From 9a163719b76958374d1c27616393368e54e8b8a5 Mon Sep 17 00:00:00 2001 From: 杨宇千 Date: Wed, 23 Oct 2019 20:41:19 +0800 Subject: ... --- Timeline/Authenticate/Attribute.cs | 21 --- Timeline/Authenticate/AuthHandler.cs | 102 --------------- Timeline/Authenticate/PrincipalExtensions.cs | 13 -- Timeline/Authentication/Attribute.cs | 21 +++ Timeline/Authentication/AuthHandler.cs | 98 ++++++++++++++ Timeline/Authentication/PrincipalExtensions.cs | 13 ++ Timeline/Configs/DatabaseConfig.cs | 2 +- Timeline/Configs/JwtConfig.cs | 6 +- .../Controllers/Testing/TestingAuthController.cs | 2 +- Timeline/Controllers/UserAvatarController.cs | 6 +- Timeline/Controllers/UserController.cs | 44 +++---- Timeline/Entities/DatabaseContext.cs | 37 +----- Timeline/Entities/User.cs | 32 +++++ Timeline/Entities/UserDetail.cs | 29 ----- Timeline/GlobalSuppressions.cs | 1 + .../Helpers/StringLocalizerFactoryExtensions.cs | 5 + Timeline/Models/Http/User.cs | 4 +- Timeline/Models/UserConvert.cs | 67 ++++++++++ Timeline/Models/UserInfo.cs | 4 +- Timeline/Models/UserUtility.cs | 60 --------- Timeline/Models/Validation/UsernameValidator.cs | 14 +- Timeline/Models/Validation/Validator.cs | 2 +- Timeline/Program.cs | 1 + .../Authentication/AuthHandler.Designer.cs | 99 +++++++++++++++ Timeline/Resources/Authentication/AuthHandler.resx | 132 +++++++++++++++++++ Timeline/Resources/Services/Exception.Designer.cs | 63 +++++++++ Timeline/Resources/Services/Exception.resx | 21 +++ .../Resources/Services/UserService.Designer.cs | 126 ++++++++++++++++++ Timeline/Resources/Services/UserService.resx | 141 +++++++++++++++++++++ Timeline/Services/PasswordService.cs | 38 +++--- Timeline/Services/UserService.cs | 95 ++++++++------ Timeline/Startup.cs | 2 +- Timeline/Timeline.csproj | 18 +++ 33 files changed, 965 insertions(+), 354 deletions(-) delete mode 100644 Timeline/Authenticate/Attribute.cs delete mode 100644 Timeline/Authenticate/AuthHandler.cs delete mode 100644 Timeline/Authenticate/PrincipalExtensions.cs create mode 100644 Timeline/Authentication/Attribute.cs create mode 100644 Timeline/Authentication/AuthHandler.cs create mode 100644 Timeline/Authentication/PrincipalExtensions.cs create mode 100644 Timeline/Entities/User.cs delete mode 100644 Timeline/Entities/UserDetail.cs create mode 100644 Timeline/Models/UserConvert.cs delete mode 100644 Timeline/Models/UserUtility.cs create mode 100644 Timeline/Resources/Authentication/AuthHandler.Designer.cs create mode 100644 Timeline/Resources/Authentication/AuthHandler.resx create mode 100644 Timeline/Resources/Services/UserService.Designer.cs create mode 100644 Timeline/Resources/Services/UserService.resx (limited to 'Timeline') diff --git a/Timeline/Authenticate/Attribute.cs b/Timeline/Authenticate/Attribute.cs deleted file mode 100644 index 239a2a1c..00000000 --- a/Timeline/Authenticate/Attribute.cs +++ /dev/null @@ -1,21 +0,0 @@ -using Microsoft.AspNetCore.Authorization; -using Timeline.Entities; - -namespace Timeline.Authenticate -{ - public class AdminAuthorizeAttribute : AuthorizeAttribute - { - public AdminAuthorizeAttribute() - { - Roles = UserRoles.Admin; - } - } - - public class UserAuthorizeAttribute : AuthorizeAttribute - { - public UserAuthorizeAttribute() - { - Roles = UserRoles.User; - } - } -} diff --git a/Timeline/Authenticate/AuthHandler.cs b/Timeline/Authenticate/AuthHandler.cs deleted file mode 100644 index f9409c1a..00000000 --- a/Timeline/Authenticate/AuthHandler.cs +++ /dev/null @@ -1,102 +0,0 @@ -using Microsoft.AspNetCore.Authentication; -using Microsoft.Extensions.Logging; -using Microsoft.Extensions.Options; -using Microsoft.Net.Http.Headers; -using System; -using System.Linq; -using System.Security.Claims; -using System.Text.Encodings.Web; -using System.Threading.Tasks; -using Timeline.Models; -using Timeline.Services; - -namespace Timeline.Authenticate -{ - static class AuthConstants - { - public const string Scheme = "Bearer"; - public const string DisplayName = "My Jwt Auth Scheme"; - } - - class AuthOptions : AuthenticationSchemeOptions - { - /// - /// The query param key to search for token. If null then query params are not searched for token. Default to "token". - /// - public string TokenQueryParamKey { get; set; } = "token"; - } - - class AuthHandler : AuthenticationHandler - { - private readonly ILogger _logger; - private readonly IUserService _userService; - - public AuthHandler(IOptionsMonitor options, ILoggerFactory logger, UrlEncoder encoder, ISystemClock clock, IUserService userService) - : base(options, logger, encoder, clock) - { - _logger = logger.CreateLogger(); - _userService = userService; - } - - // return null if no token is found - private string ExtractToken() - { - // check the authorization header - string header = Request.Headers[HeaderNames.Authorization]; - if (!string.IsNullOrEmpty(header) && header.StartsWith("Bearer ", StringComparison.OrdinalIgnoreCase)) - { - var token = header.Substring("Bearer ".Length).Trim(); - _logger.LogInformation("Token is found in authorization header. Token is {} .", token); - return token; - } - - // check the query params - var paramQueryKey = Options.TokenQueryParamKey; - if (!string.IsNullOrEmpty(paramQueryKey)) - { - string token = Request.Query[paramQueryKey]; - if (!string.IsNullOrEmpty(token)) - { - _logger.LogInformation("Token is found in query param with key \"{}\". Token is {} .", paramQueryKey, token); - return token; - } - } - - // not found anywhere then return null - return null; - } - - protected override async Task HandleAuthenticateAsync() - { - var token = ExtractToken(); - if (string.IsNullOrEmpty(token)) - { - _logger.LogInformation("No jwt token is found."); - return AuthenticateResult.NoResult(); - } - - try - { - var userInfo = await _userService.VerifyToken(token); - - var identity = new ClaimsIdentity(AuthConstants.Scheme); - identity.AddClaim(new Claim(identity.NameClaimType, userInfo.Username, ClaimValueTypes.String)); - identity.AddClaims(UserUtility.IsAdminToRoleArray(userInfo.Administrator).Select(role => new Claim(identity.RoleClaimType, role, ClaimValueTypes.String))); - - var principal = new ClaimsPrincipal(); - principal.AddIdentity(identity); - - return AuthenticateResult.Success(new AuthenticationTicket(principal, AuthConstants.Scheme)); - } - catch (ArgumentException) - { - throw; // this exception usually means server error. - } - catch (Exception e) - { - _logger.LogInformation(e, "A jwt token validation failed."); - return AuthenticateResult.Fail(e); - } - } - } -} diff --git a/Timeline/Authenticate/PrincipalExtensions.cs b/Timeline/Authenticate/PrincipalExtensions.cs deleted file mode 100644 index fa39ea89..00000000 --- a/Timeline/Authenticate/PrincipalExtensions.cs +++ /dev/null @@ -1,13 +0,0 @@ -using System.Security.Principal; -using Timeline.Entities; - -namespace Timeline.Authenticate -{ - public static class PrincipalExtensions - { - public static bool IsAdmin(this IPrincipal principal) - { - return principal.IsInRole(UserRoles.Admin); - } - } -} diff --git a/Timeline/Authentication/Attribute.cs b/Timeline/Authentication/Attribute.cs new file mode 100644 index 00000000..370b37e1 --- /dev/null +++ b/Timeline/Authentication/Attribute.cs @@ -0,0 +1,21 @@ +using Microsoft.AspNetCore.Authorization; +using Timeline.Entities; + +namespace Timeline.Authentication +{ + public class AdminAuthorizeAttribute : AuthorizeAttribute + { + public AdminAuthorizeAttribute() + { + Roles = UserRoles.Admin; + } + } + + public class UserAuthorizeAttribute : AuthorizeAttribute + { + public UserAuthorizeAttribute() + { + Roles = UserRoles.User; + } + } +} diff --git a/Timeline/Authentication/AuthHandler.cs b/Timeline/Authentication/AuthHandler.cs new file mode 100644 index 00000000..47ed1d71 --- /dev/null +++ b/Timeline/Authentication/AuthHandler.cs @@ -0,0 +1,98 @@ +using Microsoft.AspNetCore.Authentication; +using Microsoft.Extensions.Logging; +using Microsoft.Extensions.Options; +using Microsoft.Net.Http.Headers; +using System; +using System.Linq; +using System.Security.Claims; +using System.Text.Encodings.Web; +using System.Threading.Tasks; +using Timeline.Models; +using Timeline.Services; + +namespace Timeline.Authentication +{ + static class AuthConstants + { + public const string Scheme = "Bearer"; + public const string DisplayName = "My Jwt Auth Scheme"; + } + + public class AuthOptions : AuthenticationSchemeOptions + { + /// + /// The query param key to search for token. If null then query params are not searched for token. Default to "token". + /// + public string TokenQueryParamKey { get; set; } = "token"; + } + + public class AuthHandler : AuthenticationHandler + { + private readonly ILogger _logger; + private readonly IUserService _userService; + + public AuthHandler(IOptionsMonitor options, ILoggerFactory logger, UrlEncoder encoder, ISystemClock clock, IUserService userService) + : base(options, logger, encoder, clock) + { + _logger = logger.CreateLogger(); + _userService = userService; + } + + // return null if no token is found + private string? ExtractToken() + { + // check the authorization header + string header = Request.Headers[HeaderNames.Authorization]; + if (!string.IsNullOrEmpty(header) && header.StartsWith("Bearer ", StringComparison.InvariantCultureIgnoreCase)) + { + var token = header.Substring("Bearer ".Length).Trim(); + _logger.LogInformation(Resources.Authentication.AuthHandler.LogTokenFoundInHeader, token); + return token; + } + + // check the query params + var paramQueryKey = Options.TokenQueryParamKey; + if (!string.IsNullOrEmpty(paramQueryKey)) + { + string token = Request.Query[paramQueryKey]; + if (!string.IsNullOrEmpty(token)) + { + _logger.LogInformation(Resources.Authentication.AuthHandler.LogTokenFoundInQuery, paramQueryKey, token); + return token; + } + } + + // not found anywhere then return null + return null; + } + + protected override async Task HandleAuthenticateAsync() + { + var token = ExtractToken(); + if (string.IsNullOrEmpty(token)) + { + _logger.LogInformation(Resources.Authentication.AuthHandler.LogTokenNotFound); + return AuthenticateResult.NoResult(); + } + + try + { + var userInfo = await _userService.VerifyToken(token); + + var identity = new ClaimsIdentity(AuthConstants.Scheme); + identity.AddClaim(new Claim(identity.NameClaimType, userInfo.Username, ClaimValueTypes.String)); + identity.AddClaims(UserRoleConvert.ToArray(userInfo.Administrator).Select(role => new Claim(identity.RoleClaimType, role, ClaimValueTypes.String))); + + var principal = new ClaimsPrincipal(); + principal.AddIdentity(identity); + + return AuthenticateResult.Success(new AuthenticationTicket(principal, AuthConstants.Scheme)); + } + catch (Exception e) when (e! is ArgumentException) + { + _logger.LogInformation(e, Resources.Authentication.AuthHandler.LogTokenValidationFail); + return AuthenticateResult.Fail(e); + } + } + } +} diff --git a/Timeline/Authentication/PrincipalExtensions.cs b/Timeline/Authentication/PrincipalExtensions.cs new file mode 100644 index 00000000..8d77ab62 --- /dev/null +++ b/Timeline/Authentication/PrincipalExtensions.cs @@ -0,0 +1,13 @@ +using System.Security.Principal; +using Timeline.Entities; + +namespace Timeline.Authentication +{ + internal static class PrincipalExtensions + { + internal static bool IsAdministrator(this IPrincipal principal) + { + return principal.IsInRole(UserRoles.Admin); + } + } +} diff --git a/Timeline/Configs/DatabaseConfig.cs b/Timeline/Configs/DatabaseConfig.cs index e24ecdfb..c9309b08 100644 --- a/Timeline/Configs/DatabaseConfig.cs +++ b/Timeline/Configs/DatabaseConfig.cs @@ -2,6 +2,6 @@ namespace Timeline.Configs { public class DatabaseConfig { - public string ConnectionString { get; set; } + public string ConnectionString { get; set; } = default!; } } diff --git a/Timeline/Configs/JwtConfig.cs b/Timeline/Configs/JwtConfig.cs index 8c61d7bc..8a17825e 100644 --- a/Timeline/Configs/JwtConfig.cs +++ b/Timeline/Configs/JwtConfig.cs @@ -2,9 +2,9 @@ namespace Timeline.Configs { public class JwtConfig { - public string Issuer { get; set; } - public string Audience { get; set; } - public string SigningKey { get; set; } + public string Issuer { get; set; } = default!; + public string Audience { get; set; } = default!; + public string SigningKey { get; set; } = default!; /// /// Set the default value of expire offset of jwt token. diff --git a/Timeline/Controllers/Testing/TestingAuthController.cs b/Timeline/Controllers/Testing/TestingAuthController.cs index 488a3cff..67b5b2ef 100644 --- a/Timeline/Controllers/Testing/TestingAuthController.cs +++ b/Timeline/Controllers/Testing/TestingAuthController.cs @@ -1,6 +1,6 @@ using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; -using Timeline.Authenticate; +using Timeline.Authentication; namespace Timeline.Controllers.Testing { diff --git a/Timeline/Controllers/UserAvatarController.cs b/Timeline/Controllers/UserAvatarController.cs index e77076ca..5cba1d93 100644 --- a/Timeline/Controllers/UserAvatarController.cs +++ b/Timeline/Controllers/UserAvatarController.cs @@ -6,7 +6,7 @@ using Microsoft.Net.Http.Headers; using System; using System.Linq; using System.Threading.Tasks; -using Timeline.Authenticate; +using Timeline.Authentication; using Timeline.Filters; using Timeline.Models.Http; using Timeline.Services; @@ -106,7 +106,7 @@ namespace Timeline.Controllers return BadRequest(new CommonResponse(ErrorCodes.Put_Content_TooBig, "Content can't be bigger than 10MB.")); - if (!User.IsAdmin() && User.Identity.Name != username) + if (!User.IsAdministrator() && User.Identity.Name != username) { _logger.LogInformation($"Attempt to put a avatar of other user as a non-admin failed. Operator Username: {User.Identity.Name} ; Username To Put Avatar: {username} ."); return StatusCode(StatusCodes.Status403Forbidden, @@ -152,7 +152,7 @@ namespace Timeline.Controllers [Authorize] public async Task Delete([FromRoute] string username) { - if (!User.IsAdmin() && User.Identity.Name != username) + if (!User.IsAdministrator() && User.Identity.Name != username) { _logger.LogInformation($"Attempt to delete a avatar of other user as a non-admin failed. Operator Username: {User.Identity.Name} ; Username To Put Avatar: {username} ."); return StatusCode(StatusCodes.Status403Forbidden, diff --git a/Timeline/Controllers/UserController.cs b/Timeline/Controllers/UserController.cs index b8d1d659..1771dc85 100644 --- a/Timeline/Controllers/UserController.cs +++ b/Timeline/Controllers/UserController.cs @@ -3,10 +3,11 @@ using Microsoft.AspNetCore.Mvc; using Microsoft.Extensions.Localization; using Microsoft.Extensions.Logging; using System.Threading.Tasks; -using Timeline.Authenticate; +using Timeline.Authentication; using Timeline.Helpers; using Timeline.Models; using Timeline.Models.Http; +using Timeline.Models.Validation; using Timeline.Services; using static Timeline.Resources.Controllers.UserController; @@ -23,11 +24,6 @@ namespace Timeline public const int NotExist = 10020101; // dd = 01 } - public static class Put // cc = 02 - { - public const int BadUsername = 10020201; // dd = 01 - } - public static class Patch // cc = 03 { public const int NotExist = 10020301; // dd = 01 @@ -78,7 +74,7 @@ namespace Timeline.Controllers } [HttpGet("users/{username}"), AdminAuthorize] - public async Task> Get([FromRoute] string username) + public async Task> Get([FromRoute][Username] string username) { var user = await _userService.GetUser(username); if (user == null) @@ -90,32 +86,24 @@ namespace Timeline.Controllers } [HttpPut("users/{username}"), AdminAuthorize] - public async Task> Put([FromBody] UserPutRequest request, [FromRoute] string username) + public async Task> Put([FromBody] UserPutRequest request, [FromRoute][Username] string username) { - try - { - var result = await _userService.PutUser(username, request.Password, request.Administrator!.Value); - switch (result) - { - case PutResult.Create: - _logger.LogInformation(Log.Format(LogPutCreate, ("Username", username))); - return CreatedAtAction("Get", new { username }, CommonPutResponse.Create(_localizerFactory)); - case PutResult.Modify: - _logger.LogInformation(Log.Format(LogPutModify, ("Username", username))); - return Ok(CommonPutResponse.Modify(_localizerFactory)); - default: - throw new InvalidBranchException(); - } - } - catch (UsernameBadFormatException e) + var result = await _userService.PutUser(username, request.Password, request.Administrator!.Value); + switch (result) { - _logger.LogInformation(e, Log.Format(LogPutBadUsername, ("Username", username))); - return BadRequest(new CommonResponse(ErrorCodes.Http.User.Put.BadUsername, _localizer["ErrorPutBadUsername"])); + case PutResult.Create: + _logger.LogInformation(Log.Format(LogPutCreate, ("Username", username))); + return CreatedAtAction("Get", new { username }, CommonPutResponse.Create(_localizerFactory)); + case PutResult.Modify: + _logger.LogInformation(Log.Format(LogPutModify, ("Username", username))); + return Ok(CommonPutResponse.Modify(_localizerFactory)); + default: + throw new InvalidBranchException(); } } [HttpPatch("users/{username}"), AdminAuthorize] - public async Task Patch([FromBody] UserPatchRequest request, [FromRoute] string username) + public async Task Patch([FromBody] UserPatchRequest request, [FromRoute][Username] string username) { try { @@ -130,7 +118,7 @@ namespace Timeline.Controllers } [HttpDelete("users/{username}"), AdminAuthorize] - public async Task> Delete([FromRoute] string username) + public async Task> Delete([FromRoute][Username] string username) { try { diff --git a/Timeline/Entities/DatabaseContext.cs b/Timeline/Entities/DatabaseContext.cs index 550db216..e1b98e7d 100644 --- a/Timeline/Entities/DatabaseContext.cs +++ b/Timeline/Entities/DatabaseContext.cs @@ -1,38 +1,7 @@ using Microsoft.EntityFrameworkCore; -using System.ComponentModel.DataAnnotations; -using System.ComponentModel.DataAnnotations.Schema; namespace Timeline.Entities { - public static class UserRoles - { - public const string Admin = "admin"; - public const string User = "user"; - } - - [Table("users")] - public class User - { - [Column("id"), Key, DatabaseGenerated(DatabaseGeneratedOption.Identity)] - public long Id { get; set; } - - [Column("name"), MaxLength(26), Required] - public string Name { get; set; } = default!; - - [Column("password"), Required] - public string EncryptedPassword { get; set; } = default!; - - [Column("roles"), Required] - public string RoleString { get; set; } = default!; - - [Column("version"), Required] - public long Version { get; set; } - - public UserAvatar? Avatar { get; set; } - - public UserDetailEntity? Detail { get; set; } - } - public class DatabaseContext : DbContext { public DatabaseContext(DbContextOptions options) @@ -41,14 +10,14 @@ namespace Timeline.Entities } + [System.Diagnostics.CodeAnalysis.SuppressMessage("Design", "CA1062:Validate arguments of public methods")] protected override void OnModelCreating(ModelBuilder modelBuilder) { modelBuilder.Entity().Property(e => e.Version).HasDefaultValue(0); modelBuilder.Entity().HasIndex(e => e.Name).IsUnique(); } - public DbSet Users { get; set; } - public DbSet UserAvatars { get; set; } - public DbSet UserDetails { get; set; } + public DbSet Users { get; set; } = default!; + public DbSet UserAvatars { get; set; } = default!; } } diff --git a/Timeline/Entities/User.cs b/Timeline/Entities/User.cs new file mode 100644 index 00000000..6e8e4967 --- /dev/null +++ b/Timeline/Entities/User.cs @@ -0,0 +1,32 @@ +using System.ComponentModel.DataAnnotations; +using System.ComponentModel.DataAnnotations.Schema; + +namespace Timeline.Entities +{ + public static class UserRoles + { + public const string Admin = "admin"; + public const string User = "user"; + } + + [Table("users")] + public class User + { + [Column("id"), Key, DatabaseGenerated(DatabaseGeneratedOption.Identity)] + public long Id { get; set; } + + [Column("name"), MaxLength(26), Required] + public string Name { get; set; } = default!; + + [Column("password"), Required] + public string EncryptedPassword { get; set; } = default!; + + [Column("roles"), Required] + public string RoleString { get; set; } = default!; + + [Column("version"), Required] + public long Version { get; set; } + + public UserAvatar? Avatar { get; set; } + } +} diff --git a/Timeline/Entities/UserDetail.cs b/Timeline/Entities/UserDetail.cs deleted file mode 100644 index e02d15c4..00000000 --- a/Timeline/Entities/UserDetail.cs +++ /dev/null @@ -1,29 +0,0 @@ -using System.ComponentModel.DataAnnotations; -using System.ComponentModel.DataAnnotations.Schema; - -namespace Timeline.Entities -{ - [Table("user_details")] - public class UserDetailEntity - { - [Column("id"), Key, DatabaseGenerated(DatabaseGeneratedOption.Identity)] - public long Id { get; set; } - - [Column("nickname"), MaxLength(15)] - public string? Nickname { get; set; } - - [Column("qq"), MaxLength(15)] - public string? QQ { get; set; } - - [Column("email"), MaxLength(50)] - public string? Email { get; set; } - - [Column("phone_number"), MaxLength(15)] - public string? PhoneNumber { get; set; } - - [Column("description")] - public string? Description { get; set; } - - public long UserId { get; set; } - } -} diff --git a/Timeline/GlobalSuppressions.cs b/Timeline/GlobalSuppressions.cs index 6c89b230..44ad3af5 100644 --- a/Timeline/GlobalSuppressions.cs +++ b/Timeline/GlobalSuppressions.cs @@ -6,5 +6,6 @@ [assembly: System.Diagnostics.CodeAnalysis.SuppressMessage("Reliability", "CA2007:Consider calling ConfigureAwait on the awaited task", Justification = "This is not a UI application.")] [assembly: System.Diagnostics.CodeAnalysis.SuppressMessage("Design", "CA1034:Nested types should not be