sam/Foxnouns.NET
sam/Foxnouns.NET
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages 2 Wiki Activity Actions

refactor(backend): use explicit types instead of var by default

Browse source
This commit is contained in:
sam 2024-12-08 15:07:25 +01:00
parent bc7fd6d804
commit 649988db25
Signed by: sam
GPG key ID: B4EF20DDE721CAA1
52 changed files with 506 additions and 420 deletions
Download patch file Download diff file Expand all files Collapse all files

10
Foxnouns.Backend/BuildInfo.cs
View file

@ -7,19 +7,21 @@ public static class BuildInfo
public static async Task ReadBuildInfo()
{
await using var stream = typeof(BuildInfo).Assembly.GetManifestResourceStream("version");
await using Stream? stream = typeof(BuildInfo).Assembly.GetManifestResourceStream(
"version"
);
if (stream == null)
return;
using var reader = new StreamReader(stream);
var data = (await reader.ReadToEndAsync()).Trim().Split("\n");
string[] data = (await reader.ReadToEndAsync()).Trim().Split("\n");
if (data.Length < 3)
return;
Hash = data[0];
var dirty = data[2] == "dirty";
bool dirty = data[2] == "dirty";
var versionData = data[1].Split("-");
string[] versionData = data[1].Split("-");
if (versionData.Length < 3)
return;
Version = versionData[0];

12
Foxnouns.Backend/Controllers/Authentication/AuthController.cs
View file

@ -33,14 +33,16 @@ public class AuthController(
config.GoogleAuth.Enabled,
config.TumblrAuth.Enabled
);
var state = HttpUtility.UrlEncode(await keyCacheService.GenerateAuthStateAsync(ct));
string state = HttpUtility.UrlEncode(await keyCacheService.GenerateAuthStateAsync(ct));
string? discord = null;
if (config.DiscordAuth is { ClientId: not null, ClientSecret: not null })
{
discord =
$"https://discord.com/oauth2/authorize?response_type=code"
+ $"&client_id={config.DiscordAuth.ClientId}&scope=identify"
+ $"&prompt=none&state={state}"
+ $"&redirect_uri={HttpUtility.UrlEncode($"{config.BaseUrl}/auth/callback/discord")}";
}
return Ok(new UrlsResponse(config.EmailAuth.Enabled, discord, null, null));
}
@ -86,7 +88,7 @@ public class AuthController(
)]
public async Task<IActionResult> GetAuthMethodAsync(Snowflake id)
{
var authMethod = await db
AuthMethod? authMethod = await db
.AuthMethods.Include(a => a.FediverseApplication)
.FirstOrDefaultAsync(a => a.UserId == CurrentUser!.Id && a.Id == id);
if (authMethod == null)
@ -99,17 +101,19 @@ public class AuthController(
[Authorize("*")]
public async Task<IActionResult> DeleteAuthMethodAsync(Snowflake id)
{
var authMethods = await db
List<AuthMethod> authMethods = await db
.AuthMethods.Where(a => a.UserId == CurrentUser!.Id)
.ToListAsync();
if (authMethods.Count < 2)
{
throw new ApiError(
"You cannot remove your last authentication method.",
HttpStatusCode.BadRequest,
ErrorCode.LastAuthMethod
);
}
var authMethod = authMethods.FirstOrDefault(a => a.Id == id);
AuthMethod? authMethod = authMethods.FirstOrDefault(a => a.Id == id);
if (authMethod == null)
throw new ApiError.NotFound("No authentication method with that ID found.");

40
Foxnouns.Backend/Controllers/Authentication/DiscordAuthController.cs
View file

@ -34,8 +34,10 @@ public class DiscordAuthController(
CheckRequirements();
await keyCacheService.ValidateAuthStateAsync(req.State);
var remoteUser = await remoteAuthService.RequestDiscordTokenAsync(req.Code);
var user = await authService.AuthenticateUserAsync(AuthType.Discord, remoteUser.Id);
RemoteAuthService.RemoteUser remoteUser = await remoteAuthService.RequestDiscordTokenAsync(
req.Code
);
User? user = await authService.AuthenticateUserAsync(AuthType.Discord, remoteUser.Id);
if (user != null)
return Ok(await authService.GenerateUserTokenAsync(user));
@ -45,23 +47,14 @@ public class DiscordAuthController(
remoteUser.Id
);
var ticket = AuthUtils.RandomToken();
string ticket = AuthUtils.RandomToken();
await keyCacheService.SetKeyAsync(
$"discord:{ticket}",
remoteUser,
Duration.FromMinutes(20)
);
return Ok(
new CallbackResponse(
HasAccount: false,
Ticket: ticket,
RemoteUsername: remoteUser.Username,
User: null,
Token: null,
ExpiresAt: null
)
);
return Ok(new CallbackResponse(false, ticket, remoteUser.Username, null, null, null));
}
[HttpPost("register")]
@ -70,9 +63,10 @@ public class DiscordAuthController(
[FromBody] AuthController.OauthRegisterRequest req
)
{
var remoteUser = await keyCacheService.GetKeyAsync<RemoteAuthService.RemoteUser>(
$"discord:{req.Ticket}"
);
RemoteAuthService.RemoteUser? remoteUser =
await keyCacheService.GetKeyAsync<RemoteAuthService.RemoteUser>(
$"discord:{req.Ticket}"
);
if (remoteUser == null)
throw new ApiError.BadRequest("Invalid ticket", "ticket", req.Ticket);
if (
@ -88,7 +82,7 @@ public class DiscordAuthController(
throw new ApiError.BadRequest("Invalid ticket", "ticket", req.Ticket);
}
var user = await authService.CreateUserWithRemoteAuthAsync(
User user = await authService.CreateUserWithRemoteAuthAsync(
req.Username,
AuthType.Discord,
remoteUser.Id,
@ -104,12 +98,12 @@ public class DiscordAuthController(
{
CheckRequirements();
var state = await remoteAuthService.ValidateAddAccountRequestAsync(
string state = await remoteAuthService.ValidateAddAccountRequestAsync(
CurrentUser!.Id,
AuthType.Discord
);
var url =
string url =
$"https://discord.com/oauth2/authorize?response_type=code"
+ $"&client_id={config.DiscordAuth.ClientId}&scope=identify"
+ $"&prompt=none&state={state}"
@ -132,10 +126,12 @@ public class DiscordAuthController(
AuthType.Discord
);
var remoteUser = await remoteAuthService.RequestDiscordTokenAsync(req.Code);
RemoteAuthService.RemoteUser remoteUser = await remoteAuthService.RequestDiscordTokenAsync(
req.Code
);
try
{
var authMethod = await authService.AddAuthMethodAsync(
AuthMethod authMethod = await authService.AddAuthMethodAsync(
CurrentUser.Id,
AuthType.Discord,
remoteUser.Id,
@ -169,8 +165,10 @@ public class DiscordAuthController(
private void CheckRequirements()
{
if (!config.DiscordAuth.Enabled)
{
throw new ApiError.BadRequest(
"Discord authentication is not enabled on this instance."
);
}
}
}

67
Foxnouns.Backend/Controllers/Authentication/EmailAuthController.cs
View file

@ -39,11 +39,7 @@ public class EmailAuthController(
if (!req.Email.Contains('@'))
throw new ApiError.BadRequest("Email is invalid", "email", req.Email);
var state = await keyCacheService.GenerateRegisterEmailStateAsync(
req.Email,
userId: null,
ct
);
string state = await keyCacheService.GenerateRegisterEmailStateAsync(req.Email, null, ct);
// If there's already a user with that email address, pretend we sent an email but actually ignore it
if (
@ -63,23 +59,14 @@ public class EmailAuthController(
{
CheckRequirements();
var state = await keyCacheService.GetRegisterEmailStateAsync(req.State);
RegisterEmailState? state = await keyCacheService.GetRegisterEmailStateAsync(req.State);
if (state is not { ExistingUserId: null })
throw new ApiError.BadRequest("Invalid state", "state", req.State);
var ticket = AuthUtils.RandomToken();
string ticket = AuthUtils.RandomToken();
await keyCacheService.SetKeyAsync($"email:{ticket}", state.Email, Duration.FromMinutes(20));
return Ok(
new CallbackResponse(
HasAccount: false,
Ticket: ticket,
RemoteUsername: state.Email,
User: null,
Token: null,
ExpiresAt: null
)
);
return Ok(new CallbackResponse(false, ticket, state.Email, null, null, null));
}
[HttpPost("register")]
@ -89,14 +76,18 @@ public class EmailAuthController(
{
CheckRequirements();
var email = await keyCacheService.GetKeyAsync($"email:{req.Ticket}");
string? email = await keyCacheService.GetKeyAsync($"email:{req.Ticket}");
if (email == null)
throw new ApiError.BadRequest("Unknown ticket", "ticket", req.Ticket);
var user = await authService.CreateUserWithPasswordAsync(req.Username, email, req.Password);
var frontendApp = await db.GetFrontendApplicationAsync();
User user = await authService.CreateUserWithPasswordAsync(
req.Username,
email,
req.Password
);
Application frontendApp = await db.GetFrontendApplicationAsync();
var (tokenStr, token) = authService.GenerateToken(
(string? tokenStr, Token? token) = authService.GenerateToken(
user,
frontendApp,
["*"],
@ -110,7 +101,7 @@ public class EmailAuthController(
return Ok(
new AuthController.AuthResponse(
await userRenderer.RenderUserAsync(user, selfUser: user, renderMembers: false),
await userRenderer.RenderUserAsync(user, user, renderMembers: false),
tokenStr,
token.ExpiresAt
)
@ -126,19 +117,16 @@ public class EmailAuthController(
{
CheckRequirements();
var (user, authenticationResult) = await authService.AuthenticateUserAsync(
req.Email,
req.Password,
ct
);
(User? user, AuthService.EmailAuthenticationResult authenticationResult) =
await authService.AuthenticateUserAsync(req.Email, req.Password, ct);
if (authenticationResult == AuthService.EmailAuthenticationResult.MfaRequired)
throw new NotImplementedException("MFA is not implemented yet");
var frontendApp = await db.GetFrontendApplicationAsync(ct);
Application frontendApp = await db.GetFrontendApplicationAsync(ct);
_logger.Debug("Logging user {Id} in with email and password", user.Id);
var (tokenStr, token) = authService.GenerateToken(
(string? tokenStr, Token? token) = authService.GenerateToken(
user,
frontendApp,
["*"],
@ -152,12 +140,7 @@ public class EmailAuthController(
return Ok(
new AuthController.AuthResponse(
await userRenderer.RenderUserAsync(
user,
selfUser: user,
renderMembers: false,
ct: ct
),
await userRenderer.RenderUserAsync(user, user, renderMembers: false, ct: ct),
tokenStr,
token.ExpiresAt
)
@ -184,7 +167,7 @@ public class EmailAuthController(
{
CheckRequirements();
var emails = await db
List<AuthMethod> emails = await db
.AuthMethods.Where(m => m.UserId == CurrentUser!.Id && m.AuthType == AuthType.Email)
.ToListAsync();
if (emails.Count > AuthUtils.MaxAuthMethodsPerType)
@ -207,12 +190,12 @@ public class EmailAuthController(
await db.SaveChangesAsync();
}
var state = await keyCacheService.GenerateRegisterEmailStateAsync(
string state = await keyCacheService.GenerateRegisterEmailStateAsync(
req.Email,
userId: CurrentUser!.Id
CurrentUser!.Id
);
var emailExists = await db
bool emailExists = await db
.AuthMethods.Where(m => m.AuthType == AuthType.Email && m.RemoteId == req.Email)
.AnyAsync();
if (emailExists)
@ -230,13 +213,13 @@ public class EmailAuthController(
{
CheckRequirements();
var state = await keyCacheService.GetRegisterEmailStateAsync(req.State);
RegisterEmailState? state = await keyCacheService.GetRegisterEmailStateAsync(req.State);
if (state?.ExistingUserId != CurrentUser!.Id)
throw new ApiError.BadRequest("Invalid state", "state", req.State);
try
{
var authMethod = await authService.AddAuthMethodAsync(
AuthMethod authMethod = await authService.AddAuthMethodAsync(
CurrentUser.Id,
AuthType.Email,
state.Email
@ -252,7 +235,7 @@ public class EmailAuthController(
authMethod.Id,
AuthType.Email,
authMethod.RemoteId,
RemoteUsername: null
null
)
);
}

