diff options
| author | ivarlovlie <git@ivarlovlie.no> | 2022-01-23 11:41:42 +0100 |
|---|---|---|
| committer | ivarlovlie <git@ivarlovlie.no> | 2022-01-23 14:33:05 +0100 |
| commit | ce86d103039b22695b04714ee85e9ef3e1e032b5 (patch) | |
| tree | 557455780de06ceb95dd556ca5ffca0208a1f8ba /src/server/Api/Internal | |
| parent | 89816382424e59ad953b433fbf82c925741b3136 (diff) | |
| download | bookmark-thing-ce86d103039b22695b04714ee85e9ef3e1e032b5.tar.xz bookmark-thing-ce86d103039b22695b04714ee85e9ef3e1e032b5.zip | |
feat(auth): Implements first draft of basic auth gen/validation
Diffstat (limited to 'src/server/Api/Internal')
| -rw-r--r-- | src/server/Api/Internal/Account/CreateTokenRequest.cs | 6 | ||||
| -rw-r--r-- | src/server/Api/Internal/Account/CreateTokenRoute.cs | 28 |
2 files changed, 25 insertions, 9 deletions
diff --git a/src/server/Api/Internal/Account/CreateTokenRequest.cs b/src/server/Api/Internal/Account/CreateTokenRequest.cs index 399bdfc..6839092 100644 --- a/src/server/Api/Internal/Account/CreateTokenRequest.cs +++ b/src/server/Api/Internal/Account/CreateTokenRequest.cs @@ -2,5 +2,9 @@ namespace IOL.BookmarkThing.Server.Api.Internal.Account; public class CreateTokenRequest { - public string Name { get; set; } + public bool AllowRead { get; set; } + public bool AllowCreate { get; set; } + public bool AllowUpdate { get; set; } + public bool AllowDelete { get; set; } + public DateTime ExpiryDate { get; set; } } diff --git a/src/server/Api/Internal/Account/CreateTokenRoute.cs b/src/server/Api/Internal/Account/CreateTokenRoute.cs index ea0e01f..0b30cc0 100644 --- a/src/server/Api/Internal/Account/CreateTokenRoute.cs +++ b/src/server/Api/Internal/Account/CreateTokenRoute.cs @@ -1,11 +1,17 @@ +using System.Text; + namespace IOL.BookmarkThing.Server.Api.Internal.Account; public class CreateTokenRoute : RouteBaseInternalSync.WithRequest<CreateTokenRequest>.WithActionResult { private readonly AppDbContext _context; + private readonly IConfiguration _configuration; + private readonly ILogger<CreateTokenRoute> _logger; - public CreateTokenRoute(AppDbContext context) { + public CreateTokenRoute(AppDbContext context, IConfiguration configuration, ILogger<CreateTokenRoute> logger) { _context = context; + _configuration = configuration; + _logger = logger; } [ApiVersionNeutral] @@ -17,18 +23,24 @@ public class CreateTokenRoute : RouteBaseInternalSync.WithRequest<CreateTokenReq return NotFound(new ErrorResult("User does not exist")); } - if (request.Name.IsNullOrWhiteSpace()) { - return BadRequest(new ErrorResult("Token name is required")); + var token_entropy = _configuration.GetValue<string>("TOKEN_ENTROPY"); + if (token_entropy.IsNullOrWhiteSpace()) { + _logger.LogWarning("No token entropy is available in env:TOKEN_ENTROPY, Basic auth is disabled"); + return NotFound(); } - var token = new AccessToken { + var access_token = new AccessToken { Id = Guid.NewGuid(), - Name = request.Name, - User = user + User = user, + ExpiryDate = request.ExpiryDate.ToUniversalTime(), + AllowCreate = request.AllowCreate, + AllowRead = request.AllowRead, + AllowDelete = request.AllowDelete, + AllowUpdate = request.AllowUpdate }; - _context.AccessTokens.Add(token); + _context.AccessTokens.Add(access_token); _context.SaveChanges(); - return Ok(token); + return Ok(Convert.ToBase64String(Encoding.UTF8.GetBytes(access_token.Id.ToString().EncryptWithAes(token_entropy)))); } } |