feat: remove auth method

2024-11-04 22:04:04 +01:00 · 2024-11-04 22:04:04 +01:00 · 9160281ea2
commit 9160281ea2
parent 201c56c3dd
7 changed files with 144 additions and 16 deletions
--- a/Foxnouns.Backend/Controllers/Authentication/AuthController.cs
+++ b/Foxnouns.Backend/Controllers/Authentication/AuthController.cs
@ -1,3 +1,4 @@
+using System.Net;
 using System.Web;
 using Foxnouns.Backend.Database;
 using Foxnouns.Backend.Database.Models;
@ -15,7 +16,7 @@ namespace Foxnouns.Backend.Controllers.Authentication;
 public class AuthController(
    Config config,
    DatabaseContext db,
-    KeyCacheService keyCache,
+    KeyCacheService keyCacheService,
    ILogger logger
 ) : ApiControllerBase
 {
@ -31,7 +32,7 @@ public class AuthController(
            config.GoogleAuth.Enabled,
            config.TumblrAuth.Enabled
        );
-        var state = HttpUtility.UrlEncode(await keyCache.GenerateAuthStateAsync(ct));
+        var state = HttpUtility.UrlEncode(await keyCacheService.GenerateAuthStateAsync(ct));
        string? discord = null;
        if (config.DiscordAuth is { ClientId: not null, ClientSecret: not null })
            discord =
@ -75,6 +76,52 @@ public class AuthController(

        return NoContent();
    }
+
+    [HttpGet("methods/{id}")]
+    [Authorize("*")]
+    [ProducesResponseType<UserRendererService.AuthMethodResponse>(
+        statusCode: StatusCodes.Status200OK
+    )]
+    public async Task<IActionResult> GetAuthMethodAsync(Snowflake id)
+    {
+        var authMethod = await db
+            .AuthMethods.Include(a => a.FediverseApplication)
+            .FirstOrDefaultAsync(a => a.UserId == CurrentUser!.Id && a.Id == id);
+        if (authMethod == null)
+            throw new ApiError.NotFound("No authentication method with that ID found.");
+
+        return Ok(UserRendererService.RenderAuthMethod(authMethod));
+    }
+
+    [HttpDelete("methods/{id}")]
+    [Authorize("*")]
+    public async Task<IActionResult> DeleteAuthMethodAsync(Snowflake id)
+    {
+        var authMethods = await db
+            .AuthMethods.Where(a => a.UserId == CurrentUser!.Id)
+            .ToListAsync();
+        if (authMethods.Count < 2)
+            throw new ApiError(
+                "You cannot remove your last authentication method.",
+                HttpStatusCode.BadRequest,
+                ErrorCode.LastAuthMethod
+            );
+
+        var authMethod = authMethods.FirstOrDefault(a => a.Id == id);
+        if (authMethod == null)
+            throw new ApiError.NotFound("No authentication method with that ID found.");
+
+        _logger.Debug(
+            "Deleting auth method {AuthMethodId} for user {UserId}",
+            authMethod.Id,
+            CurrentUser!.Id
+        );
+
+        db.Remove(authMethod);
+        await db.SaveChangesAsync();
+
+        return NoContent();
+    }
 }

 public record CallbackResponse(