult(device1); }
return new ConflictObjectResult(new { message = "Could not save to database" });
}
public async Task<List<TemperatureLogs>> ReadLogs(int deviceId)
@ -153,19 +188,5 @@ namespace Api.DBAccess
return _context.Database.CanConnect();
}
private static string ComputeHash(string input, HashAlgorithm algorithm, string salt)
{
Byte[] inputBytes = Encoding.UTF8.GetBytes(input);
Byte[] saltBytes = Encoding.UTF8.GetBytes(salt);
// Combine salt and input bytes
Byte[] saltedInput = new Byte[saltBytes.Length + inputBytes.Length];
saltBytes.CopyTo(saltedInput, 0);
inputBytes.CopyTo(saltedInput, saltBytes.Length);
Byte[] hashedBytes = algorithm.ComputeHash(saltedInput);
return BitConverter.ToString(hashedBytes);
}
}
}

5
backend/Api/Startup.cs
View File

@ -1,4 +1,5 @@
using Api.DBAccess;
using Api.BusinessLogic;
using Api.DBAccess;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.EntityFrameworkCore;
using Microsoft.IdentityModel.Tokens;
@ -25,6 +26,8 @@ namespace Api
options.UseSqlite(_configuration.GetConnectionString("Database")));
services.AddScoped<DbAccess>();
services.AddScoped<DeviceLogic>();
services.AddScoped<UserLogic>();
services.AddControllers();