52
Foxnouns.Backend/Controllers/Authentication/FediverseAuthController.cs
View file

@ -34,7 +34,7 @@ public class FediverseAuthController(
if (instance.Any(c => c is '@' or ':' or '/') || !instance.Contains('.'))
throw new ApiError.BadRequest("Not a valid domain.", "instance", instance);
var url = await fediverseAuthService.GenerateAuthUrlAsync(instance, forceRefresh);
string url = await fediverseAuthService.GenerateAuthUrlAsync(instance, forceRefresh);
return Ok(new AuthController.SingleUrlResponse(url));
}
@ -42,22 +42,19 @@ public class FediverseAuthController(
[ProducesResponseType<CallbackResponse>(statusCode: StatusCodes.Status200OK)]
public async Task<IActionResult> FediverseCallbackAsync([FromBody] CallbackRequest req)
{
var app = await fediverseAuthService.GetApplicationAsync(req.Instance);
var remoteUser = await fediverseAuthService.GetRemoteFediverseUserAsync(
app,
req.Code,
req.State
);
FediverseApplication app = await fediverseAuthService.GetApplicationAsync(req.Instance);
FediverseAuthService.FediverseUser remoteUser =
await fediverseAuthService.GetRemoteFediverseUserAsync(app, req.Code, req.State);
var user = await authService.AuthenticateUserAsync(
User? user = await authService.AuthenticateUserAsync(
AuthType.Fediverse,
remoteUser.Id,
instance: app
app
);
if (user != null)
return Ok(await authService.GenerateUserTokenAsync(user));
var ticket = AuthUtils.RandomToken();
string ticket = AuthUtils.RandomToken();
await keyCacheService.SetKeyAsync(
$"fediverse:{ticket}",
new FediverseTicketData(app.Id, remoteUser),
@ -66,12 +63,12 @@ public class FediverseAuthController(
return Ok(
new CallbackResponse(
HasAccount: false,
Ticket: ticket,
RemoteUsername: $"@{remoteUser.Username}@{app.Domain}",
User: null,
Token: null,
ExpiresAt: null
false,
ticket,
$"@{remoteUser.Username}@{app.Domain}",
null,
null,
null
)
);
}
@ -82,14 +79,16 @@ public class FediverseAuthController(
[FromBody] AuthController.OauthRegisterRequest req
)
{
var ticketData = await keyCacheService.GetKeyAsync<FediverseTicketData>(
FediverseTicketData? ticketData = await keyCacheService.GetKeyAsync<FediverseTicketData>(
$"fediverse:{req.Ticket}",
delete: true
true
);
if (ticketData == null)
throw new ApiError.BadRequest("Invalid ticket", "ticket", req.Ticket);
var app = await db.FediverseApplications.FindAsync(ticketData.ApplicationId);
FediverseApplication? app = await db.FediverseApplications.FindAsync(
ticketData.ApplicationId
);
if (app == null)
throw new FoxnounsError("Null application found for ticket");
@ -111,12 +110,12 @@ public class FediverseAuthController(
throw new ApiError.BadRequest("Invalid ticket", "ticket", req.Ticket);
}
var user = await authService.CreateUserWithRemoteAuthAsync(
User user = await authService.CreateUserWithRemoteAuthAsync(
req.Username,
AuthType.Fediverse,
ticketData.User.Id,
ticketData.User.Username,
instance: app
app
);
return Ok(await authService.GenerateUserTokenAsync(user));
@ -132,13 +131,13 @@ public class FediverseAuthController(
if (instance.Any(c => c is '@' or ':' or '/') || !instance.Contains('.'))
throw new ApiError.BadRequest("Not a valid domain.", "instance", instance);
var state = await remoteAuthService.ValidateAddAccountRequestAsync(
string state = await remoteAuthService.ValidateAddAccountRequestAsync(
CurrentUser!.Id,
AuthType.Fediverse,
instance
);
var url = await fediverseAuthService.GenerateAuthUrlAsync(instance, forceRefresh, state);
string url = await fediverseAuthService.GenerateAuthUrlAsync(instance, forceRefresh, state);
return Ok(new AuthController.SingleUrlResponse(url));
}
@ -153,11 +152,12 @@ public class FediverseAuthController(
req.Instance
);
var app = await fediverseAuthService.GetApplicationAsync(req.Instance);
var remoteUser = await fediverseAuthService.GetRemoteFediverseUserAsync(app, req.Code);
FediverseApplication app = await fediverseAuthService.GetApplicationAsync(req.Instance);
FediverseAuthService.FediverseUser remoteUser =
await fediverseAuthService.GetRemoteFediverseUserAsync(app, req.Code);
try
{
var authMethod = await authService.AddAuthMethodAsync(
AuthMethod authMethod = await authService.AddAuthMethodAsync(
CurrentUser.Id,
AuthType.Fediverse,
remoteUser.Id,

2
Foxnouns.Backend/Controllers/ExportsController.cs
View file

@ -25,7 +25,7 @@ public class ExportsController(
[HttpGet]
public async Task<IActionResult> GetDataExportsAsync()
{
var export = await db
DataExport? export = await db
.DataExports.Where(d => d.UserId == CurrentUser!.Id)
.OrderByDescending(d => d.Id)
.FirstOrDefaultAsync();

18
Foxnouns.Backend/Controllers/FlagsController.cs
View file

@ -1,5 +1,6 @@
using Coravel.Queuing.Interfaces;
using Foxnouns.Backend.Database;
using Foxnouns.Backend.Database.Models;
using Foxnouns.Backend.Extensions;
using Foxnouns.Backend.Jobs;
using Foxnouns.Backend.Middleware;
@ -7,6 +8,7 @@ using Foxnouns.Backend.Services;
using Foxnouns.Backend.Utils;
using Microsoft.AspNetCore.Mvc;
using Microsoft.EntityFrameworkCore;
using Microsoft.EntityFrameworkCore.Storage;
namespace Foxnouns.Backend.Controllers;
@ -29,7 +31,9 @@ public class FlagsController(
)]
public async Task<IActionResult> GetFlagsAsync(CancellationToken ct = default)
{
var flags = await db.PrideFlags.Where(f => f.UserId == CurrentUser!.Id).ToListAsync(ct);
List<PrideFlag> flags = await db
.PrideFlags.Where(f => f.UserId == CurrentUser!.Id)
.ToListAsync(ct);
return Ok(flags.Select(userRenderer.RenderPrideFlag));
}
@ -43,7 +47,7 @@ public class FlagsController(
{
ValidationUtils.Validate(ValidateFlag(req.Name, req.Description, req.Image));
var id = snowflakeGenerator.GenerateSnowflake();
Snowflake id = snowflakeGenerator.GenerateSnowflake();
queue.QueueInvocableWithPayload<CreateFlagInvocable, CreateFlagPayload>(
new CreateFlagPayload(id, CurrentUser!.Id, req.Name, req.Image, req.Description)
@ -62,7 +66,7 @@ public class FlagsController(
{
ValidationUtils.Validate(ValidateFlag(req.Name, req.Description, null));
var flag = await db.PrideFlags.FirstOrDefaultAsync(f =>
PrideFlag? flag = await db.PrideFlags.FirstOrDefaultAsync(f =>
f.Id == id && f.UserId == CurrentUser!.Id
);
if (flag == null)
@ -90,20 +94,20 @@ public class FlagsController(
[Authorize("user.update")]
public async Task<IActionResult> DeleteFlagAsync(Snowflake id)
{
await using var tx = await db.Database.BeginTransactionAsync();
await using IDbContextTransaction tx = await db.Database.BeginTransactionAsync();
var flag = await db.PrideFlags.FirstOrDefaultAsync(f =>
PrideFlag? flag = await db.PrideFlags.FirstOrDefaultAsync(f =>
f.Id == id && f.UserId == CurrentUser!.Id
);
if (flag == null)
throw new ApiError.NotFound("Unknown flag ID, or it's not your flag.");
var hash = flag.Hash;
string hash = flag.Hash;
db.PrideFlags.Remove(flag);
await db.SaveChangesAsync();
var flagCount = await db.PrideFlags.CountAsync(f => f.Hash == flag.Hash);
int flagCount = await db.PrideFlags.CountAsync(f => f.Hash == flag.Hash);
if (flagCount == 0)
{
try

23
Foxnouns.Backend/Controllers/InternalController.cs
View file

@ -44,21 +44,22 @@ public partial class InternalController(DatabaseContext db) : ControllerBase
[HttpPost("request-data")]
public async Task<IActionResult> GetRequestDataAsync([FromBody] RequestDataRequest req)
{
var endpoint = GetEndpoint(HttpContext, req.Path, req.Method);
RouteEndpoint? endpoint = GetEndpoint(HttpContext, req.Path, req.Method);
if (endpoint == null)
throw new ApiError.BadRequest("Path/method combination is invalid");
var actionDescriptor = endpoint.Metadata.GetMetadata<ControllerActionDescriptor>();
var template = actionDescriptor?.AttributeRouteInfo?.Template;
ControllerActionDescriptor? actionDescriptor =
endpoint.Metadata.GetMetadata<ControllerActionDescriptor>();
string? template = actionDescriptor?.AttributeRouteInfo?.Template;
if (template == null)
throw new FoxnounsError("Template value was null on valid endpoint");
template = GetCleanedTemplate(template);
// If no token was supplied, or it isn't valid base 64, return a null user ID (limiting by IP)
if (!AuthUtils.TryParseToken(req.Token, out var rawToken))
if (!AuthUtils.TryParseToken(req.Token, out byte[]? rawToken))
return Ok(new RequestDataResponse(null, template));
var userId = await db.GetTokenUserId(rawToken);
Snowflake? userId = await db.GetTokenUserId(rawToken);
return Ok(new RequestDataResponse(userId, template));
}
@ -72,12 +73,13 @@ public partial class InternalController(DatabaseContext db) : ControllerBase
string requestMethod
)
{
var endpointDataSource = httpContext.RequestServices.GetService<EndpointDataSource>();
EndpointDataSource? endpointDataSource =
httpContext.RequestServices.GetService<EndpointDataSource>();
if (endpointDataSource == null)
return null;
var endpoints = endpointDataSource.Endpoints.OfType<RouteEndpoint>();
IEnumerable<RouteEndpoint> endpoints = endpointDataSource.Endpoints.OfType<RouteEndpoint>();
foreach (var endpoint in endpoints)
foreach (RouteEndpoint? endpoint in endpoints)
{
if (endpoint.RoutePattern.RawText == null)
continue;
@ -86,9 +88,10 @@ public partial class InternalController(DatabaseContext db) : ControllerBase
TemplateParser.Parse(endpoint.RoutePattern.RawText),
new RouteValueDictionary()
);
if (!templateMatcher.TryMatch(url, new()))
if (!templateMatcher.TryMatch(url, new RouteValueDictionary()))
continue;
var httpMethodAttribute = endpoint.Metadata.GetMetadata<HttpMethodAttribute>();
HttpMethodAttribute? httpMethodAttribute =
endpoint.Metadata.GetMetadata<HttpMethodAttribute>();
if (
httpMethodAttribute != null
&& !httpMethodAttribute.HttpMethods.Any(x =>