visible", Justification = "This is not bad.")] [assembly: System.Diagnostics.CodeAnalysis.SuppressMessage("Design", "CA1062:Validate arguments of public methods", Justification = "No need to check the null because it's ASP.Net's duty.", Scope = "namespaceanddescendants", Target = "Timeline.Controllers")] +[assembly: System.Diagnostics.CodeAnalysis.SuppressMessage("Design", "CA1062:Validate arguments of public methods", Justification = "Migrations code are auto generated.", Scope = "namespaceanddescendants", Target = "Timeline.Migrations")] [assembly: System.Diagnostics.CodeAnalysis.SuppressMessage("Naming", "CA1707:Identifiers should not contain underscores", Justification = "Error code constant identifiers.", Scope = "type", Target = "Timeline.ErrorCodes")] [assembly: System.Diagnostics.CodeAnalysis.SuppressMessage("Naming", "CA1716:Identifiers should not match keywords", Justification = "Error code constant identifiers.", Scope = "type", Target = "Timeline.ErrorCodes")] diff --git a/Timeline/Helpers/StringLocalizerFactoryExtensions.cs b/Timeline/Helpers/StringLocalizerFactoryExtensions.cs index 3cb561f5..c2252b2c 100644 --- a/Timeline/Helpers/StringLocalizerFactoryExtensions.cs +++ b/Timeline/Helpers/StringLocalizerFactoryExtensions.cs @@ -10,5 +10,10 @@ namespace Timeline.Helpers { return factory.Create(basename, new AssemblyName(typeof(StringLocalizerFactoryExtensions).Assembly.FullName!).Name); } + + internal static StringLocalizer Create(this IStringLocalizerFactory factory) + { + return new StringLocalizer(factory); + } } } \ No newline at end of file diff --git a/Timeline/Models/Http/User.cs b/Timeline/Models/Http/User.cs index 98406fec..516c1329 100644 --- a/Timeline/Models/Http/User.cs +++ b/Timeline/Models/Http/User.cs @@ -20,9 +20,11 @@ namespace Timeline.Models.Http public class ChangeUsernameRequest { [Required] + [Username] public string OldUsername { get; set; } = default!; - [Required, ValidateWith(typeof(UsernameValidator))] + [Required] + [Username] public string NewUsername { get; set; } = default!; } diff --git a/Timeline/Models/UserConvert.cs b/Timeline/Models/UserConvert.cs new file mode 100644 index 00000000..5b132421 --- /dev/null +++ b/Timeline/Models/UserConvert.cs @@ -0,0 +1,67 @@ +using System; +using System.Collections.Generic; +using System.Linq; +using Timeline.Entities; +using Timeline.Services; + +namespace Timeline.Models +{ + public static class UserConvert + { + public static UserInfo CreateUserInfo(User user) + { + if (user == null) + throw new ArgumentNullException(nameof(user)); + return new UserInfo(user.Name, UserRoleConvert.ToBool(user.RoleString)); + } + + internal static UserCache CreateUserCache(User user) + { + if (user == null) + throw new ArgumentNullException(nameof(user)); + return new UserCache + { + Username = user.Name, + Administrator = UserRoleConvert.ToBool(user.RoleString), + Version = user.Version + }; + } + } + + [System.Diagnostics.CodeAnalysis.SuppressMessage("Design", "CA1062:Validate arguments of public methods", Justification = "No need.")] + public static class UserRoleConvert + { + public const string UserRole = UserRoles.User; + public const string AdminRole = UserRoles.Admin; + + public static string[] ToArray(bool administrator) + { + return administrator ? new string[] { UserRole, AdminRole } : new string[] { UserRole }; + } + + public static string[] ToArray(string s) + { + return s.Split(',').ToArray(); + } + + public static bool ToBool(IReadOnlyCollection roles) + { + return roles.Contains(AdminRole); + } + + public static string ToString(IReadOnlyCollection roles) + { + return string.Join(',', roles); + } + + public static string ToString(bool administrator) + { + return administrator ? UserRole + "," + AdminRole : UserRole; + } + + public static bool ToBool(string s) + { + return s.Contains("admin", StringComparison.InvariantCulture); + } + } +} diff --git a/Timeline/Models/UserInfo.cs b/Timeline/Models/UserInfo.cs index e502855b..b60bdfa2 100644 --- a/Timeline/Models/UserInfo.cs +++ b/Timeline/Models/UserInfo.cs @@ -12,8 +12,8 @@ namespace Timeline.Models Administrator = administrator; } - public string Username { get; set; } - public bool Administrator { get; set; } + public string Username { get; set; } = default!; + public bool Administrator { get; set; } = default!; public override string ToString() { diff --git a/Timeline/Models/UserUtility.cs b/Timeline/Models/UserUtility.cs deleted file mode 100644 index 405987b5..00000000 --- a/Timeline/Models/UserUtility.cs +++ /dev/null @@ -1,60 +0,0 @@ -using System; -using System.Linq; -using Timeline.Entities; -using Timeline.Services; - -namespace Timeline.Models -{ - public static class UserUtility - { - public const string UserRole = UserRoles.User; - public const string AdminRole = UserRoles.Admin; - - public static string[] UserRoleArray { get; } = new string[] { UserRole }; - public static string[] AdminRoleArray { get; } = new string[] { UserRole, AdminRole }; - - public static string[] IsAdminToRoleArray(bool isAdmin) - { - return isAdmin ? AdminRoleArray : UserRoleArray; - } - - public static bool RoleArrayToIsAdmin(string[] roles) - { - return roles.Contains(AdminRole); - } - - public static string[] RoleStringToRoleArray(string roleString) - { - return roleString.Split(',').ToArray(); - } - - public static string RoleArrayToRoleString(string[] roles) - { - return string.Join(',', roles); - } - - public static string IsAdminToRoleString(bool isAdmin) - { - return RoleArrayToRoleString(IsAdminToRoleArray(isAdmin)); - } - - public static bool RoleStringToIsAdmin(string roleString) - { - return RoleArrayToIsAdmin(RoleStringToRoleArray(roleString)); - } - - public static UserInfo CreateUserInfo(User user) - { - if (user == null) - throw new ArgumentNullException(nameof(user)); - return new UserInfo(user.Name, RoleStringToIsAdmin(user.RoleString)); - } - - internal static UserCache CreateUserCache(User user) - { - if (user == null) - throw new ArgumentNullException(nameof(user)); - return new UserCache { Username = user.Name, Administrator = RoleStringToIsAdmin(user.RoleString), Version = user.Version }; - } - } -} diff --git a/Timeline/Models/Validation/UsernameValidator.cs b/Timeline/Models/Validation/UsernameValidator.cs index 65d4da71..dc237add 100644 --- a/Timeline/Models/Validation/UsernameValidator.cs +++ b/Timeline/Models/Validation/UsernameValidator.cs @@ -1,4 +1,5 @@ -using System.Linq; +using System; +using System.Linq; namespace Timeline.Models.Validation { @@ -36,4 +37,15 @@ namespace Timeline.Models.Validation return (true, SuccessMessageGenerator); } } + + [AttributeUsage(AttributeTargets.Property | AttributeTargets.Field | AttributeTargets.Parameter, + AllowMultiple = false)] + public class UsernameAttribute : ValidateWithAttribute + { + public UsernameAttribute() + : base(typeof(UsernameValidator)) + { + + } + } } diff --git a/Timeline/Models/Validation/Validator.cs b/Timeline/Models/Validation/Validator.cs index 606ba7b4..d2c7c377 100644 --- a/Timeline/Models/Validation/Validator.cs +++ b/Timeline/Models/Validation/Validator.cs @@ -8,7 +8,7 @@ namespace Timeline.Models.Validation { /// /// Generate a message from a localizer factory. - /// If localizerFactory