feat(backend): move internal endpoints to /api/internal
This commit is contained in:
parent
eac0a17473
commit
06f7019330
GPG key ID:
B4EF20DDE721CAA1
9 changed files with 39 additions and 27 deletions
|
|
@ -1,14 +1,18 @@
|
|||
using System.Web;
|
||||
using Foxnouns.Backend.Database;
|
||||
using Foxnouns.Backend.Extensions;
|
||||
using Foxnouns.Backend.Middleware;
|
||||
using Foxnouns.Backend.Services;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.EntityFrameworkCore;
|
||||
using Newtonsoft.Json;
|
||||
using NodaTime;
|
||||
|
||||
namespace Foxnouns.Backend.Controllers.Authentication;
|
||||
|
||||
[Route("/api/v2/auth")]
|
||||
public class AuthController(Config config, KeyCacheService keyCache, ILogger logger) : ApiControllerBase
|
||||
[Route("/api/internal/auth")]
|
||||
public class AuthController(Config config, DatabaseContext db, KeyCacheService keyCache, ILogger logger)
|
||||
: ApiControllerBase
|
||||
{
|
||||
private readonly ILogger _logger = logger.ForContext<AuthController>();
|
||||
|
||||
|
|
@ -61,4 +65,15 @@ public class AuthController(Config config, KeyCacheService keyCache, ILogger log
|
|||
public record OauthRegisterRequest(string Ticket, string Username);
|
||||
|
||||
public record CallbackRequest(string Code, string State);
|
||||
|
||||
[HttpPost("force-log-out")]
|
||||
[Authorize("identify")]
|
||||
public async Task<IActionResult> ForceLogoutAsync()
|
||||
{
|
||||
_logger.Information("Invalidating all tokens for user {UserId}", CurrentUser!.Id);
|
||||
await db.Tokens.Where(t => t.UserId == CurrentUser.Id)
|
||||
.ExecuteUpdateAsync(s => s.SetProperty(t => t.ManuallyExpired, true));
|
||||
|
||||
return NoContent();
|
||||
}
|
||||
}
|
||||
|
|
@ -10,7 +10,7 @@ using NodaTime;
|
|||
|
||||
namespace Foxnouns.Backend.Controllers.Authentication;
|
||||
|
||||
[Route("/api/v2/auth/discord")]
|
||||
[Route("/api/internal/auth/discord")]
|
||||
public class DiscordAuthController(
|
||||
[UsedImplicitly] Config config,
|
||||
ILogger logger,
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
using Foxnouns.Backend.Database;
|
||||
using Foxnouns.Backend.Database.Models;
|
||||
using Foxnouns.Backend.Extensions;
|
||||
using Foxnouns.Backend.Middleware;
|
||||
using Foxnouns.Backend.Services;
|
||||
using Foxnouns.Backend.Utils;
|
||||
using JetBrains.Annotations;
|
||||
|
|
@ -10,7 +11,7 @@ using NodaTime;
|
|||
|
||||
namespace Foxnouns.Backend.Controllers.Authentication;
|
||||
|
||||
[Route("/api/v2/auth/email")]
|
||||
[Route("/api/internal/auth/email")]
|
||||
public class EmailAuthController(
|
||||
[UsedImplicitly] Config config,
|
||||
DatabaseContext db,
|
||||
|
|
@ -123,6 +124,17 @@ public class EmailAuthController(
|
|||
));
|
||||
}
|
||||
|
||||
[HttpPost("add")]
|
||||
[Authorize("*")]
|
||||
public async Task<IActionResult> AddEmailAddressAsync()
|
||||
{
|
||||
_logger.Information("beep");
|
||||
|
||||
return NoContent();
|
||||
}
|
||||
|
||||
public record AddEmailAddressRequest(string Email, string Password);
|
||||
|
||||
private void CheckRequirements()
|
||||
{
|
||||
if (!config.EmailAuth.Enabled)
|
||||
|
|
|
|||
|
|
@ -1,35 +1,17 @@
|
|||
using System.Text.RegularExpressions;
|
||||
using Foxnouns.Backend.Database;
|
||||
using Foxnouns.Backend.Middleware;
|
||||
using Foxnouns.Backend.Utils;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.AspNetCore.Mvc.Controllers;
|
||||
using Microsoft.AspNetCore.Mvc.Routing;
|
||||
using Microsoft.AspNetCore.Routing.Template;
|
||||
using Microsoft.EntityFrameworkCore;
|
||||
|
||||
namespace Foxnouns.Backend.Controllers;