35
Foxnouns.Backend/Controllers/MembersController.cs
View file

@ -9,6 +9,7 @@ using Foxnouns.Backend.Services;
using Foxnouns.Backend.Utils;
using Microsoft.AspNetCore.Mvc;
using Microsoft.EntityFrameworkCore;
using Microsoft.EntityFrameworkCore.Storage;
using NodaTime;
namespace Foxnouns.Backend.Controllers;
@ -32,7 +33,7 @@ public class MembersController(
)]
public async Task<IActionResult> GetMembersAsync(string userRef, CancellationToken ct = default)
{
var user = await db.ResolveUserAsync(userRef, CurrentToken, ct);
User user = await db.ResolveUserAsync(userRef, CurrentToken, ct);
return Ok(await memberRenderer.RenderUserMembersAsync(user, CurrentToken));
}
@ -44,7 +45,7 @@ public class MembersController(
CancellationToken ct = default
)
{
var member = await db.ResolveMemberAsync(userRef, memberRef, CurrentToken, ct);
Member member = await db.ResolveMemberAsync(userRef, memberRef, CurrentToken, ct);
return Ok(memberRenderer.RenderMember(member, CurrentToken));
}
@ -78,7 +79,7 @@ public class MembersController(
]
);
var memberCount = await db.Members.CountAsync(m => m.UserId == CurrentUser.Id, ct);
int memberCount = await db.Members.CountAsync(m => m.UserId == CurrentUser.Id, ct);
if (memberCount >= MaxMemberCount)
throw new ApiError.BadRequest("Maximum number of members reached");
@ -120,9 +121,11 @@ public class MembersController(
}
if (req.Avatar != null)
{
queue.QueueInvocableWithPayload<MemberAvatarUpdateInvocable, AvatarUpdatePayload>(
new AvatarUpdatePayload(member.Id, req.Avatar)
);
}
return Ok(memberRenderer.RenderMember(member, CurrentToken));
}
@ -134,8 +137,8 @@ public class MembersController(
[FromBody] UpdateMemberRequest req
)
{
await using var tx = await db.Database.BeginTransactionAsync();
var member = await db.ResolveMemberAsync(CurrentUser!.Id, memberRef);
await using IDbContextTransaction tx = await db.Database.BeginTransactionAsync();
Member member = await db.ResolveMemberAsync(CurrentUser!.Id, memberRef);
var errors = new List<(string, ValidationError?)>();
// We might add extra validations for names later down the line.
@ -197,7 +200,11 @@ public class MembersController(
if (req.Flags != null)
{
var flagError = await db.SetMemberFlagsAsync(CurrentUser!.Id, member.Id, req.Flags);
ValidationError? flagError = await db.SetMemberFlagsAsync(
CurrentUser!.Id,
member.Id,
req.Flags
);
if (flagError != null)
errors.Add(("flags", flagError));
}
@ -210,9 +217,12 @@ public class MembersController(
// (atomic operations are hard when combined with background jobs)
// so it's in a separate block to the validation above.
if (req.HasProperty(nameof(req.Avatar)))
{
queue.QueueInvocableWithPayload<MemberAvatarUpdateInvocable, AvatarUpdatePayload>(
new AvatarUpdatePayload(member.Id, req.Avatar)
);
}
try
{
await db.SaveChangesAsync();
@ -254,8 +264,8 @@ public class MembersController(
[Authorize("member.update")]
public async Task<IActionResult> DeleteMemberAsync(string memberRef)
{
var member = await db.ResolveMemberAsync(CurrentUser!.Id, memberRef);
var deleteCount = await db
Member member = await db.ResolveMemberAsync(CurrentUser!.Id, memberRef);
int deleteCount = await db
.Members.Where(m => m.UserId == CurrentUser!.Id && m.Id == member.Id)
.ExecuteDeleteAsync();
if (deleteCount == 0)
@ -289,9 +299,9 @@ public class MembersController(
[ProducesResponseType<UserRendererService.UserResponse>(statusCode: StatusCodes.Status200OK)]
public async Task<IActionResult> RerollSidAsync(string memberRef)
{
var member = await db.ResolveMemberAsync(CurrentUser!.Id, memberRef);
Member member = await db.ResolveMemberAsync(CurrentUser!.Id, memberRef);
var minTimeAgo = clock.GetCurrentInstant() - Duration.FromHours(1);
Instant minTimeAgo = clock.GetCurrentInstant() - Duration.FromHours(1);
if (CurrentUser!.LastSidReroll > minTimeAgo)
throw new ApiError.BadRequest("Cannot reroll short ID yet");
@ -308,7 +318,10 @@ public class MembersController(
);
// Fetch the new sid then pass that to RenderMember
var newSid = await db.Members.Where(m => m.Id == member.Id).Select(m => m.Sid).FirstAsync();
string newSid = await db
.Members.Where(m => m.Id == member.Id)
.Select(m => m.Sid)
.FirstAsync();
return Ok(memberRenderer.RenderMember(member, CurrentToken, newSid));
}
}

14
Foxnouns.Backend/Controllers/MetaController.cs
View file

@ -10,9 +10,8 @@ public class MetaController : ApiControllerBase
[HttpGet]
[ProducesResponseType<MetaResponse>(StatusCodes.Status200OK)]
public IActionResult GetMeta()
{
return Ok(
public IActionResult GetMeta() =>
Ok(
new MetaResponse(
Repository,
BuildInfo.Version,
@ -25,14 +24,13 @@ public class MetaController : ApiControllerBase
(int)FoxnounsMetrics.UsersActiveDayCount.Value
),
new Limits(
MemberCount: MembersController.MaxMemberCount,
BioLength: ValidationUtils.MaxBioLength,
CustomPreferences: ValidationUtils.MaxCustomPreferences,
MaxAuthMethods: AuthUtils.MaxAuthMethodsPerType
MembersController.MaxMemberCount,
ValidationUtils.MaxBioLength,
ValidationUtils.MaxCustomPreferences,
AuthUtils.MaxAuthMethodsPerType
)
)
);
}
[HttpGet("/api/v2/coffee")]
public IActionResult BrewCoffee() =>

2
Foxnouns.Backend/Controllers/SidController.cs
View file

@ -24,7 +24,7 @@ public class SidController(Config config, DatabaseContext db) : ApiControllerBas
private async Task<IActionResult> ResolveUserSidAsync(string id, CancellationToken ct = default)
{
var username = await db
string? username = await db
.Users.Where(u => u.Sid == id.ToLowerInvariant() && !u.Deleted)
.Select(u => u.Username)
.FirstOrDefaultAsync(ct);

40
Foxnouns.Backend/Controllers/UsersController.cs
View file

@ -9,6 +9,7 @@ using Foxnouns.Backend.Services;
using Foxnouns.Backend.Utils;
using Microsoft.AspNetCore.Mvc;
using Microsoft.EntityFrameworkCore;
using Microsoft.EntityFrameworkCore.Storage;
using NodaTime;
namespace Foxnouns.Backend.Controllers;
@ -29,16 +30,9 @@ public class UsersController(
[ProducesResponseType<UserRendererService.UserResponse>(statusCode: StatusCodes.Status200OK)]
public async Task<IActionResult> GetUserAsync(string userRef, CancellationToken ct = default)
{
var user = await db.ResolveUserAsync(userRef, CurrentToken, ct);
User user = await db.ResolveUserAsync(userRef, CurrentToken, ct);
return Ok(
await userRenderer.RenderUserAsync(
user,
selfUser: CurrentUser,
token: CurrentToken,
renderMembers: true,
renderAuthMethods: true,
ct: ct
)
await userRenderer.RenderUserAsync(user, CurrentUser, CurrentToken, true, true, ct: ct)
);
}
@ -50,8 +44,8 @@ public class UsersController(
CancellationToken ct = default
)
{
await using var tx = await db.Database.BeginTransactionAsync(ct);
var user = await db.Users.FirstAsync(u => u.Id == CurrentUser!.Id, ct);
await using IDbContextTransaction tx = await db.Database.BeginTransactionAsync(ct);
User user = await db.Users.FirstAsync(u => u.Id == CurrentUser!.Id, ct);
var errors = new List<(string, ValidationError?)>();
if (req.Username != null && req.Username != user.Username)
@ -108,7 +102,7 @@ public class UsersController(
if (req.Flags != null)
{
var flagError = await db.SetUserFlagsAsync(CurrentUser!.Id, req.Flags);
ValidationError? flagError = await db.SetUserFlagsAsync(CurrentUser!.Id, req.Flags);
if (flagError != null)
errors.Add(("flags", flagError));
}
@ -143,12 +137,14 @@ public class UsersController(
if (TimeZoneInfo.TryFindSystemTimeZoneById(req.Timezone, out _))
user.Timezone = req.Timezone;
else
{
errors.Add(
(
"timezone",
ValidationError.GenericValidationError("Invalid timezone", req.Timezone)
)
);
}
}
}
@ -157,9 +153,11 @@ public class UsersController(
// (atomic operations are hard when combined with background jobs)
// so it's in a separate block to the validation above.
if (req.HasProperty(nameof(req.Avatar)))
{
queue.QueueInvocableWithPayload<UserAvatarUpdateInvocable, AvatarUpdatePayload>(
new AvatarUpdatePayload(CurrentUser!.Id, req.Avatar)
);
}
try
{
@ -202,12 +200,12 @@ public class UsersController(
{
ValidationUtils.Validate(ValidationUtils.ValidateCustomPreferences(req));
var user = await db.ResolveUserAsync(CurrentUser!.Id, ct);
User user = await db.ResolveUserAsync(CurrentUser!.Id, ct);
var preferences = user
.CustomPreferences.Where(x => req.Any(r => r.Id == x.Key))
.ToDictionary();
foreach (var r in req)
foreach (CustomPreferenceUpdate? r in req)
{
if (r.Id != null && preferences.ContainsKey(r.Id.Value))
{
@ -271,7 +269,7 @@ public class UsersController(
[ProducesResponseType<UserSettings>(statusCode: StatusCodes.Status200OK)]
public async Task<IActionResult> GetUserSettingsAsync(CancellationToken ct = default)
{
var user = await db.Users.FirstAsync(u => u.Id == CurrentUser!.Id, ct);
User user = await db.Users.FirstAsync(u => u.Id == CurrentUser!.Id, ct);
return Ok(user.Settings);
}
@ -283,7 +281,7 @@ public class UsersController(
CancellationToken ct = default
)
{
var user = await db.Users.FirstAsync(u => u.Id == CurrentUser!.Id, ct);
User user = await db.Users.FirstAsync(u => u.Id == CurrentUser!.Id, ct);
if (req.HasProperty(nameof(req.DarkMode)))
user.Settings.DarkMode = req.DarkMode;
@ -304,7 +302,7 @@ public class UsersController(
[ProducesResponseType<UserRendererService.UserResponse>(statusCode: StatusCodes.Status200OK)]
public async Task<IActionResult> RerollSidAsync()
{
var minTimeAgo = clock.GetCurrentInstant() - Duration.FromHours(1);
Instant minTimeAgo = clock.GetCurrentInstant() - Duration.FromHours(1);
if (CurrentUser!.LastSidReroll > minTimeAgo)
throw new ApiError.BadRequest("Cannot reroll short ID yet");
@ -318,18 +316,18 @@ public class UsersController(
);
// Get the user's new sid
var newSid = await db
string newSid = await db
.Users.Where(u => u.Id == CurrentUser.Id)
.Select(u => u.Sid)
.FirstAsync();
var user = await db.ResolveUserAsync(CurrentUser.Id);
User user = await db.ResolveUserAsync(CurrentUser.Id);
return Ok(
await userRenderer.RenderUserAsync(
CurrentUser,
user,
CurrentUser,
CurrentToken,
renderMembers: false,
false,
overrideSid: newSid
)
);

14
Foxnouns.Backend/Database/DatabaseContext.cs
View file

@ -11,9 +11,8 @@ namespace Foxnouns.Backend.Database;
public class DatabaseContext(DbContextOptions options) : DbContext(options)
{
private static string GenerateConnectionString(Config.DatabaseConfig config)
{
return new NpgsqlConnectionStringBuilder(config.Url)
private static string GenerateConnectionString(Config.DatabaseConfig config) =>
new NpgsqlConnectionStringBuilder(config.Url)
{
Pooling = config.EnablePooling ?? true,
Timeout = config.Timeout ?? 5,
@ -22,7 +21,6 @@ public class DatabaseContext(DbContextOptions options) : DbContext(options)
ConnectionPruningInterval = 10,
ConnectionIdleLifetime = 10,
}.ConnectionString;
}
public static NpgsqlDataSource BuildDataSource(Config config)
{
@ -138,16 +136,16 @@ public class DesignTimeDatabaseContextFactory : IDesignTimeDbContextFactory<Data
public DatabaseContext CreateDbContext(string[] args)
{
// Read the configuration file
var config =
Config config =
new ConfigurationBuilder()
.AddConfiguration()
.Build()
// Get the configuration as our config class
.Get<Config>() ?? new();
.Get<Config>() ?? new Config();
var dataSource = DatabaseContext.BuildDataSource(config);
NpgsqlDataSource dataSource = DatabaseContext.BuildDataSource(config);
var options = DatabaseContext
DbContextOptions options = DatabaseContext
.BuildOptions(new DbContextOptionsBuilder(), dataSource, null)
.Options;

