1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
|
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using System;
using System.Threading.Tasks;
using Timeline.Models.Http;
using Timeline.Services;
using Timeline.Services.Mapper;
using Timeline.Services.Token;
using Timeline.Services.User;
namespace Timeline.Controllers
{
/// <summary>
/// Operation about tokens.
/// </summary>
[Route("token")]
[ApiController]
[ProducesErrorResponseType(typeof(CommonResponse))]
[Obsolete("Ues v2 api.")]
public class TokenController : MyControllerBase
{
private readonly IUserService _userService;
private readonly IUserTokenService _userTokenService;
private readonly IGenericMapper _mapper;
private readonly IClock _clock;
public TokenController(IUserService userService, IUserTokenService userTokenService, IGenericMapper mapper, IClock clock)
{
_userService = userService;
_userTokenService = userTokenService;
_mapper = mapper;
_clock = clock;
}
/// <summary>
/// Create a new token for a user.
/// </summary>
/// <returns>Result of token creation.</returns>
[HttpPost("create")]
[AllowAnonymous]
[ProducesResponseType(StatusCodes.Status200OK)]
[ProducesResponseType(StatusCodes.Status400BadRequest)]
public async Task<ActionResult<HttpCreateTokenResponse>> Create([FromBody] HttpCreateTokenRequest request)
{
try
{
DateTime? expireTime = null;
if (request.Expire is not null)
expireTime = _clock.GetCurrentTime().AddDays(request.Expire.Value);
var userId = await _userService.VerifyCredential(request.Username, request.Password);
var token = await _userTokenService.CreateTokenAsync(userId, expireTime);
var user = await _userService.GetUserAsync(userId);
return new HttpCreateTokenResponse
{
Token = token,
User = await _mapper.MapAsync<HttpUser>(user, Url, User)
};
}
catch (EntityNotExistException)
{
return BadRequestWithCommonResponse(ErrorCodes.TokenController.CreateBadCredential, Resource.MessageTokenCreateBadCredential);
}
catch (BadPasswordException)
{
return BadRequestWithCommonResponse(ErrorCodes.TokenController.CreateBadCredential, Resource.MessageTokenCreateBadCredential);
}
}
/// <summary>
/// Verify a token.
/// </summary>
/// <returns>Result of token verification.</returns>
[HttpPost("verify")]
[AllowAnonymous]
[ProducesResponseType(StatusCodes.Status200OK)]
[ProducesResponseType(StatusCodes.Status400BadRequest)]
public async Task<ActionResult<HttpVerifyTokenResponse>> Verify([FromBody] HttpVerifyOrRevokeTokenRequest request)
{
try
{
var tokenInfo = await _userTokenService.ValidateTokenAsync(request.Token);
var user = await _userService.GetUserAsync(tokenInfo.UserId);
return new HttpVerifyTokenResponse
{
User = await _mapper.MapAsync<HttpUser>(user, Url, User)
};
}
catch (UserTokenExpiredException)
{
return BadRequestWithCommonResponse(ErrorCodes.TokenController.VerifyExpired, Resource.MessageTokenVerifyExpired);
}
catch (UserTokenException)
{
return BadRequestWithCommonResponse(ErrorCodes.TokenController.VerifyInvalid, Resource.MessageTokenVerifyInvalid);
}
}
}
}
|