is null, it should return a neutral-cultural message. + /// If localizerFactory is null, it should return a culture-invariant message. /// /// The localizer factory. Could be null. /// The message. diff --git a/Timeline/Program.cs b/Timeline/Program.cs index 7474fe2f..4a098adf 100644 --- a/Timeline/Program.cs +++ b/Timeline/Program.cs @@ -3,6 +3,7 @@ using Microsoft.AspNetCore.Hosting; using Microsoft.Extensions.Configuration; using Microsoft.Extensions.FileProviders; using Microsoft.Extensions.Hosting; +using System.Resources; namespace Timeline { diff --git a/Timeline/Resources/Authentication/AuthHandler.Designer.cs b/Timeline/Resources/Authentication/AuthHandler.Designer.cs new file mode 100644 index 00000000..fd4540ea --- /dev/null +++ b/Timeline/Resources/Authentication/AuthHandler.Designer.cs @@ -0,0 +1,99 @@ +//------------------------------------------------------------------------------ +// +// This code was generated by a tool. +// Runtime Version:4.0.30319.42000 +// +// Changes to this file may cause incorrect behavior and will be lost if +// the code is regenerated. +// +//------------------------------------------------------------------------------ + +namespace Timeline.Resources.Authentication { + using System; + + + /// + /// A strongly-typed resource class, for looking up localized strings, etc. + /// + // This class was auto-generated by the StronglyTypedResourceBuilder + // class via a tool like ResGen or Visual Studio. + // To add or remove a member, edit your .ResX file then rerun ResGen + // with the /str option, or rebuild your VS project. + [global::System.CodeDom.Compiler.GeneratedCodeAttribute("System.Resources.Tools.StronglyTypedResourceBuilder", "16.0.0.0")] + [global::System.Diagnostics.DebuggerNonUserCodeAttribute()] + [global::System.Runtime.CompilerServices.CompilerGeneratedAttribute()] + internal class AuthHandler { + + private static global::System.Resources.ResourceManager resourceMan; + + private static global::System.Globalization.CultureInfo resourceCulture; + + [global::System.Diagnostics.CodeAnalysis.SuppressMessageAttribute("Microsoft.Performance", "CA1811:AvoidUncalledPrivateCode")] + internal AuthHandler() { + } + + /// + /// Returns the cached ResourceManager instance used by this class. + /// + [global::System.ComponentModel.EditorBrowsableAttribute(global::System.ComponentModel.EditorBrowsableState.Advanced)] + internal static global::System.Resources.ResourceManager ResourceManager { + get { + if (object.ReferenceEquals(resourceMan, null)) { + global::System.Resources.ResourceManager temp = new global::System.Resources.ResourceManager("Timeline.Resources.Authentication.AuthHandler", typeof(AuthHandler).Assembly); + resourceMan = temp; + } + return resourceMan; + } + } + + /// + /// Overrides the current thread's CurrentUICulture property for all + /// resource lookups using this strongly typed resource class. + /// + [global::System.ComponentModel.EditorBrowsableAttribute(global::System.ComponentModel.EditorBrowsableState.Advanced)] + internal static global::System.Globalization.CultureInfo Culture { + get { + return resourceCulture; + } + set { + resourceCulture = value; + } + } + + /// + /// Looks up a localized string similar to Token is found in authorization header. Token is {0} .. + /// + internal static string LogTokenFoundInHeader { + get { + return ResourceManager.GetString("LogTokenFoundInHeader", resourceCulture); + } + } + + /// + /// Looks up a localized string similar to Token is found in query param with key "{0}". Token is {1} .. + /// + internal static string LogTokenFoundInQuery { + get { + return ResourceManager.GetString("LogTokenFoundInQuery", resourceCulture); + } + } + + /// + /// Looks up a localized string similar to No jwt token is found.. + /// + internal static string LogTokenNotFound { + get { + return ResourceManager.GetString("LogTokenNotFound", resourceCulture); + } + } + + /// + /// Looks up a localized string similar to A jwt token validation failed.. + /// + internal static string LogTokenValidationFail { + get { + return ResourceManager.GetString("LogTokenValidationFail", resourceCulture); + } + } + } +} diff --git a/Timeline/Resources/Authentication/AuthHandler.resx b/Timeline/Resources/Authentication/AuthHandler.resx new file mode 100644 index 00000000..4cddc8ce --- /dev/null +++ b/Timeline/Resources/Authentication/AuthHandler.resx @@ -0,0 +1,132 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + text/microsoft-resx + + + 2.0 + + + System.Resources.ResXResourceReader, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 + + + System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 + + + Token is found in authorization header. Token is {0} . + + + Token is found in query param with key "{0}". Token is {1} . + + + No jwt token is found. + + + A jwt token validation failed. + + \ No newline at end of file diff --git a/Timeline/Resources/Services/Exception.Designer.cs b/Timeline/Resources/Services/Exception.Designer.cs index 15a8169e..24f6b8e6 100644 --- a/Timeline/Resources/Services/Exception.Designer.cs +++ b/Timeline/Resources/Services/Exception.Designer.cs @@ -69,6 +69,69 @@ namespace Timeline.Resources.Services { } } + /// + /// Looks up a localized string similar to The hashes password is of bad format. It might not be created by server.. + /// + internal static string HashedPasswordBadFromatException { + get { + return ResourceManager.GetString("HashedPasswordBadFromatException", resourceCulture); + } + } + + /// + /// Looks up a localized string similar to Not of valid base64 format. See inner exception.. + /// + internal static string HashedPasswordBadFromatExceptionNotBase64 { + get { + return ResourceManager.GetString("HashedPasswordBadFromatExceptionNotBase64", resourceCulture); + } + } + + /// + /// Looks up a localized string similar to Decoded hashed password is of length 0.. + /// + internal static string HashedPasswordBadFromatExceptionNotLength0 { + get { + return ResourceManager.GetString("HashedPasswordBadFromatExceptionNotLength0", resourceCulture); + } + } + + /// + /// Looks up a localized string similar to See inner exception.. + /// + internal static string HashedPasswordBadFromatExceptionNotOthers { + get { + return ResourceManager.GetString("HashedPasswordBadFromatExceptionNotOthers", resourceCulture); + } + } + + /// + /// Looks up a localized string similar to Salt length < 128 bits.. + /// + internal static string HashedPasswordBadFromatExceptionNotSaltTooShort { + get { + return ResourceManager.GetString("HashedPasswordBadFromatExceptionNotSaltTooShort", resourceCulture); + } + } + + /// + /// Looks up a localized string similar to Subkey length < 128 bits.. + /// + internal static string HashedPasswordBadFromatExceptionNotSubkeyTooShort { + get { + return ResourceManager.GetString("HashedPasswordBadFromatExceptionNotSubkeyTooShort", resourceCulture); + } + } + + /// + /// Looks up a localized string similar to Unknown format marker.. + /// + internal static string HashedPasswordBadFromatExceptionNotUnknownMarker { + get { + return ResourceManager.GetString("HashedPasswordBadFromatExceptionNotUnknownMarker", resourceCulture); + } + } + /// /// Looks up a localized string