-
Notifications
You must be signed in to change notification settings - Fork 155
/
Copy pathAuthController.cs
129 lines (111 loc) · 4.92 KB
/
AuthController.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
using Application.Features.Auth.Commands.EnableEmailAuthenticator;
using Application.Features.Auth.Commands.EnableOtpAuthenticator;
using Application.Features.Auth.Commands.Login;
using Application.Features.Auth.Commands.RefreshToken;
using Application.Features.Auth.Commands.Register;
using Application.Features.Auth.Commands.RevokeToken;
using Application.Features.Auth.Commands.VerifyEmailAuthenticator;
using Application.Features.Auth.Commands.VerifyOtpAuthenticator;
using Domain.Entities;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.ModelBinding;
using NArchitecture.Core.Application.Dtos;
namespace WebAPI.Controllers;
[Route("api/[controller]")]
[ApiController]
public class AuthController : BaseController
{
private readonly WebApiConfiguration _configuration;
public AuthController(IConfiguration configuration)
{
const string configurationSection = "WebAPIConfiguration";
_configuration =
configuration.GetSection(configurationSection).Get<WebApiConfiguration>()
?? throw new NullReferenceException($"\"{configurationSection}\" section cannot found in configuration.");
}
[HttpPost("Login")]
public async Task<IActionResult> Login([FromBody] UserForLoginDto userForLoginDto)
{
LoginCommand loginCommand = new() { UserForLoginDto = userForLoginDto, IpAddress = getIpAddress() };
LoggedResponse result = await Mediator.Send(loginCommand);
if (result.RefreshToken is not null)
setRefreshTokenToCookie(result.RefreshToken);
return Ok(result.ToHttpResponse());
}
[HttpPost("Register")]
public async Task<IActionResult> Register([FromBody] UserForRegisterDto userForRegisterDto)
{
RegisterCommand registerCommand = new() { UserForRegisterDto = userForRegisterDto, IpAddress = getIpAddress() };
RegisteredResponse result = await Mediator.Send(registerCommand);
setRefreshTokenToCookie(result.RefreshToken);
return Created(uri: "", result.AccessToken);
}
[HttpGet("RefreshToken")]
public async Task<IActionResult> RefreshToken()
{
RefreshTokenCommand refreshTokenCommand =
new() { RefreshToken = getRefreshTokenFromCookies(), IpAddress = getIpAddress() };
RefreshedTokensResponse result = await Mediator.Send(refreshTokenCommand);
setRefreshTokenToCookie(result.RefreshToken);
return Created(uri: "", result.AccessToken);
}
[HttpPut("RevokeToken")]
public async Task<IActionResult> RevokeToken([FromBody(EmptyBodyBehavior = EmptyBodyBehavior.Allow)] string? refreshToken)
{
RevokeTokenCommand revokeTokenCommand =
new() { Token = refreshToken ?? getRefreshTokenFromCookies(), IpAddress = getIpAddress() };
RevokedTokenResponse result = await Mediator.Send(revokeTokenCommand);
return Ok(result);
}
[HttpGet("EnableEmailAuthenticator")]
public async Task<IActionResult> EnableEmailAuthenticator()
{
EnableEmailAuthenticatorCommand enableEmailAuthenticatorCommand =
new()
{
UserId = getUserIdFromRequest(),
VerifyEmailUrlPrefix = $"{_configuration.ApiDomain}/Auth/VerifyEmailAuthenticator"
};
await Mediator.Send(enableEmailAuthenticatorCommand);
return Ok();
}
[HttpGet("EnableOtpAuthenticator")]
public async Task<IActionResult> EnableOtpAuthenticator()
{
EnableOtpAuthenticatorCommand enableOtpAuthenticatorCommand = new() { UserId = getUserIdFromRequest() };
EnabledOtpAuthenticatorResponse result = await Mediator.Send(enableOtpAuthenticatorCommand);
return Ok(result);
}
[HttpGet("VerifyEmailAuthenticator")]
public async Task<IActionResult> VerifyEmailAuthenticator(
[FromQuery] VerifyEmailAuthenticatorCommand verifyEmailAuthenticatorCommand
)
{
await Mediator.Send(verifyEmailAuthenticatorCommand);
return Ok();
}
[HttpPost("VerifyOtpAuthenticator")]
public async Task<IActionResult> VerifyOtpAuthenticator([FromBody] string authenticatorCode)
{
VerifyOtpAuthenticatorCommand verifyEmailAuthenticatorCommand =
new() { UserId = getUserIdFromRequest(), ActivationCode = authenticatorCode };
await Mediator.Send(verifyEmailAuthenticatorCommand);
return Ok();
}
private string getRefreshTokenFromCookies()
{
return Request.Cookies["refreshToken"] ?? throw new ArgumentException("Refresh token is not found in request cookies.");
}
private void setRefreshTokenToCookie(RefreshToken refreshToken)
{
CookieOptions cookieOptions =
new()
{
HttpOnly = true,
Secure = true,
SameSite = SameSiteMode.None,
Expires = DateTime.UtcNow.AddDays(7)
};
Response.Cookies.Append(key: "refreshToken", refreshToken.Token, cookieOptions);
}
}