32
Foxnouns.Backend/Database/DatabaseQueryExtensions.cs
View file

@ -26,7 +26,7 @@ public static class DatabaseQueryExtensions
}
User? user;
if (Snowflake.TryParse(userRef, out var snowflake))
if (Snowflake.TryParse(userRef, out Snowflake? snowflake))
{
user = await context
.Users.Where(u => !u.Deleted)
@ -42,7 +42,7 @@ public static class DatabaseQueryExtensions
return user;
throw new ApiError.NotFound(
"No user with that ID or username found.",
code: ErrorCode.UserNotFound
ErrorCode.UserNotFound
);
}
@ -52,12 +52,12 @@ public static class DatabaseQueryExtensions
CancellationToken ct = default
)
{
var user = await context
User? user = await context
.Users.Where(u => !u.Deleted)
.FirstOrDefaultAsync(u => u.Id == id, ct);
if (user != null)
return user;
throw new ApiError.NotFound("No user with that ID found.", code: ErrorCode.UserNotFound);
throw new ApiError.NotFound("No user with that ID found.", ErrorCode.UserNotFound);
}
public static async Task<Member> ResolveMemberAsync(
@ -66,16 +66,13 @@ public static class DatabaseQueryExtensions
CancellationToken ct = default
)
{
var member = await context
Member? member = await context
.Members.Include(m => m.User)
.Where(m => !m.User.Deleted)
.FirstOrDefaultAsync(m => m.Id == id, ct);
if (member != null)
return member;
throw new ApiError.NotFound(
"No member with that ID found.",
code: ErrorCode.MemberNotFound
);
throw new ApiError.NotFound("No member with that ID found.", ErrorCode.MemberNotFound);
}
public static async Task<Member> ResolveMemberAsync(
@ -86,7 +83,7 @@ public static class DatabaseQueryExtensions
CancellationToken ct = default
)
{
var user = await context.ResolveUserAsync(userRef, token, ct);
User user = await context.ResolveUserAsync(userRef, token, ct);
return await context.ResolveMemberAsync(user.Id, memberRef, ct);
}
@ -98,7 +95,7 @@ public static class DatabaseQueryExtensions
)
{
Member? member;
if (Snowflake.TryParse(memberRef, out var snowflake))
if (Snowflake.TryParse(memberRef, out Snowflake? snowflake))
{
member = await context
.Members.Include(m => m.User)
@ -118,7 +115,7 @@ public static class DatabaseQueryExtensions
return member;
throw new ApiError.NotFound(
"No member with that ID or name found.",
code: ErrorCode.MemberNotFound
ErrorCode.MemberNotFound
);
}
@ -127,7 +124,10 @@ public static class DatabaseQueryExtensions
CancellationToken ct = default
)
{
var app = await context.Applications.FirstOrDefaultAsync(a => a.Id == new Snowflake(0), ct);
Application? app = await context.Applications.FirstOrDefaultAsync(
a => a.Id == new Snowflake(0),
ct
);
if (app != null)
return app;
@ -152,9 +152,9 @@ public static class DatabaseQueryExtensions
CancellationToken ct = default
)
{
var hash = SHA512.HashData(rawToken);
byte[] hash = SHA512.HashData(rawToken);
var oauthToken = await context
Token? oauthToken = await context
.Tokens.Include(t => t.Application)
.Include(t => t.User)
.FirstOrDefaultAsync(
@ -174,7 +174,7 @@ public static class DatabaseQueryExtensions
CancellationToken ct = default
)
{
var hash = SHA512.HashData(rawToken);
byte[] hash = SHA512.HashData(rawToken);
return await context
.Tokens.Where(t =>
t.Hash == hash

5
Foxnouns.Backend/Database/DatabaseServiceExtensions.cs
View file

@ -1,3 +1,4 @@
using Npgsql;
using Serilog;
namespace Foxnouns.Backend.Database;
@ -9,8 +10,8 @@ public static class DatabaseServiceExtensions
Config config
)
{
var dataSource = DatabaseContext.BuildDataSource(config);
var loggerFactory = new LoggerFactory().AddSerilog(dispose: false);
NpgsqlDataSource dataSource = DatabaseContext.BuildDataSource(config);
ILoggerFactory loggerFactory = new LoggerFactory().AddSerilog(dispose: false);
serviceCollection.AddDbContext<DatabaseContext>(options =>
DatabaseContext.BuildOptions(options, dataSource, loggerFactory)

28
Foxnouns.Backend/Database/FlagQueryExtensions.cs
View file

@ -20,8 +20,10 @@ public static class FlagQueryExtensions
Snowflake[] flagIds
)
{
var currentFlags = await db.UserFlags.Where(f => f.UserId == userId).ToListAsync();
foreach (var flag in currentFlags)
List<UserFlag> currentFlags = await db
.UserFlags.Where(f => f.UserId == userId)
.ToListAsync();
foreach (UserFlag flag in currentFlags)
db.UserFlags.Remove(flag);
// If there's no new flags to set, we're done
@ -30,12 +32,16 @@ public static class FlagQueryExtensions
if (flagIds.Length > 100)
return ValidationError.LengthError("Too many profile flags", 0, 100, flagIds.Length);
var flags = await db.GetFlagsAsync(userId);
var unknownFlagIds = flagIds.Where(id => flags.All(f => f.Id != id)).ToArray();
List<PrideFlag> flags = await db.GetFlagsAsync(userId);
Snowflake[] unknownFlagIds = flagIds.Where(id => flags.All(f => f.Id != id)).ToArray();
if (unknownFlagIds.Length != 0)
return ValidationError.GenericValidationError("Unknown flag IDs", unknownFlagIds);
var userFlags = flagIds.Select(id => new UserFlag { PrideFlagId = id, UserId = userId });
IEnumerable<UserFlag> userFlags = flagIds.Select(id => new UserFlag
{
PrideFlagId = id,
UserId = userId,
});
db.UserFlags.AddRange(userFlags);
return null;
@ -48,8 +54,10 @@ public static class FlagQueryExtensions
Snowflake[] flagIds
)
{
var currentFlags = await db.MemberFlags.Where(f => f.MemberId == memberId).ToListAsync();
foreach (var flag in currentFlags)
List<MemberFlag> currentFlags = await db
.MemberFlags.Where(f => f.MemberId == memberId)
.ToListAsync();
foreach (MemberFlag flag in currentFlags)
db.MemberFlags.Remove(flag);
if (flagIds.Length == 0)
@ -57,12 +65,12 @@ public static class FlagQueryExtensions
if (flagIds.Length > 100)
return ValidationError.LengthError("Too many profile flags", 0, 100, flagIds.Length);
var flags = await db.GetFlagsAsync(userId);
var unknownFlagIds = flagIds.Where(id => flags.All(f => f.Id != id)).ToArray();
List<PrideFlag> flags = await db.GetFlagsAsync(userId);
Snowflake[] unknownFlagIds = flagIds.Where(id => flags.All(f => f.Id != id)).ToArray();
if (unknownFlagIds.Length != 0)
return ValidationError.GenericValidationError("Unknown flag IDs", unknownFlagIds);
var memberFlags = flagIds.Select(id => new MemberFlag
IEnumerable<MemberFlag> memberFlags = flagIds.Select(id => new MemberFlag
{
PrideFlagId = id,
MemberId = memberId,

4
Foxnouns.Backend/Database/Models/Application.cs
View file

@ -18,8 +18,8 @@ public class Application : BaseModel
string[] redirectUrls
)
{
var clientId = RandomNumberGenerator.GetHexString(32, true);
var clientSecret = AuthUtils.RandomToken();
string clientId = RandomNumberGenerator.GetHexString(32, true);
string clientSecret = AuthUtils.RandomToken();
if (scopes.Except(AuthUtils.ApplicationScopes).Any())
{

23
Foxnouns.Backend/Database/Snowflake.cs
View file

@ -59,7 +59,7 @@ public readonly struct Snowflake(ulong value) : IEquatable<Snowflake>
public static bool TryParse(string input, [NotNullWhen(true)] out Snowflake? snowflake)
{
snowflake = null;
if (!ulong.TryParse(input, out var res))
if (!ulong.TryParse(input, out ulong res))
return false;
snowflake = new Snowflake(res);
return true;
@ -70,10 +70,7 @@ public readonly struct Snowflake(ulong value) : IEquatable<Snowflake>
public override bool Equals(object? obj) => obj is Snowflake other && Value == other.Value;
public bool Equals(Snowflake other)
{
return Value == other.Value;
}
public bool Equals(Snowflake other) => Value == other.Value;
public override int GetHashCode() => Value.GetHashCode();
@ -83,11 +80,7 @@ public readonly struct Snowflake(ulong value) : IEquatable<Snowflake>
/// An Entity Framework ValueConverter for Snowflakes to longs.
/// </summary>
// ReSharper disable once ClassNeverInstantiated.Global
public class ValueConverter()
: ValueConverter<Snowflake, long>(
convertToProviderExpression: x => x,
convertFromProviderExpression: x => x
);
public class ValueConverter() : ValueConverter<Snowflake, long>(x => x, x => x);
private class JsonConverter : JsonConverter<Snowflake>
{
@ -106,10 +99,7 @@ public readonly struct Snowflake(ulong value) : IEquatable<Snowflake>
Snowflake existingValue,
bool hasExistingValue,
JsonSerializer serializer
)
{
return ulong.Parse((string)reader.Value!);
}
) => ulong.Parse((string)reader.Value!);
}
private class TypeConverter : System.ComponentModel.TypeConverter
@ -126,9 +116,6 @@ public readonly struct Snowflake(ulong value) : IEquatable<Snowflake>
ITypeDescriptorContext? context,
CultureInfo? culture,
object value
)
{
return TryParse((string)value, out var snowflake) ? snowflake : null;
}
) => TryParse((string)value, out Snowflake? snowflake) ? snowflake : null;
}
}

11
Foxnouns.Backend/Database/SnowflakeGenerator.cs
View file

@ -28,9 +28,9 @@ public class SnowflakeGenerator : ISnowflakeGenerator
public Snowflake GenerateSnowflake(Instant? time = null)
{
time ??= SystemClock.Instance.GetCurrentInstant();
var increment = Interlocked.Increment(ref _increment);
var threadId = Environment.CurrentManagedThreadId % 32;
var timestamp = time.Value.ToUnixTimeMilliseconds() - Snowflake.Epoch;
long increment = Interlocked.Increment(ref _increment);
int threadId = Environment.CurrentManagedThreadId % 32;
long timestamp = time.Value.ToUnixTimeMilliseconds() - Snowflake.Epoch;
return (timestamp << 22)
| (uint)(_processId << 17)
@ -44,8 +44,5 @@ public static class SnowflakeGeneratorServiceExtensions
public static IServiceCollection AddSnowflakeGenerator(
this IServiceCollection services,
int? processId = null
)
{
return services.AddSingleton<ISnowflakeGenerator>(new SnowflakeGenerator(processId));
}
) => services.AddSingleton<ISnowflakeGenerator>(new SnowflakeGenerator(processId));
}