similar to The version of the jwt token is old.. /// diff --git a/Timeline/Resources/Services/Exception.resx b/Timeline/Resources/Services/Exception.resx index af771393..408c45a1 100644 --- a/Timeline/Resources/Services/Exception.resx +++ b/Timeline/Resources/Services/Exception.resx @@ -120,6 +120,27 @@ The password is wrong. + + The hashes password is of bad format. It might not be created by server. + + + Not of valid base64 format. See inner exception. + + + Decoded hashed password is of length 0. + + + See inner exception. + + + Salt length < 128 bits. + + + Subkey length < 128 bits. + + + Unknown format marker. + The version of the jwt token is old. diff --git a/Timeline/Resources/Services/UserService.Designer.cs b/Timeline/Resources/Services/UserService.Designer.cs new file mode 100644 index 00000000..2a04dded --- /dev/null +++ b/Timeline/Resources/Services/UserService.Designer.cs @@ -0,0 +1,126 @@ +//------------------------------------------------------------------------------ +// +// This code was generated by a tool. +// Runtime Version:4.0.30319.42000 +// +// Changes to this file may cause incorrect behavior and will be lost if +// the code is regenerated. +// +//------------------------------------------------------------------------------ + +namespace Timeline.Resources.Services { + using System; + + + /// + /// A strongly-typed resource class, for looking up localized strings, etc. + /// + // This class was auto-generated by the StronglyTypedResourceBuilder + // class via a tool like ResGen or Visual Studio. + // To add or remove a member, edit your .ResX file then rerun ResGen + // with the /str option, or rebuild your VS project. + [global::System.CodeDom.Compiler.GeneratedCodeAttribute("System.Resources.Tools.StronglyTypedResourceBuilder", "16.0.0.0")] + [global::System.Diagnostics.DebuggerNonUserCodeAttribute()] + [global::System.Runtime.CompilerServices.CompilerGeneratedAttribute()] + internal class UserService { + + private static global::System.Resources.ResourceManager resourceMan; + + private static global::System.Globalization.CultureInfo resourceCulture; + + [global::System.Diagnostics.CodeAnalysis.SuppressMessageAttribute("Microsoft.Performance", "CA1811:AvoidUncalledPrivateCode")] + internal UserService() { + } + + /// + /// Returns the cached ResourceManager instance used by this class. + /// + [global::System.ComponentModel.EditorBrowsableAttribute(global::System.ComponentModel.EditorBrowsableState.Advanced)] + internal static global::System.Resources.ResourceManager ResourceManager { + get { + if (object.ReferenceEquals(resourceMan, null)) { + global::System.Resources.ResourceManager temp = new global::System.Resources.ResourceManager("Timeline.Resources.Services.UserService", typeof(UserService).Assembly); + resourceMan = temp; + } + return resourceMan; + } + } + + /// + /// Overrides the current thread's CurrentUICulture property for all + /// resource lookups using this strongly typed resource class. + /// + [global::System.ComponentModel.EditorBrowsableAttribute(global::System.ComponentModel.EditorBrowsableState.Advanced)] + internal static global::System.Globalization.CultureInfo Culture { + get { + return resourceCulture; + } + set { + resourceCulture = value; + } + } + + /// + /// Looks up a localized string similar to New username is of bad format.. + /// + internal static string ExceptionNewUsernameBadFormat { + get { + return ResourceManager.GetString("ExceptionNewUsernameBadFormat", resourceCulture); + } + } + + /// + /// Looks up a localized string similar to Old username is of bad format.. + /// + internal static string ExceptionOldUsernameBadFormat { + get { + return ResourceManager.GetString("ExceptionOldUsernameBadFormat", resourceCulture); + } + } + + /// + /// Looks up a localized string similar to A cache entry is created.. + /// + internal static string LogCacheCreate { + get { + return ResourceManager.GetString("LogCacheCreate", resourceCulture); + } + } + + /// + /// Looks up a localized string similar to A cache entry is removed.. + /// + internal static string LogCacheRemove { + get { + return ResourceManager.GetString("LogCacheRemove", resourceCulture); + } + } + + /// + /// Looks up a localized string similar to A new user entry is added to the database.. + /// + internal static string LogDatabaseCreate { + get { + return ResourceManager.GetString("LogDatabaseCreate", resourceCulture); + } + } + + /// + /// Looks up a localized string similar to A user entry is removed from the database.. + /// + internal static string LogDatabaseRemove { + get { + return ResourceManager.GetString("LogDatabaseRemove", resourceCulture); + } + } + + /// + /// Looks up a localized string similar to A user entry is updated to the database.. + /// + internal static string LogDatabaseUpdate { + get { + return ResourceManager.GetString("LogDatabaseUpdate", resourceCulture); + } + } + } +} diff --git a/Timeline/Resources/Services/UserService.resx b/Timeline/Resources/Services/UserService.resx new file mode 100644 index 00000000..3670d8f9 --- /dev/null +++ b/Timeline/Resources/Services/UserService.resx @@ -0,0 +1,141 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + text/microsoft-resx + + + 2.0 + + + System.Resources.ResXResourceReader, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 + + + System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 + + + New username is of bad format. + + + Old username is of bad format. + + + A cache entry is created. + + + A cache entry is removed. + + + A new user entry is added to the database. + + + A user entry is removed from the database. + + + A user entry is updated to the database. + + \ No newline at end of file diff --git a/Timeline/Services/PasswordService.cs b/Timeline/Services/PasswordService.cs index e09a1365..e04a861b 100644 --- a/Timeline/Services/PasswordService.cs +++ b/Timeline/Services/PasswordService.cs @@ -12,13 +12,23 @@ namespace Timeline.Services [Serializable] public class HashedPasswordBadFromatException : Exception { - public HashedPasswordBadFromatException(string hashedPassword, string message) : base(message) { HashedPassword = hashedPassword; } - public HashedPasswordBadFromatException(string hashedPassword, string message, Exception inner) : base(message, inner) { HashedPassword = hashedPassword; } + private static string MakeMessage(string reason) + { + return Resources.Services.Exception.HashedPasswordBadFromatException + " Reason: " + reason; + } + + public HashedPasswordBadFromatException() : base(Resources.Services.Exception.HashedPasswordBadFromatException) { } + + public HashedPasswordBadFromatException(string message) : base(message) { } + public HashedPasswordBadFromatException(string message, Exception inner) : base(message, inner) { } + + public HashedPasswordBadFromatException(string hashedPassword, string reason) : base(MakeMessage(reason)) { HashedPassword = hashedPassword; } + public HashedPasswordBadFromatException(string hashedPassword, string reason, Exception inner) : base(MakeMessage(reason), inner) { HashedPassword = hashedPassword; } protected HashedPasswordBadFromatException( System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) : base(info, context) { } - public