feat: start dashboard

2024-10-18 22:13:23 +02:00 · 2024-10-18 22:13:23 +02:00 · ec7aa9faba
commit ec7aa9faba
parent bacbc6db0e
50 changed files with 3624 additions and 18 deletions
--- a/Catalogger.Backend/Api/Middleware/AuthenticationMiddleware.cs
+++ b/Catalogger.Backend/Api/Middleware/AuthenticationMiddleware.cs
@ -0,0 +1,87 @@
+// Copyright (C) 2021-present sam (starshines.gay)
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published
+// by the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+using System.Net;
+using Catalogger.Backend.Database;
+using Catalogger.Backend.Database.Models;
+using Microsoft.EntityFrameworkCore;
+using NodaTime;
+
+namespace Catalogger.Backend.Api.Middleware;
+
+public class AuthenticationMiddleware(DatabaseContext db, IClock clock) : IMiddleware
+{
+    public async Task InvokeAsync(HttpContext ctx, RequestDelegate next)
+    {
+        var endpoint = ctx.GetEndpoint();
+        var supportAuth = endpoint?.Metadata.GetMetadata<AuthenticateAttribute>() != null;
+        var requireAuth = endpoint?.Metadata.GetMetadata<AuthorizeAttribute>() != null;
+
+        if (!supportAuth)
+        {
+            await next(ctx);
+            return;
+        }
+
+        var token = ctx.Request.Headers.Authorization.ToString();
+
+        var apiToken = await db.ApiTokens.FirstOrDefaultAsync(t =>
+            t.DashboardToken == token && t.ExpiresAt > clock.GetCurrentInstant()
+        );
+        if (apiToken == null)
+        {
+            if (requireAuth)
+                throw new ApiError(
+                    HttpStatusCode.Forbidden,
+                    ErrorCode.AuthRequired,
+                    "Authentication required"
+                );
+
+            await next(ctx);
+            return;
+        }
+
+        ctx.SetToken(apiToken);
+        await next(ctx);
+    }
+}
+
+public static class HttpContextExtensions
+{
+    private const string Key = "token";
+
+    public static void SetToken(this HttpContext ctx, ApiToken token) => ctx.Items.Add(Key, token);
+
+    public static ApiToken GetTokenOrThrow(this HttpContext ctx) =>
+        ctx.GetToken()
+        ?? throw new ApiError(
+            HttpStatusCode.Forbidden,
+            ErrorCode.AuthRequired,
+            "No token in HttpContext"
+        );
+
+    public static ApiToken? GetToken(this HttpContext ctx)
+    {
+        if (ctx.Items.TryGetValue(Key, out var token))
+            return token as ApiToken;
+        return null;
+    }
+}
+
+[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method)]
+public class AuthenticateAttribute : Attribute;
+
+[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method)]
+public class AuthorizeAttribute : Attribute;