39
Foxnouns.Backend/ExpectedError.cs
View file

@ -35,13 +35,13 @@ public class ApiError(
public readonly ErrorCode ErrorCode = errorCode ?? ErrorCode.InternalServerError;
public class Unauthorized(string message, ErrorCode errorCode = ErrorCode.AuthenticationError)
: ApiError(message, statusCode: HttpStatusCode.Unauthorized, errorCode: errorCode);
: ApiError(message, HttpStatusCode.Unauthorized, errorCode);
public class Forbidden(
string message,
IEnumerable<string>? scopes = null,
ErrorCode errorCode = ErrorCode.Forbidden
) : ApiError(message, statusCode: HttpStatusCode.Forbidden, errorCode: errorCode)
) : ApiError(message, HttpStatusCode.Forbidden, errorCode)
{
public readonly string[] Scopes = scopes?.ToArray() ?? [];
}
@ -49,7 +49,7 @@ public class ApiError(
public class BadRequest(
string message,
IReadOnlyDictionary<string, IEnumerable<ValidationError>>? errors = null
) : ApiError(message, statusCode: HttpStatusCode.BadRequest)
) : ApiError(message, HttpStatusCode.BadRequest)
{
public BadRequest(string message, string field, object? actualValue)
: this(
@ -72,7 +72,7 @@ public class ApiError(
return o;
var a = new JArray();
foreach (var error in errors)
foreach (KeyValuePair<string, IEnumerable<ValidationError>> error in errors)
{
var errorObj = new JObject
{
@ -92,7 +92,7 @@ public class ApiError(
/// Any other methods should use <see cref="ApiError.BadRequest" /> instead.
/// </summary>
public class AspBadRequest(string message, ModelStateDictionary? modelState = null)
: ApiError(message, statusCode: HttpStatusCode.BadRequest)
: ApiError(message, HttpStatusCode.BadRequest)
{
public JObject ToJson()
{
@ -106,7 +106,11 @@ public class ApiError(
return o;
var a = new JArray();
foreach (var error in modelState.Where(e => e.Value is { Errors.Count: > 0 }))
foreach (
KeyValuePair<string, ModelStateEntry?> error in modelState.Where(e =>
e.Value is { Errors.Count: > 0 }
)
)
{
var errorObj = new JObject
{
@ -130,10 +134,9 @@ public class ApiError(
}
public class NotFound(string message, ErrorCode? code = null)
: ApiError(message, statusCode: HttpStatusCode.NotFound, errorCode: code);
: ApiError(message, HttpStatusCode.NotFound, code);
public class AuthenticationError(string message)
: ApiError(message, statusCode: HttpStatusCode.BadRequest);
public class AuthenticationError(string message) : ApiError(message, HttpStatusCode.BadRequest);
}
public enum ErrorCode
@ -175,33 +178,27 @@ public class ValidationError
int minLength,
int maxLength,
int actualLength
)
{
return new ValidationError
) =>
new()
{
Message = message,
MinLength = minLength,
MaxLength = maxLength,
ActualLength = actualLength,
};
}
public static ValidationError DisallowedValueError(
string message,
IEnumerable<object> allowedValues,
object actualValue
)
{
return new ValidationError
) =>
new()
{
Message = message,
AllowedValues = allowedValues,
ActualValue = actualValue,
};
}
public static ValidationError GenericValidationError(string message, object? actualValue)
{
return new ValidationError { Message = message, ActualValue = actualValue };
}
public static ValidationError GenericValidationError(string message, object? actualValue) =>
new() { Message = message, ActualValue = actualValue };
}

10
Foxnouns.Backend/Extensions/ImageObjectExtensions.cs
View file

@ -47,13 +47,13 @@ public static class ImageObjectExtensions
if (!uri.StartsWith("data:image/"))
throw new ArgumentException("Not a data URI", nameof(uri));
var split = uri.Remove(0, "data:".Length).Split(";base64,");
var contentType = split[0];
var encoded = split[1];
string[] split = uri.Remove(0, "data:".Length).Split(";base64,");
string contentType = split[0];
string encoded = split[1];
if (!ValidContentTypes.Contains(contentType))
throw new ArgumentException("Invalid content type for image", nameof(uri));
if (!AuthUtils.TryFromBase64String(encoded, out var rawImage))
if (!AuthUtils.TryFromBase64String(encoded, out byte[]? rawImage))
throw new ArgumentException("Invalid base64 string", nameof(uri));
var image = Image.Load(rawImage);
@ -74,7 +74,7 @@ public static class ImageObjectExtensions
await image.SaveAsync(stream, new WebpEncoder { Quality = 95, NearLossless = false });
stream.Seek(0, SeekOrigin.Begin);
var hash = Convert.ToHexString(await SHA256.HashDataAsync(stream)).ToLower();
string hash = Convert.ToHexString(await SHA256.HashDataAsync(stream)).ToLower();
stream.Seek(0, SeekOrigin.Begin);
return (hash, stream);

15
Foxnouns.Backend/Extensions/KeyCacheExtensions.cs
View file

@ -14,7 +14,7 @@ public static class KeyCacheExtensions
CancellationToken ct = default
)
{
var state = AuthUtils.RandomToken().Replace('+', '-').Replace('/', '_');
string state = AuthUtils.RandomToken().Replace('+', '-').Replace('/', '_');
await keyCacheService.SetKeyAsync($"oauth_state:{state}", "", Duration.FromMinutes(10), ct);
return state;
}
@ -25,7 +25,7 @@ public static class KeyCacheExtensions
CancellationToken ct = default
)
{
var val = await keyCacheService.GetKeyAsync($"oauth_state:{state}", ct: ct);
string? val = await keyCacheService.GetKeyAsync($"oauth_state:{state}", ct: ct);
if (val == null)
throw new ApiError.BadRequest("Invalid OAuth state");
}
@ -38,7 +38,7 @@ public static class KeyCacheExtensions
)
{
// This state is used in links, not just as JSON values, so make it URL-safe
var state = AuthUtils.RandomToken().Replace('+', '-').Replace('/', '_');
string state = AuthUtils.RandomToken().Replace('+', '-').Replace('/', '_');
await keyCacheService.SetKeyAsync(
$"email_state:{state}",
new RegisterEmailState(email, userId),
@ -62,7 +62,7 @@ public static class KeyCacheExtensions
CancellationToken ct = default
)
{
var state = AuthUtils.RandomToken();
string state = AuthUtils.RandomToken();
await keyCacheService.SetKeyAsync(
$"add_account:{state}",
new AddExtraAccountState(authType, userId, instance),
@ -76,12 +76,7 @@ public static class KeyCacheExtensions
this KeyCacheService keyCacheService,
string state,
CancellationToken ct = default
) =>
await keyCacheService.GetKeyAsync<AddExtraAccountState>(
$"add_account:{state}",
delete: true,
ct
);
) => await keyCacheService.GetKeyAsync<AddExtraAccountState>($"add_account:{state}", true, ct);
}
public record RegisterEmailState(

21
Foxnouns.Backend/Extensions/WebApplicationExtensions.cs
View file

@ -24,9 +24,9 @@ public static class WebApplicationExtensions
/// </summary>
public static WebApplicationBuilder AddSerilog(this WebApplicationBuilder builder)
{
var config = builder.Configuration.Get<Config>() ?? new();
Config config = builder.Configuration.Get<Config>() ?? new Config();
var logCfg = new LoggerConfiguration()
LoggerConfiguration logCfg = new LoggerConfiguration()
.Enrich.FromLogContext()
.MinimumLevel.Is(config.Logging.LogEventLevel)
// ASP.NET's built in request logs are extremely verbose, so we use Serilog's instead.
@ -43,10 +43,7 @@ public static class WebApplicationExtensions
if (config.Logging.SeqLogUrl != null)
{
logCfg.WriteTo.Seq(
config.Logging.SeqLogUrl,
restrictedToMinimumLevel: LogEventLevel.Verbose
);
logCfg.WriteTo.Seq(config.Logging.SeqLogUrl, LogEventLevel.Verbose);
}
// AddSerilog doesn't seem to add an ILogger to the service collection, so add that manually.
@ -60,19 +57,19 @@ public static class WebApplicationExtensions
builder.Configuration.Sources.Clear();
builder.Configuration.AddConfiguration();
var config = builder.Configuration.Get<Config>() ?? new();
Config config = builder.Configuration.Get<Config>() ?? new Config();
builder.Services.AddSingleton(config);
return config;
}
public static IConfigurationBuilder AddConfiguration(this IConfigurationBuilder builder)
{
var file = Environment.GetEnvironmentVariable("FOXNOUNS_CONFIG_FILE") ?? "config.ini";
string file = Environment.GetEnvironmentVariable("FOXNOUNS_CONFIG_FILE") ?? "config.ini";
return builder
.SetBasePath(Directory.GetCurrentDirectory())
.AddJsonFile("appSettings.json", true)
.AddIniFile(file, optional: false, reloadOnChange: true)
.AddIniFile(file, false, true)
.AddEnvironmentVariables();
}
@ -142,11 +139,15 @@ public static class WebApplicationExtensions
app.Services.ConfigureQueue()
.LogQueuedTaskProgress(app.Services.GetRequiredService<ILogger<IQueue>>());
await using var scope = app.Services.CreateAsyncScope();
await using AsyncServiceScope scope = app.Services.CreateAsyncScope();
// The types of these variables are obvious from the methods being called to create them
// ReSharper disable SuggestVarOrType_SimpleTypes
var logger = scope
.ServiceProvider.GetRequiredService<ILogger>()
.ForContext<WebApplication>();
var db = scope.ServiceProvider.GetRequiredService<DatabaseContext>();
// ReSharper restore SuggestVarOrType_SimpleTypes
logger.Information(
"Starting Foxnouns.NET {Version} ({Hash})",

36
Foxnouns.Backend/Jobs/CreateDataExportInvocable.cs
View file

@ -40,7 +40,7 @@ public class CreateDataExportInvocable(
private async Task InvokeAsync()
{
var user = await db
User? user = await db
.Users.Include(u => u.AuthMethods)
.Include(u => u.Flags)
.Include(u => u.ProfileFlags)
@ -66,25 +66,19 @@ public class CreateDataExportInvocable(
WriteJson(
zip,
"user.json",
await userRenderer.RenderUserInnerAsync(
user,
true,
["*"],
renderMembers: false,
renderAuthMethods: true
)
await userRenderer.RenderUserInnerAsync(user, true, ["*"], false, true)
);
await WriteS3Object(zip, "user-avatar.webp", userRenderer.AvatarUrlFor(user));
foreach (var flag in user.Flags)
foreach (PrideFlag? flag in user.Flags)
await WritePrideFlag(zip, flag);
var members = await db
List<Member> members = await db
.Members.Include(m => m.User)
.Include(m => m.ProfileFlags)
.Where(m => m.UserId == user.Id)
.ToListAsync();
foreach (var member in members)
foreach (Member? member in members)
await WriteMember(zip, member);
// We want to dispose the ZipArchive on an error, but we need to dispose it manually to upload to object storage.
@ -94,7 +88,7 @@ public class CreateDataExportInvocable(
stream.Seek(0, SeekOrigin.Begin);
// Upload the file!
var filename = AuthUtils.RandomToken().Replace('+', '-').Replace('/', '_');
string filename = AuthUtils.RandomToken().Replace('+', '-').Replace('/', '_');
await objectStorageService.PutObjectAsync(
ExportPath(user.Id, filename),
stream,
@ -132,8 +126,8 @@ public class CreateDataExportInvocable(
return;
}
var entry = zip.CreateEntry($"flag-{flag.Id}/flag.txt");
await using var stream = entry.Open();
ZipArchiveEntry entry = zip.CreateEntry($"flag-{flag.Id}/flag.txt");
await using Stream stream = entry.Open();
await using var writer = new StreamWriter(stream);
await writer.WriteAsync(flagData);
}
@ -164,7 +158,7 @@ public class CreateDataExportInvocable(
private void WriteJson(ZipArchive zip, string filename, object data)
{
var json = JsonConvert.SerializeObject(data, Formatting.Indented);
string json = JsonConvert.SerializeObject(data, Formatting.Indented);
_logger.Debug(
"Writing file {Filename} to archive with size {Length}",
@ -172,8 +166,8 @@ public class CreateDataExportInvocable(
json.Length
);
var entry = zip.CreateEntry(filename);
using var stream = entry.Open();
ZipArchiveEntry entry = zip.CreateEntry(filename);
using Stream stream = entry.Open();
using var writer = new StreamWriter(stream);
writer.Write(json);
}
@ -183,14 +177,14 @@ public class CreateDataExportInvocable(
if (s3Path == null)
return;
var resp = await Client.GetAsync(s3Path);
HttpResponseMessage resp = await Client.GetAsync(s3Path);
if (resp.StatusCode != HttpStatusCode.OK)
{
_logger.Warning("S3 path {S3Path} returned a non-200 status, not saving file", s3Path);
return;
}
await using var respStream = await resp.Content.ReadAsStreamAsync();
await using Stream respStream = await resp.Content.ReadAsStreamAsync();
_logger.Debug(
"Writing file {Filename} to archive with size {Length}",
@ -198,8 +192,8 @@ public class CreateDataExportInvocable(
respStream.Length
);
var entry = zip.CreateEntry(filename);
await using var entryStream = entry.Open();
ZipArchiveEntry entry = zip.CreateEntry(filename);
await using Stream entryStream = entry.Open();
respStream.Seek(0, SeekOrigin.Begin);
await respStream.CopyToAsync(entryStream);

6
Foxnouns.Backend/Jobs/CreateFlagInvocable.cs
View file

@ -26,10 +26,10 @@ public class CreateFlagInvocable(
try
{
var (hash, image) = await ImageObjectExtensions.ConvertBase64UriToImage(
(string? hash, Stream? image) = await ImageObjectExtensions.ConvertBase64UriToImage(
Payload.ImageData,
size: 256,
crop: false
256,
false
);
await objectStorageService.PutObjectAsync(Path(hash), image, "image/webp");