string HashedPassword { get; private set; } + public string? HashedPassword { get; set; } } public interface IPasswordService @@ -140,22 +150,20 @@ namespace Timeline.Services } catch (FormatException e) { - throw new HashedPasswordBadFromatException(hashedPassword, "Not of valid base64 format. See inner exception.", e); + throw new HashedPasswordBadFromatException(hashedPassword, Resources.Services.Exception.HashedPasswordBadFromatExceptionNotBase64, e); } // read the format marker from the hashed password if (decodedHashedPassword.Length == 0) { - throw new HashedPasswordBadFromatException(hashedPassword, "Decoded hashed password is of length 0."); + throw new HashedPasswordBadFromatException(hashedPassword, Resources.Services.Exception.HashedPasswordBadFromatExceptionNotLength0); } - switch (decodedHashedPassword[0]) - { - case 0x01: - return VerifyHashedPasswordV3(decodedHashedPassword, providedPassword, hashedPassword); - default: - throw new HashedPasswordBadFromatException(hashedPassword, "Unknown format marker."); - } + return (decodedHashedPassword[0]) switch + { + 0x01 => VerifyHashedPasswordV3(decodedHashedPassword, providedPassword, hashedPassword), + _ => throw new HashedPasswordBadFromatException(hashedPassword, Resources.Services.Exception.HashedPasswordBadFromatExceptionNotUnknownMarker), + }; } private bool VerifyHashedPasswordV3(byte[] hashedPassword, string password, string hashedPasswordString) @@ -170,7 +178,7 @@ namespace Timeline.Services // Read the salt: must be >= 128 bits if (saltLength < 128 / 8) { - throw new HashedPasswordBadFromatException(hashedPasswordString, "Salt length < 128 bits."); + throw new HashedPasswordBadFromatException(hashedPasswordString, Resources.Services.Exception.HashedPasswordBadFromatExceptionNotSaltTooShort); } byte[] salt = new byte[saltLength]; Buffer.BlockCopy(hashedPassword, 13, salt, 0, salt.Length); @@ -179,7 +187,7 @@ namespace Timeline.Services int subkeyLength = hashedPassword.Length - 13 - salt.Length; if (subkeyLength < 128 / 8) { - throw new HashedPasswordBadFromatException(hashedPasswordString, "Subkey length < 128 bits."); + throw new HashedPasswordBadFromatException(hashedPasswordString, Resources.Services.Exception.HashedPasswordBadFromatExceptionNotSubkeyTooShort); } byte[] expectedSubkey = new byte[subkeyLength]; Buffer.BlockCopy(hashedPassword, 13 + salt.Length, expectedSubkey, 0, expectedSubkey.Length); @@ -193,7 +201,7 @@ namespace Timeline.Services // This should never occur except in the case of a malformed payload, where // we might go off the end of the array. Regardless, a malformed payload // implies verification failed. - throw new HashedPasswordBadFromatException(hashedPasswordString, "See inner exception.", e); + throw new HashedPasswordBadFromatException(hashedPasswordString, Resources.Services.Exception.HashedPasswordBadFromatExceptionNotOthers, e); } } diff --git a/Timeline/Services/UserService.cs b/Timeline/Services/UserService.cs index 45ef8a5c..d706d05e 100644 --- a/Timeline/Services/UserService.cs +++ b/Timeline/Services/UserService.cs @@ -1,15 +1,13 @@ using Microsoft.EntityFrameworkCore; using Microsoft.Extensions.Caching.Memory; -using Microsoft.Extensions.Localization; using Microsoft.Extensions.Logging; using System; using System.Linq; using System.Threading.Tasks; using Timeline.Entities; +using Timeline.Helpers; using Timeline.Models; using Timeline.Models.Validation; -using static Timeline.Helpers.MyLogHelper; -using static Timeline.Models.UserUtility; namespace Timeline.Services { @@ -30,6 +28,7 @@ namespace Timeline.Services /// The expired time point. Null then use default. See for what is default. /// An containing the created token and user info. /// Thrown when or is null. + /// Thrown when username is of bad format. /// Thrown when the user with given username does not exist. /// Thrown when password is wrong. Task CreateToken(string username, string password, DateTime? expires = null); @@ -50,6 +49,8 @@ namespace Timeline.Services /// /// Username of the user. /// The info of the user. Null if the user of given username does not exists. + /// Thrown when is null. + /// Thrown when is of bad format. Task GetUser(string username); /// @@ -82,6 +83,7 @@ namespace Timeline.Services /// New password. Null if not modify. /// Whether the user is administrator. Null if not modify. /// Thrown if is null. + /// Thrown when is of bad format. /// Thrown if the user with given username does not exist. Task PatchUser(string username, string? password, bool? administrator); @@ -90,6 +92,7 @@ namespace Timeline.Services /// /// Username of thet user to delete. Can't be null. /// Thrown if is null. + /// Thrown when is of bad format. /// Thrown if the user with given username does not exist. Task DeleteUser(string username); @@ -100,6 +103,7 @@ namespace Timeline.Services /// The user's old password. /// The user's new password. /// Thrown if or or is null. + /// Thrown when is of bad format. /// Thrown if the user with given username does not exist. /// Thrown if the old password is wrong. Task ChangePassword(string username, string oldPassword, string newPassword); @@ -109,9 +113,9 @@ namespace Timeline.Services /// /// The user's old username. /// The new username. - /// Thrown if or is null or empty. + /// Thrown if or is null. /// Thrown if the user with old username does not exist. - /// Thrown if the new username is not accepted because of bad format. + /// Thrown if the or is of bad format. /// Thrown if user with the new username already exists. Task ChangeUsername(string oldUsername, string newUsername); } @@ -157,7 +161,19 @@ namespace Timeline.Services { var key = GenerateCacheKeyByUserId(id); _memoryCache.Remove(key); - _logger.LogInformation(FormatLogMessage("A cache entry is removed.", Pair("Key", key))); + _logger.LogInformation(Log.Format(Resources.Services.UserService.LogCacheRemove, ("Key", key))); + } + + private void CheckUsernameFormat(string username, string? message = null) + { + var (result, messageGenerator) = _usernameValidator.Validate(username); + if (!result) + { + if (message == null) + throw new UsernameBadFormatException(username, messageGenerator(null)); + else + throw new UsernameBadFormatException(username, message + messageGenerator(null)); + } } public async Task CreateToken(string username, string password, DateTime? expires) @@ -166,6 +182,7 @@ namespace Timeline.Services throw new ArgumentNullException(nameof(username)); if (password == null) throw new ArgumentNullException(nameof(password)); + CheckUsernameFormat(username); // We need password info, so always check the database. var user = await _databaseContext.Users.Where(u => u.Name == username).SingleOrDefaultAsync(); @@ -185,7 +202,7 @@ namespace Timeline.Services return new CreateTokenResult { Token = token, - User = CreateUserInfo(user) + User = UserConvert.CreateUserInfo(user) }; } @@ -208,9 +225,9 @@ namespace Timeline.Services throw new UserNotExistException(id); // create cache - cache = CreateUserCache(user); + cache = UserConvert.CreateUserCache(user); _memoryCache.CreateEntry(key).SetValue(cache); - _logger.LogInformation(FormatLogMessage("A cache entry is