diff options
Diffstat (limited to 'src/server/Controllers')
| -rw-r--r-- | src/server/Controllers/AccountController.cs | 76 | ||||
| -rw-r--r-- | src/server/Controllers/BaseController.cs | 27 | ||||
| -rw-r--r-- | src/server/Controllers/TransactionsController.cs | 78 | ||||
| -rw-r--r-- | src/server/Controllers/UsersController.cs | 6 |
4 files changed, 187 insertions, 0 deletions
diff --git a/src/server/Controllers/AccountController.cs b/src/server/Controllers/AccountController.cs new file mode 100644 index 0000000..58bb7b6 --- /dev/null +++ b/src/server/Controllers/AccountController.cs @@ -0,0 +1,76 @@ +using System; +using System.Collections.Generic; +using System.Security.Claims; +using System.Threading.Tasks; +using Microsoft.AspNetCore.Authentication; +using Microsoft.AspNetCore.Authentication.Cookies; +using Microsoft.AspNetCore.Authorization; +using Microsoft.AspNetCore.Mvc; +using Dough.Models; +using Dough.Models.Database; +using Dough.Models.Results; +using Dough.Utilities; + +namespace Dough.Controllers +{ + public class AccountController : BaseController + { + private readonly MainDbContext _context; + + public AccountController(MainDbContext context) + { + _context = context; + } + + [HttpPost("login")] + public async Task<ActionResult> Login(string username, string password) + { + var user = _context.Users.SingleByNameOrDefault(username); + if (user == default) + return BadRequest(new ErrorResult("Ugyldig brukernavn eller passord", + "Verifiser at passord og brukernavn er riktig og prøv igjen")); + + if (!user.VerifyPassword(password)) + return BadRequest(new ErrorResult("Ugyldig brukernavn eller passord", + "Verifiser at passord og brukernavn er riktig")); + + var claims = new List<Claim> + { + new Claim(ClaimTypes.Name, user.Username), + new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()) + }; + + var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme); + var claimsPrincipal = new ClaimsPrincipal(claimsIdentity); + + var authenticationProperties = new AuthenticationProperties + { + IsPersistent = false, + IssuedUtc = DateTime.UtcNow, + AllowRefresh = true, + ExpiresUtc = DateTime.UtcNow.AddDays(7), + }; + + await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, + claimsPrincipal, + authenticationProperties); + + return Ok(); + } + + [HttpGet("logout")] + public async Task<ActionResult> Logout(string continueTo = default) + { + await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme); + if (continueTo.IsPresent() && continueTo.IsValidUrl()) return Redirect(continueTo); + return Ok(); + } + + [Authorize] + [HttpGet("me")] + public ActionResult GetClaimsForUser() + { + return Ok(LoggedInUser); + } + } +} diff --git a/src/server/Controllers/BaseController.cs b/src/server/Controllers/BaseController.cs new file mode 100644 index 0000000..33f1e4b --- /dev/null +++ b/src/server/Controllers/BaseController.cs @@ -0,0 +1,27 @@ +using System;
+using System.Security.Claims;
+using Microsoft.AspNetCore.Mvc;
+using Dough.Models.Database;
+using Dough.Utilities;
+
+namespace Dough.Controllers
+{
+ [ApiController]
+ [Route("api/[controller]")]
+ public class BaseController : ControllerBase
+ {
+ public LoggedInUserModel LoggedInUser => new LoggedInUserModel
+ {
+ Id = User.GetClaimValueOrDefault(ClaimTypes.NameIdentifier)?.ToGuidOrDefault() ?? default,
+ Username = User.GetClaimValueOrDefault(ClaimTypes.Name),
+ SessionStart = User.GetClaimValueOrDefault(ClaimTypes.AuthenticationInstant).ToDateTimeOrDefault()
+ };
+
+ public class LoggedInUserModel
+ {
+ public Guid Id { get; set; }
+ public string Username { get; set; }
+ public DateTime SessionStart { get; set; }
+ }
+ }
+}
diff --git a/src/server/Controllers/TransactionsController.cs b/src/server/Controllers/TransactionsController.cs new file mode 100644 index 0000000..8441beb --- /dev/null +++ b/src/server/Controllers/TransactionsController.cs @@ -0,0 +1,78 @@ +using System; +using System.Linq; +using Microsoft.AspNetCore.Mvc; +using Dough.Models.Database; +using Dough.Models; +using Dough.Models.Exceptions; +using Dough.Models.Results; + +namespace Dough.Controllers +{ + public class TransactionsController : BaseController + { + private readonly MainDbContext _context; + + public TransactionsController(MainDbContext context) + { + _context = context; + } + + [HttpGet] + public ActionResult GetTransactions() + { + var transactions = _context.Transactions.Where(c => !c.Hidden); + return Ok(transactions.ToList()); + } + + [HttpPost("add")] + public ActionResult AddTransaction(Transaction data) + { + data.SetBaseProperties(); + try + { + data.Validate(); + } + catch (Exception e) + { + Console.WriteLine(e); + if (e is ModelValidationException mve) + return BadRequest(mve.ErrorResult); + return BadRequest(new ErrorResult()); + } + + _context.Transactions.Add(data); + _context.SaveChanges(); + return Ok(); + } + + [HttpPost("update")] + public ActionResult UpdateTransaction(Transaction data) + { + try + { + data.Validate(); + } + catch (Exception e) + { + Console.WriteLine(e); + if (e is ModelValidationException mve) + return BadRequest(mve.ErrorResult); + return BadRequest(new ErrorResult()); + } + + var transaction = _context.Transactions.SingleOrDefault(data.Id); + transaction.Update(data); + _context.SaveChanges(); + return Ok(data); + } + + [HttpDelete("delete")] + public ActionResult DeleteTransaction(Transaction data) + { + if (data.Id == default) return BadRequest(new ErrorResult()); + _context.Transactions.Remove(data); + _context.SaveChanges(); + return Ok(); + } + } +} diff --git a/src/server/Controllers/UsersController.cs b/src/server/Controllers/UsersController.cs new file mode 100644 index 0000000..bef8cc2 --- /dev/null +++ b/src/server/Controllers/UsersController.cs @@ -0,0 +1,6 @@ +namespace Dough.Controllers +{ + public class UsersController : BaseController + { + } +} |