13
Foxnouns.Backend/Jobs/MemberAvatarUpdateInvocable.cs
View file

@ -1,5 +1,6 @@
using Coravel.Invocable;
using Foxnouns.Backend.Database;
using Foxnouns.Backend.Database.Models;
using Foxnouns.Backend.Extensions;
using Foxnouns.Backend.Services;
@ -26,7 +27,7 @@ public class MemberAvatarUpdateInvocable(
{
_logger.Debug("Updating avatar for member {MemberId}", id);
var member = await db.Members.FindAsync(id);
Member? member = await db.Members.FindAsync(id);
if (member == null)
{
_logger.Warning(
@ -38,12 +39,12 @@ public class MemberAvatarUpdateInvocable(
try
{
var (hash, image) = await ImageObjectExtensions.ConvertBase64UriToImage(
(string? hash, Stream? image) = await ImageObjectExtensions.ConvertBase64UriToImage(
newAvatar,
size: 512,
crop: true
512,
true
);
var prevHash = member.Avatar;
string? prevHash = member.Avatar;
await objectStorageService.PutObjectAsync(Path(id, hash), image, "image/webp");
@ -69,7 +70,7 @@ public class MemberAvatarUpdateInvocable(
{
_logger.Debug("Clearing avatar for member {MemberId}", id);
var member = await db.Members.FindAsync(id);
Member? member = await db.Members.FindAsync(id);
if (member == null)
{
_logger.Warning(

13
Foxnouns.Backend/Jobs/UserAvatarUpdateInvocable.cs
View file

@ -1,5 +1,6 @@
using Coravel.Invocable;
using Foxnouns.Backend.Database;
using Foxnouns.Backend.Database.Models;
using Foxnouns.Backend.Extensions;
using Foxnouns.Backend.Services;
@ -26,7 +27,7 @@ public class UserAvatarUpdateInvocable(
{
_logger.Debug("Updating avatar for user {MemberId}", id);
var user = await db.Users.FindAsync(id);
User? user = await db.Users.FindAsync(id);
if (user == null)
{
_logger.Warning(
@ -38,13 +39,13 @@ public class UserAvatarUpdateInvocable(
try
{
var (hash, image) = await ImageObjectExtensions.ConvertBase64UriToImage(
(string? hash, Stream? image) = await ImageObjectExtensions.ConvertBase64UriToImage(
newAvatar,
size: 512,
crop: true
512,
true
);
image.Seek(0, SeekOrigin.Begin);
var prevHash = user.Avatar;
string? prevHash = user.Avatar;
await objectStorageService.PutObjectAsync(Path(id, hash), image, "image/webp");
@ -70,7 +71,7 @@ public class UserAvatarUpdateInvocable(
{
_logger.Debug("Clearing avatar for user {MemberId}", id);
var user = await db.Users.FindAsync(id);
User? user = await db.Users.FindAsync(id);
if (user == null)
{
_logger.Warning(

13
Foxnouns.Backend/Middleware/AuthenticationMiddleware.cs
View file

@ -8,8 +8,8 @@ public class AuthenticationMiddleware(DatabaseContext db) : IMiddleware
{
public async Task InvokeAsync(HttpContext ctx, RequestDelegate next)
{
var endpoint = ctx.GetEndpoint();
var metadata = endpoint?.Metadata.GetMetadata<AuthenticateAttribute>();
Endpoint? endpoint = ctx.GetEndpoint();
AuthenticateAttribute? metadata = endpoint?.Metadata.GetMetadata<AuthenticateAttribute>();
if (metadata == null)
{
@ -18,14 +18,17 @@ public class AuthenticationMiddleware(DatabaseContext db) : IMiddleware
}
if (
!AuthUtils.TryParseToken(ctx.Request.Headers.Authorization.ToString(), out var rawToken)
!AuthUtils.TryParseToken(
ctx.Request.Headers.Authorization.ToString(),
out byte[]? rawToken
)
)
{
await next(ctx);
return;
}
var oauthToken = await db.GetToken(rawToken);
Token? oauthToken = await db.GetToken(rawToken);
if (oauthToken == null)
{
await next(ctx);
@ -50,7 +53,7 @@ public static class HttpContextExtensions
public static Token? GetToken(this HttpContext ctx)
{
if (ctx.Items.TryGetValue(Key, out var token))
if (ctx.Items.TryGetValue(Key, out object? token))
return token as Token;
return null;
}

12
Foxnouns.Backend/Middleware/AuthorizationMiddleware.cs
View file

@ -7,8 +7,8 @@ public class AuthorizationMiddleware : IMiddleware
{
public async Task InvokeAsync(HttpContext ctx, RequestDelegate next)
{
var endpoint = ctx.GetEndpoint();
var attribute = endpoint?.Metadata.GetMetadata<AuthorizeAttribute>();
Endpoint? endpoint = ctx.GetEndpoint();
AuthorizeAttribute? attribute = endpoint?.Metadata.GetMetadata<AuthorizeAttribute>();
if (attribute == null)
{
@ -16,21 +16,27 @@ public class AuthorizationMiddleware : IMiddleware
return;
}
var token = ctx.GetToken();
Token? token = ctx.GetToken();
if (token == null)
{
throw new ApiError.Unauthorized(
"This endpoint requires an authenticated user.",
ErrorCode.AuthenticationRequired
);
}
if (
attribute.Scopes.Length > 0
&& attribute.Scopes.Except(token.Scopes.ExpandScopes()).Any()
)
{
throw new ApiError.Forbidden(
"This endpoint requires ungranted scopes.",
attribute.Scopes.Except(token.Scopes.ExpandScopes()),
ErrorCode.MissingScopes
);
}
if (attribute.RequireAdmin && token.User.Role != UserRole.Admin)
throw new ApiError.Forbidden("This endpoint can only be used by admins.");
if (

17
Foxnouns.Backend/Middleware/ErrorHandlerMiddleware.cs
View file

@ -1,4 +1,5 @@
using System.Net;
using Foxnouns.Backend.Database.Models;
using Foxnouns.Backend.Utils;
using Newtonsoft.Json;
@ -14,9 +15,9 @@ public class ErrorHandlerMiddleware(ILogger baseLogger, IHub sentry) : IMiddlewa
}
catch (Exception e)
{
var type = e.TargetSite?.DeclaringType ?? typeof(ErrorHandlerMiddleware);
var typeName = e.TargetSite?.DeclaringType?.FullName ?? "<unknown>";
var logger = baseLogger.ForContext(type);
Type type = e.TargetSite?.DeclaringType ?? typeof(ErrorHandlerMiddleware);
string typeName = e.TargetSite?.DeclaringType?.FullName ?? "<unknown>";
ILogger logger = baseLogger.ForContext(type);
if (ctx.Response.HasStarted)
{
@ -31,13 +32,15 @@ public class ErrorHandlerMiddleware(ILogger baseLogger, IHub sentry) : IMiddlewa
e,
scope =>
{
var user = ctx.GetUser();
User? user = ctx.GetUser();
if (user != null)
{
scope.User = new SentryUser
{
Id = user.Id.ToString(),
Username = user.Username,
};
}
}
);
@ -98,17 +101,19 @@ public class ErrorHandlerMiddleware(ILogger baseLogger, IHub sentry) : IMiddlewa
logger.Error(e, "Exception in {ClassName} ({Path})", typeName, ctx.Request.Path);
}
var errorId = sentry.CaptureException(
SentryId errorId = sentry.CaptureException(
e,
scope =>
{
var user = ctx.GetUser();
User? user = ctx.GetUser();
if (user != null)
{
scope.User = new SentryUser
{
Id = user.Id.ToString(),
Username = user.Username,
};
}
}
);

6
Foxnouns.Backend/Program.cs
View file

@ -9,9 +9,9 @@ using Prometheus;
using Sentry.Extensibility;
using Serilog;
var builder = WebApplication.CreateBuilder(args);
WebApplicationBuilder builder = WebApplication.CreateBuilder(args);
var config = builder.AddConfiguration();
Config config = builder.AddConfiguration();
builder.AddSerilog();
@ -58,7 +58,7 @@ JsonConvert.DefaultSettings = () =>
builder.AddServices(config).AddCustomMiddleware().AddEndpointsApiExplorer().AddSwaggerGen();
var app = builder.Build();
WebApplication app = builder.Build();
await app.Initialize(args);

44
Foxnouns.Backend/Services/Auth/AuthService.cs
View file

@ -123,22 +123,27 @@ public class AuthService(
CancellationToken ct = default
)
{
var user = await db.Users.FirstOrDefaultAsync(
User? user = await db.Users.FirstOrDefaultAsync(
u => u.AuthMethods.Any(a => a.AuthType == AuthType.Email && a.RemoteId == email),
ct
);
if (user == null)
{
throw new ApiError.NotFound(
"No user with that email address found, or password is incorrect",
ErrorCode.UserNotFound
);
}
var pwResult = await VerifyHashedPasswordAsync(user, password, ct);
PasswordVerificationResult pwResult = await VerifyHashedPasswordAsync(user, password, ct);
if (pwResult == PasswordVerificationResult.Failed) // TODO: this seems to fail on some valid passwords?
{
throw new ApiError.NotFound(
"No user with that email address found, or password is incorrect",
ErrorCode.UserNotFound
);
}
if (pwResult == PasswordVerificationResult.SuccessRehashNeeded)
{
user.Password = await HashPasswordAsync(user, password, ct);
@ -169,7 +174,7 @@ public class AuthService(
throw new FoxnounsError("Password for user supplied to ValidatePasswordAsync was null");
}
var pwResult = await VerifyHashedPasswordAsync(user, password, ct);
PasswordVerificationResult pwResult = await VerifyHashedPasswordAsync(user, password, ct);
return pwResult
is PasswordVerificationResult.SuccessRehashNeeded
or PasswordVerificationResult.Success;
@ -231,13 +236,15 @@ public class AuthService(
AssertValidAuthType(authType, app);
// This is already checked when
var currentCount = await db
int currentCount = await db
.AuthMethods.Where(m => m.UserId == userId && m.AuthType == authType)
.CountAsync(ct);
if (currentCount >= AuthUtils.MaxAuthMethodsPerType)
{
throw new ApiError.BadRequest(
"Too many linked accounts of this type, maximum of 3 per account."
);
}
var authMethod = new AuthMethod
{
@ -262,13 +269,15 @@ public class AuthService(
)
{
if (!AuthUtils.ValidateScopes(application, scopes))
{
throw new ApiError.BadRequest(
"Invalid scopes requested for this token",
"scopes",
scopes
);
}
var (token, hash) = GenerateToken();
(string? token, byte[]? hash) = GenerateToken();
return (
token,
new Token
@ -293,9 +302,9 @@ public class AuthService(
CancellationToken ct = default
)
{
var frontendApp = await db.GetFrontendApplicationAsync(ct);
Application frontendApp = await db.GetFrontendApplicationAsync(ct);
var (tokenStr, token) = GenerateToken(
(string? tokenStr, Token? token) = GenerateToken(
user,
frontendApp,
["*"],
@ -308,17 +317,12 @@ public class AuthService(
await db.SaveChangesAsync(ct);
return new CallbackResponse(
HasAccount: true,
Ticket: null,
RemoteUsername: null,
User: await userRenderer.RenderUserAsync(
user,
selfUser: user,
renderMembers: false,
ct: ct
),
Token: tokenStr,
ExpiresAt: token.ExpiresAt
true,
null,
null,
await userRenderer.RenderUserAsync(user, user, renderMembers: false, ct: ct),
tokenStr,
token.ExpiresAt
);
}
@ -340,8 +344,8 @@ public class AuthService(
private static (string, byte[]) GenerateToken()
{
var token = AuthUtils.RandomToken();
var hash = SHA512.HashData(Convert.FromBase64String(token));
string token = AuthUtils.RandomToken();
byte[] hash = SHA512.HashData(Convert.FromBase64String(token));
return (token, hash);
}