created.", Pair("Key", key))); + _logger.LogInformation(Log.Format(Resources.Services.UserService.LogCacheCreate, ("Key", key))); } if (tokenInfo.Version != cache.Version) @@ -221,16 +238,20 @@ namespace Timeline.Services public async Task GetUser(string username) { + if (username == null) + throw new ArgumentNullException(nameof(username)); + CheckUsernameFormat(username); + return await _databaseContext.Users .Where(user => user.Name == username) - .Select(user => CreateUserInfo(user)) + .Select(user => UserConvert.CreateUserInfo(user)) .SingleOrDefaultAsync(); } public async Task ListUsers() { return await _databaseContext.Users - .Select(user => CreateUserInfo(user)) + .Select(user => UserConvert.CreateUserInfo(user)) .ToArrayAsync(); } @@ -240,12 +261,7 @@ namespace Timeline.Services throw new ArgumentNullException(nameof(username)); if (password == null) throw new ArgumentNullException(nameof(password)); - - var (result, messageGenerator) = _usernameValidator.Validate(username); - if (!result) - { - throw new UsernameBadFormatException(username, messageGenerator(null)); - } + CheckUsernameFormat(username); var user = await _databaseContext.Users.Where(u => u.Name == username).SingleOrDefaultAsync(); @@ -255,20 +271,22 @@ namespace Timeline.Services { Name = username, EncryptedPassword = _passwordService.HashPassword(password), - RoleString = IsAdminToRoleString(administrator), + RoleString = UserRoleConvert.ToString(administrator), Avatar = UserAvatar.Create(DateTime.Now) }; await _databaseContext.AddAsync(newUser); await _databaseContext.SaveChangesAsync(); - _logger.LogInformation(FormatLogMessage("A new user entry is added to the database.", Pair("Id", newUser.Id))); + _logger.LogInformation(Log.Format(Resources.Services.UserService.LogDatabaseCreate, + ("Id", newUser.Id), ("Username", username), ("Administrator", administrator))); return PutResult.Create; } user.EncryptedPassword = _passwordService.HashPassword(password); - user.RoleString = IsAdminToRoleString(administrator); + user.RoleString = UserRoleConvert.ToString(administrator); user.Version += 1; await _databaseContext.SaveChangesAsync(); - _logger.LogInformation(FormatLogMessage("A user entry is updated to the database.", Pair("Id", user.Id))); + _logger.LogInformation(Log.Format(Resources.Services.UserService.LogDatabaseUpdate, + ("Id", user.Id), ("Username", username), ("Administrator", administrator))); //clear cache RemoveCache(user.Id); @@ -276,10 +294,11 @@ namespace Timeline.Services return PutResult.Modify; } - public async Task PatchUser(string username, string password, bool? administrator) + public async Task PatchUser(string username, string? password, bool? administrator) { if (username == null) throw new ArgumentNullException(nameof(username)); + CheckUsernameFormat(username); var user = await _databaseContext.Users.Where(u => u.Name == username).SingleOrDefaultAsync(); if (user == null) @@ -292,12 +311,12 @@ namespace Timeline.Services if (administrator != null) { - user.RoleString = IsAdminToRoleString(administrator.Value); + user.RoleString = UserRoleConvert.ToString(administrator.Value); } user.Version += 1; await _databaseContext.SaveChangesAsync(); - _logger.LogInformation(FormatLogMessage("A user entry is updated to the database.", Pair("Id", user.Id))); + _logger.LogInformation(Resources.Services.UserService.LogDatabaseUpdate, ("Id", user.Id)); //clear cache RemoveCache(user.Id); @@ -307,6 +326,7 @@ namespace Timeline.Services { if (username == null) throw new ArgumentNullException(nameof(username)); + CheckUsernameFormat(username); var user = await _databaseContext.Users.Where(u => u.Name == username).SingleOrDefaultAsync(); if (user == null) @@ -314,7 +334,8 @@ namespace Timeline.Services _databaseContext.Users.Remove(user); await _databaseContext.SaveChangesAsync(); - _logger.LogInformation(FormatLogMessage("A user entry is removed from the database.", Pair("Id", user.Id))); + _logger.LogInformation(Log.Format(Resources.Services.UserService.LogDatabaseRemove, + ("Id", user.Id))); //clear cache RemoveCache(user.Id); @@ -328,6 +349,7 @@ namespace Timeline.Services throw new ArgumentNullException(nameof(oldPassword)); if (newPassword == null) throw new ArgumentNullException(nameof(newPassword)); + CheckUsernameFormat(username); var user = await _databaseContext.Users.Where(u => u.Name == username).SingleOrDefaultAsync(); if (user == null) @@ -340,23 +362,20 @@ namespace Timeline.Services user.EncryptedPassword = _passwordService.HashPassword(newPassword); user.Version += 1; await _databaseContext.SaveChangesAsync(); + _logger.LogInformation(Log.Format(Resources.Services.UserService.LogDatabaseUpdate, + ("Id", user.Id), ("Operation", "Change password"))); //clear cache RemoveCache(user.Id); } public async Task ChangeUsername(string oldUsername, string newUsername) { - if (string.IsNullOrEmpty(oldUsername)) - throw new ArgumentException("Old username is null or empty", nameof(oldUsername)); - if (string.IsNullOrEmpty(newUsername)) - throw new ArgumentException("New username is null or empty", nameof(newUsername)); - - - var (result, messageGenerator) = _usernameValidator.Validate(newUsername); - if (!result) - { - throw new UsernameBadFormatException(newUsername, $"New username is of bad format. {messageGenerator(null)}"); - } + if (oldUsername == null) + throw new ArgumentNullException(nameof(oldUsername)); + if (newUsername == null) + throw new ArgumentNullException(nameof(newUsername)); + CheckUsernameFormat(oldUsername, Resources.Services.UserService.ExceptionOldUsernameBadFormat); + CheckUsernameFormat(newUsername, Resources.Services.UserService.ExceptionNewUsernameBadFormat); var user = await _databaseContext.Users.Where(u => u.Name == oldUsername).SingleOrDefaultAsync(); if (user == null) @@ -369,8 +388,8 @@ namespace Timeline.Services user.Name = newUsername; user.Version += 1; await _databaseContext.SaveChangesAsync(); - _logger.LogInformation(FormatLogMessage("A user entry changed name field.", - Pair("Id", user.Id), Pair("Old Username", oldUsername), Pair("New Username", newUsername))); + _logger.LogInformation(Log.Format(Resources.Services.UserService.LogDatabaseUpdate, + ("Id", user.Id), ("Old Username", oldUsername), ("New Username", newUsername))); RemoveCache(user.Id); } } diff --git a/Timeline/Startup.cs b/Timeline/Startup.cs index be5bce7c..d54ea6ca 100644 --- a/Timeline/Startup.cs +++ b/Timeline/Startup.cs @@ -8,7 +8,7 @@ using Microsoft.Extensions.Configuration; using Microsoft.Extensions.DependencyInjection; using System.Collections.Generic; using System.Globalization; -using Timeline.Authenticate; +using Timeline.Authentication; using Timeline.Configs; using Timeline.Entities; using Timeline.Helpers; diff --git a/Timeline/Timeline.csproj b/Timeline/Timeline.csproj index e29c4e4b..0ba34471 100644 --- a/Timeline/Timeline.csproj +++ b/Timeline/Timeline.csproj @@ -34,6 +34,11 @@ + + True + True + AuthHandler.resx + True True @@ -64,9 +69,18 @@ True Exception.resx + + True + True + UserService.resx + + + ResXFileCodeGenerator + AuthHandler.Designer.cs + ResXFileCodeGenerator Common.Designer.cs @@ -102,5 +116,9 @@ ResXFileCodeGenerator Exception.Designer.cs + + ResXFileCodeGenerator + UserService.Designer.cs + -- cgit v1.2.3