public AccountsController(
AccountsContext context,
IPasswordHasher <Account> hasher,
IOptions <AccountsRoleConfiguration> roles)
{
this.context = context;
this.roles = roles.Value;
this.hasher = hasher;
}
public static IServiceCollection AddAccountsMvc(
this IServiceCollection services,
AccountsRoleConfiguration roles)
{
services.AddMvcCore()
.AddJsonFormatters()
.AddAuthorization(options =>
options.AddPolicy("admin", builder => builder.RequireRole(roles.Admin)))
.AddApiExplorer()
.AddPhemaRouting(routing => routing.AddAccountsController(roles)
.AddTokensController(roles)
.AddVersionController())
.SetCompatibilityVersion(CompatibilityVersion.Version_2_2);
return(services);
}
public async ValueTask Update(AccountsContext context, IPasswordHasher <Account> hasher, AccountsRoleConfiguration roles, int accountId)
{
var account = await context.Accounts.FirstAsync(i => i.Id == accountId);
if (Username != null)
{
account.Username = Username;
}
if (Password != null)
{
account.PasswordHash = hasher.HashPassword(account, Password);
}
if (Role != null)
{
if (!roles.IsAny(Role))
{
throw new InvalidOperationException();
}
account.Role = Role;
}
}
public async ValueTask Create(AccountsContext context, IPasswordHasher <Account> hasher, AccountsRoleConfiguration roles)
{
var account = new Account
{
Email = Email,
Username = Username,
PasswordHash = hasher.HashPassword(null, Password),
Role = roles.User,
Created = DateTime.UtcNow
};
await context.Accounts.AddAsync(account);
}
public static IRoutingBuilder AddTokensController(this IRoutingBuilder builder, AccountsRoleConfiguration roles)
{
builder.AddController <TokensController>(controller =>
{
controller.AddRoute("tokens", c => c.Create(From.Body <CreateTokenRequest>()))
.HttpPost();
controller.AddRoute("tokens", c => c.Read())
.HttpGet()
.Authorize();
controller.AddRoute("tokens/{tokenId}", c => c.Delete(From.Route <DeleteTokenRequest>()))
.HttpDelete()
.Authorize();
controller.AddRoute("tokens", c => c.Refresh(From.Body <RefreshTokenRequest>()))
.HttpPut();
controller.AddRoute("admin/tokens/{accountId}", c => c.AdminReadById(From.Route <int>()))
.HttpGet()
.Authorize(roles.Admin);
controller.AddRoute("admin/tokens/{tokenId}",
c => c.AdminDeleteById(From.Route <AdminDeleteByIdTokenRequest>()))
.HttpDelete()
.Authorize(roles.Admin);
});
return(builder);
}
public static IRoutingBuilder AddAccountsController(this IRoutingBuilder builder, AccountsRoleConfiguration roles)
{
builder.AddController <AccountsController>(controller =>
{
controller.AddRoute("accounts", c => c.Create(From.Body <CreateAccountRequest>()))
.HttpPost();
controller.AddRoute("accounts", c => c.Read())
.HttpGet()
.Authorize();
controller.AddRoute("accounts", c => c.Update(From.Body <UpdateAccountRequest>()))
.HttpPut()
.Authorize();
controller.AddRoute("accounts", c => c.Delete(From.Any <DeleteAccountRequest>()))
.HttpDelete()
.Authorize();
controller.AddRoute("admin/accounts", c => c.AdminRead(From.Query <FilterRequest>()))
.HttpGet()
.Authorize(roles.Admin);
controller.AddRoute("admin/accounts/{accountId}", c => c.AdminReadById(From.Route <int>()))
.HttpGet()
.Authorize(roles.Admin);
controller.AddRoute("admin/accounts/{accountId}",
c => c.AdminUpdateById(From.Route <int>(), From.Body <AdminUpdateByIdAccountRequest>()))
.HttpPut()
.Authorize(roles.Admin);
controller.AddRoute("admin/accounts/{accountId}", c => c.AdminDeleteById(From.Route <AdminDeleteByIdAccountRequest>()))
.HttpDelete()
.Authorize(roles.Admin);
});
return(builder);
}
