From 4475de3c0c86c4096b843d8bee8aff48b7e31896 Mon Sep 17 00:00:00 2001
From: crupest <crupest@outlook.com>
Date: Fri, 21 Aug 2020 22:49:48 +0800
Subject: ...

---
 Timeline/Controllers/UserAvatarController.cs | 25 +++++++------------------
 1 file changed, 7 insertions(+), 18 deletions(-)

(limited to 'Timeline/Controllers/UserAvatarController.cs')

diff --git a/Timeline/Controllers/UserAvatarController.cs b/Timeline/Controllers/UserAvatarController.cs
index 52e87df2..32f63fc6 100644
--- a/Timeline/Controllers/UserAvatarController.cs
+++ b/Timeline/Controllers/UserAvatarController.cs
@@ -3,10 +3,12 @@ using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.Extensions.Logging;
 using System;
+using System.IO;
 using System.Threading.Tasks;
 using Timeline.Auth;
 using Timeline.Filters;
 using Timeline.Helpers;
+using Timeline.Models;
 using Timeline.Models.Http;
 using Timeline.Models.Validation;
 using Timeline.Services;
@@ -72,20 +74,17 @@ namespace Timeline.Controllers
         /// Set avatar of a user. You have to be administrator to change other's.
         /// </summary>
         /// <param name="username">Username of the user to set avatar of.</param>
+        /// <param name="body">The avatar data.</param>
         [HttpPut("users/{username}/avatar")]
         [Authorize]
-        [RequireContentType, RequireContentLength]
         [Consumes("image/png", "image/jpeg", "image/gif", "image/webp")]
+        [MaxContentLength(1000 * 1000 * 10)]
         [ProducesResponseType(typeof(void), StatusCodes.Status200OK)]
         [ProducesResponseType(StatusCodes.Status400BadRequest)]
         [ProducesResponseType(StatusCodes.Status401Unauthorized)]
         [ProducesResponseType(StatusCodes.Status403Forbidden)]
-        public async Task<IActionResult> Put([FromRoute][Username] string username)
+        public async Task<IActionResult> Put([FromRoute][Username] string username, [FromBody] ByteData body)
         {
-            var contentLength = Request.ContentLength!.Value;
-            if (contentLength > 1000 * 1000 * 10)
-                return BadRequest(ErrorResponse.Common.Content.TooBig("10MB"));
-
             if (!User.IsAdministrator() && User.Identity.Name != username)
             {
                 _logger.LogInformation(Log.Format(LogPutForbid,
@@ -106,20 +105,10 @@ namespace Timeline.Controllers
 
             try
             {
-                var data = new byte[contentLength];
-                var bytesRead = await Request.Body.ReadAsync(data);
-
-                if (bytesRead != contentLength)
-                    return BadRequest(ErrorResponse.Common.Content.UnmatchedLength_Smaller());
-
-                var extraByte = new byte[1];
-                if (await Request.Body.ReadAsync(extraByte) != 0)
-                    return BadRequest(ErrorResponse.Common.Content.UnmatchedLength_Bigger());
-
                 await _service.SetAvatar(id, new Avatar
                 {
-                    Data = data,
-                    Type = Request.ContentType
+                    Data = body.Data,
+                    Type = body.ContentType
                 });
 
                 _logger.LogInformation(Log.Format(LogPutSuccess,
-- 
cgit v1.2.3