blob: 6ac356aca7756181ba5ab8e9b042425f03092c9f (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
|
using System.Text;
using IOL.GreatOffice.Api.Models.Database;
namespace IOL.GreatOffice.Api.Endpoints.V1.ApiTokens;
public class CreateTokenRoute : RouteBaseSync.WithRequest<CreateTokenRoute.Payload>.WithActionResult
{
private readonly MainAppDatabase _database;
private readonly AppConfiguration _configuration;
private readonly ILogger<CreateTokenRoute> _logger;
public CreateTokenRoute(MainAppDatabase database, VaultService vaultService, ILogger<CreateTokenRoute> logger) {
_database = database;
_configuration = vaultService.GetCurrentAppConfiguration();
_logger = logger;
}
public class Payload
{
public DateTime ExpiryDate { get; set; }
public bool AllowRead { get; set; }
public bool AllowCreate { get; set; }
public bool AllowUpdate { get; set; }
public bool AllowDelete { get; set; }
}
/// <summary>
/// Create a new api token with the provided claims.
/// </summary>
/// <param name="request">The claims to set on the api token</param>
/// <returns></returns>
[ApiVersion(ApiSpecV1.VERSION_STRING)]
[HttpPost("~/v{version:apiVersion}/api-tokens/create")]
public override ActionResult Handle(Payload request) {
var user = _database.Users.SingleOrDefault(c => c.Id == LoggedInUser.Id);
if (user == default) {
return NotFound(new KnownProblemModel("User does not exist"));
}
var token_entropy = _configuration.APP_AES_KEY;
if (token_entropy.IsNullOrWhiteSpace()) {
_logger.LogWarning("No token entropy is available, Basic auth is disabled");
return NotFound();
}
var accessToken = new ApiAccessToken() {
User = user,
ExpiryDate = request.ExpiryDate.ToUniversalTime(),
AllowCreate = request.AllowCreate,
AllowRead = request.AllowRead,
AllowDelete = request.AllowDelete,
AllowUpdate = request.AllowUpdate
};
_database.AccessTokens.Add(accessToken);
_database.SaveChanges();
return Ok(Convert.ToBase64String(Encoding.UTF8.GetBytes(accessToken.Id.ToString().EncryptWithAes(token_entropy))));
}
}
|
