From b7e39b59fd0fc7b5610ebff29035bf622079e0d8 Mon Sep 17 00:00:00 2001
From: ivarlovlie <git@ivarlovlie.no>
Date: Wed, 5 Oct 2022 20:45:21 +0800
Subject: refactor: Change file structure

---
 .../src/Endpoints/V1/ApiTokens/CreateTokenRoute.cs | 57 ++++++++++++++++++++++
 1 file changed, 57 insertions(+)
 create mode 100644 code/api/src/Endpoints/V1/ApiTokens/CreateTokenRoute.cs

(limited to 'code/api/src/Endpoints/V1/ApiTokens/CreateTokenRoute.cs')

diff --git a/code/api/src/Endpoints/V1/ApiTokens/CreateTokenRoute.cs b/code/api/src/Endpoints/V1/ApiTokens/CreateTokenRoute.cs
new file mode 100644
index 0000000..2086619
--- /dev/null
+++ b/code/api/src/Endpoints/V1/ApiTokens/CreateTokenRoute.cs
@@ -0,0 +1,57 @@
+using System.Text;
+
+namespace IOL.GreatOffice.Api.Endpoints.V1.ApiTokens;
+
+public class CreateTokenRoute : RouteBaseSync.WithRequest<ApiAccessToken.ApiAccessTokenDto>.WithActionResult
+{
+    private readonly AppDbContext _context;
+    private readonly AppConfiguration _configuration;
+    private readonly ILogger<CreateTokenRoute> _logger;
+
+    public CreateTokenRoute(AppDbContext context, VaultService vaultService, ILogger<CreateTokenRoute> logger)
+    {
+        _context = context;
+        _configuration = vaultService.GetCurrentAppConfiguration();
+        _logger = logger;
+    }
+
+    /// <summary>
+    /// Create a new api token with the provided claims.
+    /// </summary>
+    /// <param name="request">The claims to set on the api token</param>
+    /// <returns></returns>
+    [ApiVersion(ApiSpecV1.VERSION_STRING)]
+    [HttpPost("~/v{version:apiVersion}/api-tokens/create")]
+    [ProducesResponseType(200, Type = typeof(string))]
+    [ProducesResponseType(404, Type = typeof(ErrorResult))]
+    public override ActionResult Handle(ApiAccessToken.ApiAccessTokenDto request)
+    {
+        var user = _context.Users.SingleOrDefault(c => c.Id == LoggedInUser.Id);
+        if (user == default)
+        {
+            return NotFound(new ErrorResult("User does not exist"));
+        }
+
+        var token_entropy = _configuration.APP_AES_KEY;
+        if (token_entropy.IsNullOrWhiteSpace())
+        {
+            _logger.LogWarning("No token entropy is available, Basic auth is disabled");
+            return NotFound();
+        }
+
+        var access_token = new ApiAccessToken()
+        {
+            Id = Guid.NewGuid(),
+            User = user,
+            ExpiryDate = request.ExpiryDate.ToUniversalTime(),
+            AllowCreate = request.AllowCreate,
+            AllowRead = request.AllowRead,
+            AllowDelete = request.AllowDelete,
+            AllowUpdate = request.AllowUpdate
+        };
+
+        _context.AccessTokens.Add(access_token);
+        _context.SaveChanges();
+        return Ok(Convert.ToBase64String(Encoding.UTF8.GetBytes(access_token.Id.ToString().EncryptWithAes(token_entropy))));
+    }
+}
-- 
cgit v1.3