25
Foxnouns.Backend/Services/Auth/FediverseAuthService.Mastodon.cs
View file

@ -18,22 +18,25 @@ public partial class FediverseAuthService
Snowflake? existingAppId = null
)
{
var resp = await _client.PostAsJsonAsync(
HttpResponseMessage resp = await _client.PostAsJsonAsync(
$"https://{instance}/api/v1/apps",
new CreateMastodonApplicationRequest(
ClientName: $"pronouns.cc (+{_config.BaseUrl})",
RedirectUris: MastodonRedirectUri(instance),
Scopes: "read read:accounts",
Website: _config.BaseUrl
$"pronouns.cc (+{_config.BaseUrl})",
MastodonRedirectUri(instance),
"read read:accounts",
_config.BaseUrl
)
);
resp.EnsureSuccessStatusCode();
var mastodonApp = await resp.Content.ReadFromJsonAsync<PartialMastodonApplication>();
PartialMastodonApplication? mastodonApp =
await resp.Content.ReadFromJsonAsync<PartialMastodonApplication>();
if (mastodonApp == null)
{
throw new FoxnounsError(
$"Application created on Mastodon-compatible instance {instance} was null"
);
}
FediverseApplication app;
@ -75,7 +78,7 @@ public partial class FediverseAuthService
if (state != null)
await _keyCacheService.ValidateAuthStateAsync(state);
var tokenResp = await _client.PostAsync(
HttpResponseMessage tokenResp = await _client.PostAsync(
MastodonTokenUri(app.Domain),
new FormUrlEncodedContent(
new Dictionary<string, string>
@ -95,7 +98,7 @@ public partial class FediverseAuthService
}
tokenResp.EnsureSuccessStatusCode();
var token = (
string? token = (
await tokenResp.Content.ReadFromJsonAsync<MastodonTokenResponse>()
)?.AccessToken;
if (token == null)
@ -106,9 +109,9 @@ public partial class FediverseAuthService
var req = new HttpRequestMessage(HttpMethod.Get, MastodonCurrentUserUri(app.Domain));
req.Headers.Add("Authorization", $"Bearer {token}");
var currentUserResp = await _client.SendAsync(req);
HttpResponseMessage currentUserResp = await _client.SendAsync(req);
currentUserResp.EnsureSuccessStatusCode();
var user = await currentUserResp.Content.ReadFromJsonAsync<FediverseUser>();
FediverseUser? user = await currentUserResp.Content.ReadFromJsonAsync<FediverseUser>();
if (user == null)
{
throw new FoxnounsError($"User response from instance {app.Domain} was invalid");
@ -131,7 +134,7 @@ public partial class FediverseAuthService
"An app credentials refresh was requested for {ApplicationId}, creating a new application",
app.Id
);
app = await CreateMastodonApplicationAsync(app.Domain, existingAppId: app.Id);
app = await CreateMastodonApplicationAsync(app.Domain, app.Id);
}
state ??= HttpUtility.UrlEncode(await _keyCacheService.GenerateAuthStateAsync());

19
Foxnouns.Backend/Services/Auth/FediverseAuthService.cs
View file

@ -43,7 +43,7 @@ public partial class FediverseAuthService
string? state = null
)
{
var app = await GetApplicationAsync(instance);
FediverseApplication app = await GetApplicationAsync(instance);
return await GenerateAuthUrlAsync(app, forceRefresh, state);
}
@ -56,13 +56,15 @@ public partial class FediverseAuthService
public async Task<FediverseApplication> GetApplicationAsync(string instance)
{
var app = await _db.FediverseApplications.FirstOrDefaultAsync(a => a.Domain == instance);
FediverseApplication? app = await _db.FediverseApplications.FirstOrDefaultAsync(a =>
a.Domain == instance
);
if (app != null)
return app;
_logger.Debug("No application for fediverse instance {Instance}, creating it", instance);
var softwareName = await GetSoftwareNameAsync(instance);
string softwareName = await GetSoftwareNameAsync(instance);
if (IsMastodonCompatible(softwareName))
{
@ -76,13 +78,14 @@ public partial class FediverseAuthService
{
_logger.Debug("Requesting software name for fediverse instance {Instance}", instance);
var wellKnownResp = await _client.GetAsync(
HttpResponseMessage wellKnownResp = await _client.GetAsync(
new Uri($"https://{instance}/.well-known/nodeinfo")
);
wellKnownResp.EnsureSuccessStatusCode();
var wellKnown = await wellKnownResp.Content.ReadFromJsonAsync<WellKnownResponse>();
var nodeInfoUrl = wellKnown?.Links.FirstOrDefault(l => l.Rel == NodeInfoRel)?.Href;
WellKnownResponse? wellKnown =
await wellKnownResp.Content.ReadFromJsonAsync<WellKnownResponse>();
string? nodeInfoUrl = wellKnown?.Links.FirstOrDefault(l => l.Rel == NodeInfoRel)?.Href;
if (nodeInfoUrl == null)
{
throw new FoxnounsError(
@ -90,10 +93,10 @@ public partial class FediverseAuthService
);
}
var nodeInfoResp = await _client.GetAsync(nodeInfoUrl);
HttpResponseMessage nodeInfoResp = await _client.GetAsync(nodeInfoUrl);
nodeInfoResp.EnsureSuccessStatusCode();
var nodeInfo = await nodeInfoResp.Content.ReadFromJsonAsync<PartialNodeInfo>();
PartialNodeInfo? nodeInfo = await nodeInfoResp.Content.ReadFromJsonAsync<PartialNodeInfo>();
return nodeInfo?.Software.Name
?? throw new FoxnounsError(
$"Nodeinfo response for instance {instance} was invalid, no software name"

18
Foxnouns.Backend/Services/Auth/RemoteAuthService.cs
View file

@ -29,7 +29,7 @@ public class RemoteAuthService(
)
{
var redirectUri = $"{config.BaseUrl}/auth/callback/discord";
var resp = await _httpClient.PostAsync(
HttpResponseMessage resp = await _httpClient.PostAsync(
_discordTokenUri,
new FormUrlEncodedContent(
new Dictionary<string, string>
@ -45,7 +45,7 @@ public class RemoteAuthService(
);
if (!resp.IsSuccessStatusCode)
{
var respBody = await resp.Content.ReadAsStringAsync(ct);
string respBody = await resp.Content.ReadAsStringAsync(ct);
_logger.Error(
"Received error status {StatusCode} when exchanging OAuth token: {ErrorBody}",
(int)resp.StatusCode,
@ -55,16 +55,18 @@ public class RemoteAuthService(
}
resp.EnsureSuccessStatusCode();
var token = await resp.Content.ReadFromJsonAsync<DiscordTokenResponse>(ct);
DiscordTokenResponse? token = await resp.Content.ReadFromJsonAsync<DiscordTokenResponse>(
ct
);
if (token == null)
throw new FoxnounsError("Discord token response was null");
var req = new HttpRequestMessage(HttpMethod.Get, _discordUserUri);
req.Headers.Add("Authorization", $"{token.token_type} {token.access_token}");
var resp2 = await _httpClient.SendAsync(req, ct);
HttpResponseMessage resp2 = await _httpClient.SendAsync(req, ct);
resp2.EnsureSuccessStatusCode();
var user = await resp2.Content.ReadFromJsonAsync<DiscordUserResponse>(ct);
DiscordUserResponse? user = await resp2.Content.ReadFromJsonAsync<DiscordUserResponse>(ct);
if (user == null)
throw new FoxnounsError("Discord user response was null");
@ -104,7 +106,7 @@ public class RemoteAuthService(
string? instance = null
)
{
var existingAccounts = await db
int existingAccounts = await db
.AuthMethods.Where(m => m.UserId == userId && m.AuthType == authType)
.CountAsync();
if (existingAccounts > AuthUtils.MaxAuthMethodsPerType)
@ -131,7 +133,9 @@ public class RemoteAuthService(
string? instance = null
)
{
var accountState = await keyCacheService.GetAddExtraAccountStateAsync(state);
AddExtraAccountState? accountState = await keyCacheService.GetAddExtraAccountStateAsync(
state
);
if (
accountState == null
|| accountState.AuthType != authType

12
Foxnouns.Backend/Services/DataCleanupService.cs
View file

@ -28,9 +28,9 @@ public class DataCleanupService(
private async Task CleanUsersAsync(CancellationToken ct = default)
{
var selfDeleteExpires = clock.GetCurrentInstant() - User.DeleteAfter;
var suspendExpires = clock.GetCurrentInstant() - User.DeleteSuspendedAfter;
var users = await db
Instant selfDeleteExpires = clock.GetCurrentInstant() - User.DeleteAfter;
Instant suspendExpires = clock.GetCurrentInstant() - User.DeleteSuspendedAfter;
List<User> users = await db
.Users.Include(u => u.Members)
.Include(u => u.DataExports)
.Where(u =>
@ -92,13 +92,15 @@ public class DataCleanupService(
private async Task CleanExportsAsync(CancellationToken ct = default)
{
var minExpiredId = Snowflake.FromInstant(clock.GetCurrentInstant() - DataExport.Expiration);
var exports = await db.DataExports.Where(d => d.Id < minExpiredId).ToListAsync(ct);
List<DataExport> exports = await db
.DataExports.Where(d => d.Id < minExpiredId)
.ToListAsync(ct);
if (exports.Count == 0)
return;
_logger.Debug("Deleting {Count} expired exports", exports.Count);
foreach (var export in exports)
foreach (DataExport? export in exports)
{
_logger.Debug("Deleting export {ExportId}", export.Id);
await objectStorageService.RemoveObjectAsync(

8
Foxnouns.Backend/Services/KeyCacheService.cs
View file

@ -41,7 +41,7 @@ public class KeyCacheService(DatabaseContext db, IClock clock, ILogger logger)
CancellationToken ct = default
)
{
var value = await db.TemporaryKeys.FirstOrDefaultAsync(k => k.Key == key, ct);
TemporaryKey? value = await db.TemporaryKeys.FirstOrDefaultAsync(k => k.Key == key, ct);
if (value == null)
return null;
@ -56,7 +56,7 @@ public class KeyCacheService(DatabaseContext db, IClock clock, ILogger logger)
public async Task DeleteExpiredKeysAsync(CancellationToken ct)
{
var count = await db
int count = await db
.TemporaryKeys.Where(k => k.Expires < clock.GetCurrentInstant())
.ExecuteDeleteAsync(ct);
if (count != 0)
@ -79,7 +79,7 @@ public class KeyCacheService(DatabaseContext db, IClock clock, ILogger logger)
)
where T : class
{
var value = JsonConvert.SerializeObject(obj);
string value = JsonConvert.SerializeObject(obj);
await SetKeyAsync(key, value, expires, ct);
}
@ -90,7 +90,7 @@ public class KeyCacheService(DatabaseContext db, IClock clock, ILogger logger)
)
where T : class
{
var value = await GetKeyAsync(key, delete, ct);
string? value = await GetKeyAsync(key, delete, ct);
return value == null ? default : JsonConvert.DeserializeObject<T>(value);
}
}

8
Foxnouns.Backend/Services/MemberRendererService.cs
View file

@ -10,11 +10,11 @@ public class MemberRendererService(DatabaseContext db, Config config)
{
public async Task<IEnumerable<PartialMember>> RenderUserMembersAsync(User user, Token? token)
{
var canReadHiddenMembers =
bool canReadHiddenMembers =
token != null && token.UserId == user.Id && token.HasScope("member.read");
var renderUnlisted =
bool renderUnlisted =
token != null && token.UserId == user.Id && token.HasScope("user.read_hidden");
var canReadMemberList = !user.ListHidden || canReadHiddenMembers;
bool canReadMemberList = !user.ListHidden || canReadHiddenMembers;
IEnumerable<Member> members = canReadMemberList
? await db.Members.Where(m => m.UserId == user.Id).OrderBy(m => m.Name).ToListAsync()
@ -30,7 +30,7 @@ public class MemberRendererService(DatabaseContext db, Config config)
string? overrideSid = null
)
{
var renderUnlisted = token?.UserId == member.UserId && token.HasScope("user.read_hidden");
bool renderUnlisted = token?.UserId == member.UserId && token.HasScope("user.read_hidden");
return new MemberResponse(
member.Id,

