sam/Foxnouns.NET
sam/Foxnouns.NET
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages 2 Wiki Activity Actions

feat: initial working discord authentication

Browse source
This commit is contained in:
sam 2024-06-13 02:23:55 +02:00
parent 6186eda092
commit a7950671e1
Signed by: sam
GPG key ID: B4EF20DDE721CAA1
12 changed files with 262 additions and 25 deletions
Download patch file Download diff file Expand all files Collapse all files

31
Foxnouns.Backend/Controllers/Authentication/DiscordAuthController.cs
View file

@ -1,7 +1,10 @@
using Foxnouns.Backend.Database;
using Foxnouns.Backend.Database.Models;
using Foxnouns.Backend.Extensions;
using Foxnouns.Backend.Services;
using Foxnouns.Backend.Utils;
using Microsoft.AspNetCore.Mvc;
using Microsoft.EntityFrameworkCore;
using NodaTime;
namespace Foxnouns.Backend.Controllers.Authentication;
@ -18,6 +21,10 @@ public class DiscordAuthController(
UserRendererService userRendererSvc) : ApiControllerBase
{
[HttpPost("callback")]
// TODO: duplicating attribute doesn't work, find another way to mark both as possible response
// leaving it here for documentation purposes
[ProducesResponseType<AuthController.AuthResponse>(StatusCodes.Status200OK)]
[ProducesResponseType<AuthController.CallbackResponse>(StatusCodes.Status200OK)]
public async Task<IActionResult> CallbackAsync([FromBody] AuthController.CallbackRequest req)
{
CheckRequirements();
@ -30,7 +37,29 @@ public class DiscordAuthController(
logger.Debug("Discord user {Username} ({Id}) authenticated with no local account", remoteUser.Username,
remoteUser.Id);
throw new NotImplementedException();
var ticket = OauthUtils.RandomToken();
await keyCacheSvc.SetKeyAsync($"discord:{ticket}", remoteUser, Duration.FromMinutes(20));
return Ok(new AuthController.CallbackResponse(false, ticket, remoteUser.Username));
}
[HttpPost("register")]
[ProducesResponseType<AuthController.AuthResponse>(StatusCodes.Status200OK)]
public async Task<IActionResult> RegisterAsync([FromBody] AuthController.OauthRegisterRequest req)
{
var remoteUser = await keyCacheSvc.GetKeyAsync<RemoteAuthService.RemoteUser>($"discord:{req.Ticket}");
if (remoteUser == null) throw new ApiError.BadRequest("Invalid ticket");
if (await db.AuthMethods.AnyAsync(a => a.AuthType == AuthType.Discord && a.RemoteId == remoteUser.Id))
{
logger.Error("Discord user {Id} has valid ticket but is already linked to an existing account",
remoteUser.Id);
throw new FoxnounsError("Discord ticket was issued for user with existing link");
}
var user = await authSvc.CreateUserWithRemoteAuthAsync(req.Username, AuthType.Discord, remoteUser.Id,
remoteUser.Username);
return Ok(await GenerateUserTokenAsync(user));
}
private async Task<AuthController.AuthResponse> GenerateUserTokenAsync(User user)