From 900bb5e845c3ad44defbd427cae3d44a4a43321f Mon Sep 17 00:00:00 2001
From: ivarlovlie <git@ivarlovlie.no>
Date: Sat, 25 Feb 2023 13:15:44 +0100
Subject: feat: Initial commit

---
 .../CreateResetRequestRoute.cs                     | 40 ++++++++++++++++++++++
 .../FulfillResetRequestRoute.cs                    | 36 +++++++++++++++++++
 .../IsResetRequestValidRoute.cs                    | 26 ++++++++++++++
 .../Internal/PasswordResetRequests/_calls.http     | 22 ++++++++++++
 4 files changed, 124 insertions(+)
 create mode 100644 code/api/src/Endpoints/Internal/PasswordResetRequests/CreateResetRequestRoute.cs
 create mode 100644 code/api/src/Endpoints/Internal/PasswordResetRequests/FulfillResetRequestRoute.cs
 create mode 100644 code/api/src/Endpoints/Internal/PasswordResetRequests/IsResetRequestValidRoute.cs
 create mode 100644 code/api/src/Endpoints/Internal/PasswordResetRequests/_calls.http

(limited to 'code/api/src/Endpoints/Internal/PasswordResetRequests')

diff --git a/code/api/src/Endpoints/Internal/PasswordResetRequests/CreateResetRequestRoute.cs b/code/api/src/Endpoints/Internal/PasswordResetRequests/CreateResetRequestRoute.cs
new file mode 100644
index 0000000..c6ed417
--- /dev/null
+++ b/code/api/src/Endpoints/Internal/PasswordResetRequests/CreateResetRequestRoute.cs
@@ -0,0 +1,40 @@
+namespace IOL.GreatOffice.Api.Endpoints.Internal.PasswordResetRequests;
+
+public class CreateResetRequestRoute : RouteBaseAsync.WithRequest<CreateResetRequestRoute.Payload>.WithActionResult
+{
+    private readonly ILogger<CreateResetRequestRoute> _logger;
+    private readonly PasswordResetService _passwordResetService;
+    private readonly MainAppDatabase _database;
+    private readonly IStringLocalizer<SharedResources> _localizer;
+
+    public CreateResetRequestRoute(ILogger<CreateResetRequestRoute> logger, PasswordResetService passwordResetService, MainAppDatabase database, IStringLocalizer<SharedResources> localizer) {
+        _logger = logger;
+        _passwordResetService = passwordResetService;
+        _database = database;
+        _localizer = localizer;
+    }
+
+    public class Payload
+    {
+        public string Email { get; set; }
+    }
+
+    [AllowAnonymous]
+    [HttpPost("~/_/password-reset-request/create")]
+    public override async Task<ActionResult> HandleAsync(Payload payload, CancellationToken cancellationToken = default) {
+        if (payload.Email.IsNullOrWhiteSpace()) {
+            return KnownProblem(_localizer["Invalid form"],
+                _localizer["One or more fields is invalid"],
+                new() {{"email", new string[] {_localizer["Email is a required field"]}}}
+            );
+        }
+
+        var tz = GetRequestTimeZone(_logger);
+        _logger.LogInformation("Creating forgot password request with local date time: " + tz.LocalDateTime.ToString("u"));
+        var user = _database.Users.FirstOrDefault(c => c.Username.Equals(payload.Email));
+        // Don't inform the caller that the user does not exist.
+        if (user == default) return Ok();
+        await _passwordResetService.AddRequestAsync(user, tz.TimeZoneInfo, cancellationToken);
+        return Ok();
+    }
+}
\ No newline at end of file
diff --git a/code/api/src/Endpoints/Internal/PasswordResetRequests/FulfillResetRequestRoute.cs b/code/api/src/Endpoints/Internal/PasswordResetRequests/FulfillResetRequestRoute.cs
new file mode 100644
index 0000000..9cd92bb
--- /dev/null
+++ b/code/api/src/Endpoints/Internal/PasswordResetRequests/FulfillResetRequestRoute.cs
@@ -0,0 +1,36 @@
+namespace IOL.GreatOffice.Api.Endpoints.Internal.PasswordResetRequests;
+
