using System.Web; using Foxnouns.Backend.Database; using Foxnouns.Backend.Extensions; using Foxnouns.Backend.Middleware; using Foxnouns.Backend.Services; using Microsoft.AspNetCore.Mvc; using Microsoft.EntityFrameworkCore; using Newtonsoft.Json; using NodaTime; namespace Foxnouns.Backend.Controllers.Authentication; [Route("/api/internal/auth")] public class AuthController( Config config, DatabaseContext db, KeyCacheService keyCache, ILogger logger ) : ApiControllerBase { private readonly ILogger _logger = logger.ForContext(); [HttpPost("urls")] [ProducesResponseType(StatusCodes.Status200OK)] public async Task UrlsAsync(CancellationToken ct = default) { _logger.Debug( "Generating auth URLs for Discord: {Discord}, Google: {Google}, Tumblr: {Tumblr}", config.DiscordAuth.Enabled, config.GoogleAuth.Enabled, config.TumblrAuth.Enabled ); var state = HttpUtility.UrlEncode(await keyCache.GenerateAuthStateAsync(ct)); string? discord = null; if (config.DiscordAuth is { ClientId: not null, ClientSecret: not null }) discord = $"https://discord.com/oauth2/authorize?response_type=code" + $"&client_id={config.DiscordAuth.ClientId}&scope=identify" + $"&prompt=none&state={state}" + $"&redirect_uri={HttpUtility.UrlEncode($"{config.BaseUrl}/auth/callback/discord")}"; return Ok(new UrlsResponse(config.EmailAuth.Enabled, discord, null, null)); } private record UrlsResponse(bool EmailEnabled, string? Discord, string? Google, string? Tumblr); public record AuthResponse( UserRendererService.UserResponse User, string Token, Instant ExpiresAt ); public record OauthRegisterRequest(string Ticket, string Username); public record CallbackRequest(string Code, string State); [HttpPost("force-log-out")] [Authorize("identify")] public async Task ForceLogoutAsync() { _logger.Information("Invalidating all tokens for user {UserId}", CurrentUser!.Id); await db .Tokens.Where(t => t.UserId == CurrentUser.Id) .ExecuteUpdateAsync(s => s.SetProperty(t => t.ManuallyExpired, true)); return NoContent(); } } public record CallbackResponse( bool HasAccount, [property: JsonProperty(NullValueHandling = NullValueHandling.Ignore)] string? Ticket, [property: JsonProperty(NullValueHandling = NullValueHandling.Ignore)] string? RemoteUsername, [property: JsonProperty(NullValueHandling = NullValueHandling.Ignore)] UserRendererService.UserResponse? User, [property: JsonProperty(NullValueHandling = NullValueHandling.Ignore)] string? Token, [property: JsonProperty(NullValueHandling = NullValueHandling.Ignore)] Instant? ExpiresAt );