Exemplo n.º 1
0
        public IActionResult NewComment([FromBody] Comment comment)
        {
            var user = _authHandler.UserFromClaimsPrincipal(User);

            if (string.IsNullOrWhiteSpace(comment.Content) || string.IsNullOrWhiteSpace(comment.Post) ||
                string.IsNullOrWhiteSpace(comment.Captcha))
            {
                _logger.LogInformation("Comment content, post or captcha is missing.");
                _logger.LogInformation($"Terminating session. User: {user.Uuid}" +
                                       $", IP: {HttpContext?.Connection?.RemoteIpAddress?.ToString() ?? "Unknown IP"}");
                _authHandler.TerminateSession(user);

                return(BadRequest());
            }

            if (!_captcha.VerifyCaptcha(comment.Captcha, HttpContext.Connection.RemoteIpAddress, "newComment"))
            {
                _logger.LogInformation("Captcha failed verification.");
                _logger.LogInformation($"Terminating session. User: {user.Uuid}" +
                                       $", IP: {HttpContext?.Connection?.RemoteIpAddress?.ToString() ?? "Unknown IP"}");
                _authHandler.TerminateSession(user);

                return(BadRequest());
            }


            if (comment.Content.Length > 128)
            {
                _logger.LogInformation("Comment content length exceeds the permitted limit.");
                _logger.LogInformation($"Terminating session. User: {user.Uuid}" +
                                       $", IP: {HttpContext?.Connection?.RemoteIpAddress?.ToString() ?? "Unknown IP"}");
                _authHandler.TerminateSession(user);

                return(BadRequest());
            }

            if (!SecureGuid.VerifyGuid(comment.Post, out _))
            {
                _logger.LogInformation("Post UUID is invalid.");
                _logger.LogInformation($"Terminating session. User: {user.Uuid}" +
                                       $", IP: {HttpContext?.Connection?.RemoteIpAddress?.ToString() ?? "Unknown IP"}");
                _authHandler.TerminateSession(user);

                return(BadRequest());
            }


            if (_database.CreateComment(comment, user))
            {
                _activityLogger.LogNewComment(Request.HttpContext.Connection.RemoteIpAddress, user, comment);
                return(Ok());
            }

            _logger.LogInformation("Database failed to create new comment.");
            _logger.LogInformation($"Terminating session. User: {user.Uuid}" +
                                   $", IP: {HttpContext?.Connection?.RemoteIpAddress?.ToString() ?? "Unknown IP"}");
            _authHandler.TerminateSession(user);

            return(BadRequest());
        }