+public class FulfillResetRequestRoute : RouteBaseAsync.WithRequest<FulfillResetRequestRoute.Payload>.WithActionResult
+{
+    private readonly IStringLocalizer<SharedResources> _localizer;
+    private readonly PasswordResetService _passwordResetService;
+
+    public FulfillResetRequestRoute(PasswordResetService passwordResetService, IStringLocalizer<SharedResources> localizer) {
+        _passwordResetService = passwordResetService;
+        _localizer = localizer;
+    }
+
+    public class Payload
+    {
+        public Guid Id { get; set; }
+        public string NewPassword { get; set; }
+    }
+
+    [AllowAnonymous]
+    [HttpPost("~/_/password-reset-request/fulfill")]
+    public override async Task<ActionResult> HandleAsync(Payload request, CancellationToken cancellationToken = default) {
+        if (request.NewPassword.Length < 6) {
+            return KnownProblem(_localizer["Invalid form"],
+                _localizer["One or more fields is invalid"],
+                new Dictionary<string, string[]> {{"newPassword", new string[] {_localizer["The new password needs to be atleast 6 characters"]}}}
+            );
+        }
+
+        return await _passwordResetService.FulfillRequestAsync(request.Id, request.NewPassword, cancellationToken) switch {
+            FulfillPasswordResetRequestResult.REQUEST_NOT_FOUND => NotFound(),
+            FulfillPasswordResetRequestResult.USER_NOT_FOUND => NotFound(),
+            FulfillPasswordResetRequestResult.FULFILLED => Ok(),
+            _ => StatusCode(500)
+        };
+    }
+}
\ No newline at end of file
diff --git a/code/api/src/Endpoints/Internal/PasswordResetRequests/IsResetRequestValidRoute.cs b/code/api/src/Endpoints/Internal/PasswordResetRequests/IsResetRequestValidRoute.cs
new file mode 100644
index 0000000..a87c0a9
--- /dev/null
+++ b/code/api/src/Endpoints/Internal/PasswordResetRequests/IsResetRequestValidRoute.cs
@@ -0,0 +1,26 @@
+namespace IOL.GreatOffice.Api.Endpoints.Internal.PasswordResetRequests;
+
+public class IsResetRequestValidRoute : RouteBaseAsync.WithRequest<Guid>.WithActionResult<IsResetRequestValidRoute.ResponseModel>
+{
+    private readonly PasswordResetService _passwordResetService;
+
+    public IsResetRequestValidRoute(PasswordResetService passwordResetService) {
+        _passwordResetService = passwordResetService;
+    }
+
+    public class ResponseModel
+    {
+        public ResponseModel(bool isValid) {
+            IsValid = isValid;
+        }
+
+        public bool IsValid { get; }
+    }
+
+    [AllowAnonymous]
+    [HttpGet("~/_/password-reset-request/is-valid")]
+    public override async Task<ActionResult<ResponseModel>> HandleAsync(Guid id, CancellationToken cancellationToken = default) {
+        var request = await _passwordResetService.GetRequestAsync(id, cancellationToken);
+        return Ok(request == default ? new ResponseModel(false) : new ResponseModel(!request.IsExpired));
+    }
+}
\ No newline at end of file
diff --git a/code/api/src/Endpoints/Internal/PasswordResetRequests/_calls.http b/code/api/src/Endpoints/Internal/PasswordResetRequests/_calls.http
new file mode 100644
index 0000000..cfd2d58
--- /dev/null
+++ b/code/api/src/Endpoints/Internal/PasswordResetRequests/_calls.http
@@ -0,0 +1,22 @@
+### Create request
+POST http://localhost:5000/_/password-reset-request/create
+Accept: application/json
+Content-Type: application/json
+
+{
+  "email": ""
+}
+
+### Fulfill request
+POST http://localhost:5000/_/password-reset-request/fulfill
+Accept: application/json
+Content-Type: application/json
+
+{
+  "id": "",
+  "newPassword": ""
+}
+
+### Is request valid
+GET http://localhost:5000/_/password-reset-request/is-valid?id=
+Accept: application/json
-- 
cgit v1.3