15
Foxnouns.Backend/Services/MetricsCollectionService.cs
View file

@ -3,6 +3,7 @@ using Foxnouns.Backend.Database;
using Microsoft.EntityFrameworkCore;
using NodaTime;
using Prometheus;
using ITimer = Prometheus.ITimer;
namespace Foxnouns.Backend.Services;
@ -16,19 +17,23 @@ public class MetricsCollectionService(ILogger logger, IServiceProvider services,
public async Task CollectMetricsAsync(CancellationToken ct = default)
{
var timer = FoxnounsMetrics.MetricsCollectionTime.NewTimer();
var now = clock.GetCurrentInstant();
ITimer timer = FoxnounsMetrics.MetricsCollectionTime.NewTimer();
Instant now = clock.GetCurrentInstant();
await using var scope = services.CreateAsyncScope();
await using AsyncServiceScope scope = services.CreateAsyncScope();
// ReSharper disable once SuggestVarOrType_SimpleTypes
await using var db = scope.ServiceProvider.GetRequiredService<DatabaseContext>();
var users = await db.Users.Where(u => !u.Deleted).Select(u => u.LastActive).ToListAsync(ct);
List<Instant>? users = await db
.Users.Where(u => !u.Deleted)
.Select(u => u.LastActive)
.ToListAsync(ct);
FoxnounsMetrics.UsersCount.Set(users.Count);
FoxnounsMetrics.UsersActiveMonthCount.Set(users.Count(i => i > now - Month));
FoxnounsMetrics.UsersActiveWeekCount.Set(users.Count(i => i > now - Week));
FoxnounsMetrics.UsersActiveDayCount.Set(users.Count(i => i > now - Day));
var memberCount = await db
int memberCount = await db
.Members.Include(m => m.User)
.Where(m => !m.Unlisted && !m.User.ListHidden && !m.User.Deleted)
.CountAsync(ct);

10
Foxnouns.Backend/Services/ObjectStorageService.cs
View file

@ -1,4 +1,5 @@
using Minio;
using Minio.DataModel;
using Minio.DataModel.Args;
using Minio.Exceptions;
@ -48,13 +49,4 @@ public class ObjectStorageService(ILogger logger, Config config, IMinioClient mi
ct
);
}
public async Task GetObjectAsync(string path, CancellationToken ct = default)
{
var stream = new MemoryStream();
var resp = await minioClient.GetObjectAsync(
new GetObjectArgs().WithBucket(config.Storage.Bucket).WithObject(path),
ct
);
}
}

5
Foxnouns.Backend/Services/PeriodicTasksService.cs
View file

@ -15,10 +15,13 @@ public class PeriodicTasksService(ILogger logger, IServiceProvider services) : B
{
_logger.Debug("Running periodic tasks");
await using var scope = services.CreateAsyncScope();
await using AsyncServiceScope scope = services.CreateAsyncScope();
// The type is literally written on the same line, we can just use `var`
// ReSharper disable SuggestVarOrType_SimpleTypes
var keyCacheService = scope.ServiceProvider.GetRequiredService<KeyCacheService>();
var dataCleanupService = scope.ServiceProvider.GetRequiredService<DataCleanupService>();
// ReSharper restore SuggestVarOrType_SimpleTypes
await keyCacheService.DeleteExpiredKeysAsync(ct);
await dataCleanupService.InvokeAsync(ct);

12
Foxnouns.Backend/Services/UserRendererService.cs
View file

@ -43,9 +43,9 @@ public class UserRendererService(
)
{
scopes = scopes.ExpandScopes();
var tokenCanReadHiddenMembers = scopes.Contains("member.read") && isSelfUser;
var tokenHidden = scopes.Contains("user.read_hidden") && isSelfUser;
var tokenPrivileged = scopes.Contains("user.read_privileged") && isSelfUser;
bool tokenCanReadHiddenMembers = scopes.Contains("member.read") && isSelfUser;
bool tokenHidden = scopes.Contains("user.read_hidden") && isSelfUser;
bool tokenPrivileged = scopes.Contains("user.read_privileged") && isSelfUser;
renderMembers = renderMembers && (!user.ListHidden || tokenCanReadHiddenMembers);
renderAuthMethods = renderAuthMethods && tokenPrivileged;
@ -57,12 +57,12 @@ public class UserRendererService(
if (!(isSelfUser && tokenCanReadHiddenMembers))
members = members.Where(m => !m.Unlisted);
var flags = await db
List<UserFlag> flags = await db
.UserFlags.Where(f => f.UserId == user.Id)
.OrderBy(f => f.Id)
.ToListAsync(ct);
var authMethods = renderAuthMethods
List<AuthMethod> authMethods = renderAuthMethods
? await db
.AuthMethods.Where(a => a.UserId == user.Id)
.Include(a => a.FediverseApplication)
@ -72,7 +72,7 @@ public class UserRendererService(
int? utcOffset = null;
if (
user.Timezone != null
&& TimeZoneInfo.TryFindSystemTimeZoneById(user.Timezone, out var tz)
&& TimeZoneInfo.TryFindSystemTimeZoneById(user.Timezone, out TimeZoneInfo? tz)
)
utcOffset = (int)tz.GetUtcOffset(DateTimeOffset.UtcNow).TotalSeconds;

6
Foxnouns.Backend/Utils/AuthUtils.cs
View file

@ -69,8 +69,8 @@ public static class AuthUtils
public static bool ValidateScopes(Application application, string[] scopes)
{
var expandedScopes = scopes.ExpandScopes();
var appScopes = application.Scopes.ExpandAppScopes();
string[] expandedScopes = scopes.ExpandScopes();
string[] appScopes = application.Scopes.ExpandAppScopes();
return !expandedScopes.Except(appScopes).Any();
}
@ -78,7 +78,7 @@ public static class AuthUtils
{
try
{
var scheme = new Uri(uri).Scheme;
string scheme = new Uri(uri).Scheme;
return !ForbiddenSchemes.Contains(scheme);
}
catch

2
Foxnouns.Backend/Utils/PatchRequest.cs
View file

@ -30,7 +30,7 @@ public class PatchRequestContractResolver : DefaultContractResolver
MemberSerialization memberSerialization
)
{
var prop = base.CreateProperty(member, memberSerialization);
JsonProperty prop = base.CreateProperty(member, memberSerialization);
prop.SetIsSpecified += (o, _) =>
{

29
Foxnouns.Backend/Utils/ValidationUtils.Fields.cs
View file

@ -39,6 +39,7 @@ public static partial class ValidationUtils
var errors = new List<(string, ValidationError?)>();
if (fields.Count > 25)
{
errors.Add(
(
"fields",
@ -50,11 +51,13 @@ public static partial class ValidationUtils
)
)
);
}
// No overwhelming this function, thank you
if (fields.Count > 100)
return errors;
foreach (var (field, index) in fields.Select((field, index) => (field, index)))
foreach ((Field? field, int index) in fields.Select((field, index) => (field, index)))
{
switch (field.Name.Length)
{
@ -111,6 +114,7 @@ public static partial class ValidationUtils
var errors = new List<(string, ValidationError?)>();
if (entries.Length > Limits.FieldEntriesLimit)
{
errors.Add(
(
errorPrefix,
@ -122,15 +126,19 @@ public static partial class ValidationUtils
)
)
);
}
// Same as above, no overwhelming this function with a ridiculous amount of entries
if (entries.Length > Limits.FieldEntriesLimit + 50)
return errors;
var customPreferenceIds =
customPreferences?.Keys.Select(id => id.ToString()).ToArray() ?? [];
string[] customPreferenceIds = customPreferences.Keys.Select(id => id.ToString()).ToArray();
foreach (var (entry, entryIdx) in entries.Select((entry, entryIdx) => (entry, entryIdx)))
foreach (
(FieldEntry? entry, int entryIdx) in entries.Select(
(entry, entryIdx) => (entry, entryIdx)
)
)
{
switch (entry.Value.Length)
{
@ -166,12 +174,14 @@ public static partial class ValidationUtils
!DefaultStatusOptions.Contains(entry.Status)
&& !customPreferenceIds.Contains(entry.Status)
)
{
errors.Add(
(
$"{errorPrefix}.{entryIdx}.status",
ValidationError.GenericValidationError("Invalid status", entry.Status)
)
);
}
}
return errors;
@ -188,6 +198,7 @@ public static partial class ValidationUtils
var errors = new List<(string, ValidationError?)>();
if (entries.Length > Limits.FieldEntriesLimit)
{
errors.Add(
(
errorPrefix,
@ -199,15 +210,17 @@ public static partial class ValidationUtils
)
)
);
}
// Same as above, no overwhelming this function with a ridiculous amount of entries
if (entries.Length > Limits.FieldEntriesLimit + 50)
return errors;
var customPreferenceIds =
customPreferences?.Keys.Select(id => id.ToString()).ToList() ?? [];
string[] customPreferenceIds = customPreferences.Keys.Select(id => id.ToString()).ToArray();
foreach (var (entry, entryIdx) in entries.Select((entry, entryIdx) => (entry, entryIdx)))
foreach (
(Pronoun? entry, int entryIdx) in entries.Select((entry, entryIdx) => (entry, entryIdx))
)
{
switch (entry.Value.Length)
{
@ -276,12 +289,14 @@ public static partial class ValidationUtils
!DefaultStatusOptions.Contains(entry.Status)
&& !customPreferenceIds.Contains(entry.Status)
)
{
errors.Add(
(
$"{errorPrefix}.{entryIdx}.status",
ValidationError.GenericValidationError("Invalid status", entry.Status)
)
);
}
}
return errors;

13
Foxnouns.Backend/Utils/ValidationUtils.Preferences.cs
View file

@ -29,6 +29,7 @@ public static partial class ValidationUtils
var errors = new List<(string, ValidationError?)>();
if (preferences.Count > MaxCustomPreferences)
{
errors.Add(
(
"custom_preferences",
@ -40,20 +41,29 @@ public static partial class ValidationUtils
)
)
);
}
if (preferences.Count > 50)
return errors;
foreach (var (p, i) in preferences.Select((p, i) => (p, i)))
foreach (
(UsersController.CustomPreferenceUpdate? p, int i) in preferences.Select(
(p, i) => (p, i)
)
)
{
if (!BootstrapIcons.IsValid(p.Icon))
{
errors.Add(
(
$"custom_preferences.{i}.icon",
ValidationError.DisallowedValueError("Invalid icon name", [], p.Icon)
)
);
}
if (p.Tooltip.Length is 1 or > MaxPreferenceTooltipLength)
{
errors.Add(
(
$"custom_preferences.{i}.tooltip",
@ -65,6 +75,7 @@ public static partial class ValidationUtils
)
)
);
}
}
return errors;

8
Foxnouns.Backend/Utils/ValidationUtils.Strings.cs
View file

@ -46,6 +46,7 @@ public static partial class ValidationUtils
public static ValidationError? ValidateUsername(string username)
{
if (!UsernameRegex().IsMatch(username))
{
return username.Length switch
{
< 2 => ValidationError.LengthError("Username is too short", 2, 40, username.Length),
@ -55,6 +56,7 @@ public static partial class ValidationUtils
username
),
};
}
if (
InvalidUsernames.Any(u =>
@ -68,6 +70,7 @@ public static partial class ValidationUtils
public static ValidationError? ValidateMemberName(string memberName)
{
if (!MemberRegex().IsMatch(memberName))
{
return memberName.Length switch
{
< 1 => ValidationError.LengthError("Name is too short", 1, 100, memberName.Length),
@ -79,6 +82,7 @@ public static partial class ValidationUtils
memberName
),
};
}
if (
InvalidMemberNames.Any(u =>
@ -117,13 +121,15 @@ public static partial class ValidationUtils
if (links == null)
return [];
if (links.Length > MaxLinks)
{
return
[
("links", ValidationError.LengthError("Too many links", 0, MaxLinks, links.Length)),
];
}
var errors = new List<(string, ValidationError?)>();
foreach (var (link, idx) in links.Select((l, i) => (l, i)))
foreach ((string link, int idx) in links.Select((l, i) => (l, i)))
{
switch (link.Length)
{

4
Foxnouns.Backend/Utils/ValidationUtils.cs
View file

@ -12,9 +12,9 @@ public static partial class ValidationUtils
return;
var errorDict = new Dictionary<string, IEnumerable<ValidationError>>();
foreach (var error in errors)
foreach ((string, ValidationError?) error in errors)
{
if (errorDict.TryGetValue(error.Item1, out var value))
if (errorDict.TryGetValue(error.Item1, out IEnumerable<ValidationError>? value))
errorDict[error.Item1] = value.Append(error.Item2!);
errorDict.Add(error.Item1, [error.Item2!]);
}

4
Foxnouns.Backend/Views/Mail/Layout.cshtml
View file

@ -2,9 +2,9 @@
<html lang="en">
<head>
<title></title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta http-equiv="X-UA-Compatible" content="IE=edge"/>
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<style>
body {
font-family: sans-serif;