public async Task <ActionResult <TagModel> > Get([FromRoute] string ident)
{
TagModel tag;
if (ident.IsNullOrEmpty())
{
return(NotFound());
}
if (Guid.TryParse(ident, out var uid))
{
tag = await database.Get <TagModel>(uid);
}
else
{
tag = await database.GetTagByName(ident);
}
if (tag == null)
{
return(NotFound());
}
return(Ok(tag));
}
public async Task <ActionResult <UserDetailsModel> > GetUser([FromRoute] string ident)
{
UserModel user;
if (ident.IsNullOrEmpty())
{
return(NotFound());
}
if (Guid.TryParse(ident, out var uid))
{
user = await database.Get <UserModel>(uid);
}
else
{
user = await database.GetUserByUserName(ident);
}
if (user == null)
{
return(NotFound());
}
if (!(authClaims.User?.IsAdmin).Equals(true))
{
user.EmailAddress = null;
user.EmailConfirmStatus = EmailConfirmStatus.UNSET;
}
var detailedUser = new UserDetailsModel(user);
detailedUser.ImagesCount = await database.Count <ImageModel>("ownerUid", user.Uid.ToString());
return(Ok(detailedUser));
}
public async Task <ActionResult <ImageModel> > UpdateImage([FromRoute] Guid uid, [FromBody] ImageModel newImage)
{
bool tagsUpdated = false;
var image = await database.Get <ImageModel>(uid);
if (image.OwnerUid != authClaims.UserUid && !authClaims.User.IsAdmin.Equals(true))
{
return(NotFound());
}
if (newImage.Description != null)
{
image.Description = newImage.Description;
}
if (newImage.Title != null)
{
image.Title = newImage.Title;
}
if (newImage.Explicit != null)
{
image.Explicit = newImage.Explicit;
}
if (newImage.Public != null)
{
image.Public = newImage.Public;
}
if (newImage.Grade != null)
{
image.Grade = newImage.Grade;
}
if (newImage.TagsCombined != null && !newImage.TagsArray.SequenceEqual(image.TagsArray))
{
image.TagsCombined = newImage.TagsCombined;
image.LowercaseTags();
if (!image.IsValidTags(out var reason))
{
return(BadRequest(new ErrorModel(400, reason)));
}
tagsUpdated = true;
}
await database.Update(image);
if (tagsUpdated)
{
await SaveTags(image, authClaims.UserUid);
}
return(Ok(image));
}
public async Task <T> ValidateAndRestoreAsync <T>(string token) where T : AuthClaims
{
var dbToken = await database.GetRefreshTokenByToken(token);
if (dbToken == null)
{
return(null);
}
if (dbToken.ToDeadlinedToken().IsExpired())
{
return(null);
}
var user = await database.Get <UserModel>(dbToken.UserUid);
if (user == null)
{
return(null);
}
return(new AuthClaims()
{
UserUid = dbToken.UserUid,
UserName = user.UserName,
User = user,
} as T);
}
public override async Task OnActionExecutionAsync(ActionExecutingContext ctx, ActionExecutionDelegate next)
{
var controller = ctx.Controller as IAuthorizedController;
if (controller == null ||
!ctx.HttpContext.Request.ExtractAccessToken(out var accessToken) ||
!accessTokenhandler.ValidateAndRestore <AuthClaims>(accessToken, out var identity))
{
SetUnauthorized(ctx);
return;
}
if (!cache.TryGet <UserModel>(identity.UserUid, out var user))
{
user = await database.Get <UserModel>(identity.UserUid);
if (user == null)
{
SetUnauthorized(ctx);
return;
}
cache.Put(user, USER_CACHE_TIME);
}
identity.User = user;
controller.SetAuthClaims(identity);
await base.OnActionExecutionAsync(ctx, next);
}
public async Task <ActionResult> ConfirmSet([FromQuery] string token)
{
var key = $"{Constants.MAIL_CONFIRM_CACHE_KEY}:{token}";
var exists = cache.TryGet(key, out Guid userUid);
if (!exists)
{
return(Unauthorized());
}
var user = await database.Get <UserModel>(userUid);
user.EmailConfirmStatus = EmailConfirmStatus.CONFIRMED;
await database.Update(user);
cache.Delete(key);
return(NoContent());
}
public IEnumerable <T> Get()
{
return(_databaseAccess.Get());
}