feat: Initial after clean slate

4 files changed, 136 insertions, 0 deletions

diff --git a/server/src/Endpoints/Internal/PasswordResetRequests/CreateResetRequestRoute.cs b/server/src/Endpoints/Internal/PasswordResetRequests/CreateResetRequestRoute.cs
new file mode 100644
index 0000000..3e086f6
--- /dev/null
+++ b/server/src/Endpoints/Internal/PasswordResetRequests/CreateResetRequestRoute.cs
@@ -0,0 +1,59 @@
+namespace IOL.GreatOffice.Api.Endpoints.Internal.PasswordResetRequests;
+
+/// <inheritdoc />
+public class CreateResetRequestRoute : RouteBaseAsync.WithRequest<string>.WithActionResult
+{
+	private readonly ILogger<CreateResetRequestRoute> _logger;
+	private readonly ForgotPasswordService _forgotPasswordService;
+	private readonly AppDbContext _context;
+
+	/// <inheritdoc />
+	public CreateResetRequestRoute(ILogger<CreateResetRequestRoute> logger, ForgotPasswordService forgotPasswordService, AppDbContext context) {
+		_logger = logger;
+		_forgotPasswordService = forgotPasswordService;
+		_context = context;
+	}
+
+	/// <summary>
+	/// Create a new password reset request.
+	/// </summary>
+	/// <param name="username"></param>
+	/// <param name="cancellationToken"></param>
+	/// <returns></returns>
+	[AllowAnonymous]
+	[HttpGet("~/_/forgot-password-requests/create")]
+	public override async Task<ActionResult> HandleAsync(string username, CancellationToken cancellationToken = default) {
+		if (!username.IsValidEmailAddress()) {
+			_logger.LogInformation("Username is invalid, not doing request for password change");
+			return BadRequest(new ErrorResult("Invalid email address", username + " looks like an invalid email address"));
+		}
+
+		Request.Headers.TryGetValue(AppHeaders.BROWSER_TIME_ZONE, out var timeZoneHeader);
+		var tz = TimeZoneInfo.FindSystemTimeZoneById(timeZoneHeader.ToString().HasValue() ? timeZoneHeader.ToString() : "UTC");
+		var offset = tz.BaseUtcOffset.Hours;
+
+		// this is fine as long as the client is not connecting from Australia: Lord Howe Island
+		// according to https://en.wikipedia.org/wiki/Daylight_saving_time_by_country
+		if (tz.IsDaylightSavingTime(DateTime.UtcNow)) {
+			offset++;
+		}
+
+		_logger.LogInformation("Request time zone (" + tz.Id + ") offset is: " + offset + " hours");
+		var requestDateTime = TimeZoneInfo.ConvertTimeFromUtc(DateTime.UtcNow, tz);
+		_logger.LogInformation("Creating forgot password request with date time: " + requestDateTime.ToString("u"));
+
+		try {
+			var user = _context.Users.SingleOrDefault(c => c.Username.Equals(username));
+			if (user != default) {
+				await _forgotPasswordService.AddRequestAsync(user, tz, cancellationToken);
+				return Ok();
+			}
+
+			_logger.LogInformation("User was not found, not doing request for password change");
+			return Ok();
+		} catch (Exception e) {
+			_logger.LogError(e, "ForgotAction failed badly");
+			return Ok();
+		}
+	}
+}
diff --git a/server/src/Endpoints/Internal/PasswordResetRequests/FulfillResetRequestPayload.cs b/server/src/Endpoints/Internal/PasswordResetRequests/FulfillResetRequestPayload.cs
new file mode 100644
index 0000000..f0fb59f
--- /dev/null
+++ b/server/src/Endpoints/Internal/PasswordResetRequests/FulfillResetRequestPayload.cs
@@ -0,0 +1,14 @@
+namespace IOL.GreatOffice.Api.Endpoints.Internal.PasswordResetRequests;
+
+public class FulfillResetRequestPayload
+{
+	/// <summary>
+	/// Id of the password reset request to fulfill
+	/// </summary>
+	public Guid Id { get; set; }
+
+	/// <summary>
+	/// New password to set on the relevant account
+	/// </summary>
+	public string NewPassword { get; set; }
+}
diff --git a/server/src/Endpoints/Internal/PasswordResetRequests/FulfillResetRequestRoute.cs b/server/src/Endpoints/Internal/PasswordResetRequests/FulfillResetRequestRoute.cs
new file mode 100644
index 0000000..e33a4fb
--- /dev/null
+++ b/server/src/Endpoints/Internal/PasswordResetRequests/FulfillResetRequestRoute.cs
@@ -0,0 +1,34 @@
+
+namespace IOL.GreatOffice.Api.Endpoints.Internal.PasswordResetRequests;
+
+/// <inheritdoc />
+public class FulfillResetRequestRoute : RouteBaseAsync.WithRequest<FulfillResetRequestPayload>.WithActionResult
+{
+	private readonly ForgotPasswordService _forgotPasswordService;
+
+	/// <inheritdoc />
+	public FulfillResetRequestRoute(ForgotPasswordService forgotPasswordService) {
+		_forgotPasswordService = forgotPasswordService;
+	}
+
+	/// <summary>
+	/// Fulfill a password reset request.
+	/// </summary>
+	/// <param name="request"></param>
+	/// <param name="cancellationToken"></param>
+	/// <returns></returns>
+	[AllowAnonymous]
+	[HttpPost("~/_/forgot-password-requests/fulfill")]
+	public override async Task<ActionResult> HandleAsync(FulfillResetRequestPayload request, CancellationToken cancellationToken = default) {
+		try {
+			var fulfilled = await _forgotPasswordService.FullFillRequestAsync(request.Id, request.NewPassword, cancellationToken);
+			return Ok(fulfilled);
+		} catch (Exception e) {
+			if (e is ForgotPasswordRequestNotFoundException or UserNotFoundException) {
+				return NotFound();
+			}
+
+			throw;
+		}
+	}
+}
diff --git a/server/src/Endpoints/Internal/PasswordResetRequests/IsResetRequestValidRoute.cs b/server/src/Endpoints/Internal/PasswordResetRequests/IsResetRequestValidRoute.cs
new file mode 100644
index 0000000..9984094
--- /dev/null
+++ b/server/src/Endpoints/Internal/PasswordResetRequests/IsResetRequestValidRoute.cs
@@ -0,0 +1,29 @@
+namespace IOL.GreatOffice.Api.Endpoints.Internal.PasswordResetRequests;
+
+/// <inheritdoc />
+public class IsResetRequestValidRoute : RouteBaseAsync.WithRequest<Guid>.WithActionResult
+{
+	private readonly ForgotPasswordService _forgotPasswordService;
+
+	/// <inheritdoc />
+	public IsResetRequestValidRoute(ForgotPasswordService forgotPasswordService) {
+		_forgotPasswordService = forgotPasswordService;
+	}
+
+	/// <summary>
+	/// Check if a given password reset request is still valid.
+	/// </summary>
+	/// <param name="id"></param>
+	/// <param name="cancellationToken"></param>
+	/// <returns></returns>
+	[AllowAnonymous]
+	[HttpGet("~/_/forgot-password-requests/is-valid")]
+	public override async Task<ActionResult> HandleAsync(Guid id, CancellationToken cancellationToken = default) {
+		var request = await _forgotPasswordService.GetRequestAsync(id, cancellationToken);
+		if (request == default) {
+			return NotFound();
+		}
+
+		return Ok(request.IsExpired == false);
+	}
+}