|
||||
|
||||
[ApiController]
|
||||
[Route("/api/internal")]
|
||||
public partial class InternalController(ILogger logger, DatabaseContext db) : ControllerBase
|
||||
public partial class InternalController(DatabaseContext db) : ControllerBase
|
||||
{
|
||||
private readonly ILogger _logger = logger.ForContext<InternalController>();
|
||||
|
||||
[HttpPost("force-log-out")]
|
||||
[Authenticate]
|
||||
[Authorize("identify")]
|
||||
public async Task<IActionResult> ForceLogoutAsync()
|
||||
{
|
||||
var user = HttpContext.GetUser()!;
|
||||
|
||||
_logger.Information("Invalidating all tokens for user {UserId}", user.Id);
|
||||
await db.Tokens.Where(t => t.UserId == user.Id)
|
||||
.ExecuteUpdateAsync(s => s.SetProperty(t => t.ManuallyExpired, true));
|
||||
|
||||
return NoContent();
|
||||
}
|
||||
|
||||
[GeneratedRegex(@"(\{\w+\})")]
|
||||
private static partial Regex PathVarRegex();
|
||||
|
||||
|
|
|
|||
|
|
@ -27,7 +27,7 @@ public static class AuthUtils
|
|||
|
||||
public static string[] ExpandScopes(this string[] scopes)
|
||||
{
|
||||
if (scopes.Contains("*")) return Scopes;
|
||||
if (scopes.Contains("*")) return ["*", ..Scopes];
|
||||
List<string> expandedScopes = ["identify"];
|
||||
if (scopes.Contains("user")) expandedScopes.AddRange(UserScopes);
|
||||
if (scopes.Contains("member")) expandedScopes.AddRange(MemberScopes);
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@ async function requestInternal(
|
|||
path: string,
|
||||
params: RequestParams = {},
|
||||
): Promise<Response> {
|
||||
const base = params.isInternal ? INTERNAL_API_BASE : API_BASE + "/v2";
|
||||
const base = params.isInternal ? INTERNAL_API_BASE + "/internal" : API_BASE + "/v2";
|
||||
|
||||
const url = `${base}${path}`;
|
||||
const resp = await fetch(url, {
|
||||
|
|
|
|||
|
|
@ -43,6 +43,7 @@ export const loader = async ({ request }: LoaderFunctionArgs) => {
|
|||
|
||||
const resp = await serverRequest<CallbackResponse>("POST", "/auth/discord/callback", {
|
||||
body: { code, state },
|
||||
isInternal: true,
|
||||
});
|
||||
|
||||
if (resp.has_account) {
|
||||
|
|
@ -89,6 +90,7 @@ export const action = async ({ request }: ActionFunctionArgs) => {
|
|||
try {
|
||||
const resp = await serverRequest<AuthResponse>("POST", "/auth/discord/register", {
|
||||
body: { username, ticket },
|
||||
isInternal: true,
|
||||
});
|
||||
|
||||
return redirect("/auth/welcome", {
|
||||
|
|
|
|||
|
|
@ -41,7 +41,7 @@ export const loader = async ({ request }: LoaderFunctionArgs) => {
|
|||
}
|
||||
}
|
||||
|
||||
const urls = await serverRequest<AuthUrls>("POST", "/auth/urls");
|
||||
const urls = await serverRequest<AuthUrls>("POST", "/auth/urls", { isInternal: true });
|
||||
|
||||
return json({
|
||||
meta: { title: t("log-in.title") },
|
||||
|
|
@ -57,6 +57,7 @@ export const action = async ({ request }: ActionFunctionArgs) => {
|
|||
try {
|
||||
const resp = await serverRequest<AuthResponse>("POST", "/auth/email/login", {
|
||||
body: { email, password },
|
||||
isInternal: true,
|
||||
});
|
||||
|
||||
return redirect("/", {
|
||||
|
|
|
|||
|
|
@ -10,7 +10,7 @@ export const action: ActionFunction = async ({ request }) => {
|
|||
headers: { "Set-Cookie": writeCookie(tokenCookieName, "token", 0) },
|
||||
});
|
||||
|
||||
await fastRequest("POST", "/internal/force-log-out", { token, isInternal: true });
|
||||
await fastRequest("POST", "/auth/force-log-out", { token, isInternal: true });
|
||||
|
||||
return redirect("/", {
|
||||
status: 303,
|
||||
|
|
|
|||
Loading…
Reference in a new issue