blob: 3d4e944462b4498baf614e9d850343d09a20991c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
|
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using System;
using System.Threading.Tasks;
using Timeline.Models.Http;
using Timeline.Services;
using Timeline.Services.Mapper;
using Timeline.Services.Token;
using Timeline.Services.User;
namespace Timeline.Controllers
{
/// <summary>
/// Operation about tokens.
/// </summary>
[Route("token")]
[ApiController]
[ProducesErrorResponseType(typeof(CommonResponse))]
public class TokenController : Controller
{
private readonly IUserTokenManager _userTokenManager;
private readonly IGenericMapper _mapper;
private readonly IClock _clock;
public TokenController(IUserTokenManager userTokenManager, IGenericMapper mapper, IClock clock)
{
_userTokenManager = userTokenManager;
_mapper = mapper;
_clock = clock;
}
/// <summary>
/// Create a new token for a user.
/// </summary>
/// <returns>Result of token creation.</returns>
[HttpPost("create")]
[AllowAnonymous]
[ProducesResponseType(StatusCodes.Status200OK)]
[ProducesResponseType(StatusCodes.Status400BadRequest)]
public async Task<ActionResult<HttpCreateTokenResponse>> Create([FromBody] HttpCreateTokenRequest request)
{
try
{
DateTime? expireTime = null;
if (request.Expire != null)
expireTime = _clock.GetCurrentTime().AddDays(request.Expire.Value);
var result = await _userTokenManager.CreateTokenAsync(request.Username, request.Password, expireTime);
return new HttpCreateTokenResponse
{
Token = result.Token,
User = await _mapper.MapAsync<HttpUser>(result.User, Url, User)
};
}
catch (UserNotExistException)
{
return BadRequest(ErrorResponse.TokenController.Create_BadCredential());
}
catch (BadPasswordException)
{
return BadRequest(ErrorResponse.TokenController.Create_BadCredential());
}
}
/// <summary>
/// Verify a token.
/// </summary>
/// <returns>Result of token verification.</returns>
[HttpPost("verify")]
[AllowAnonymous]
[ProducesResponseType(StatusCodes.Status200OK)]
[ProducesResponseType(StatusCodes.Status400BadRequest)]
public async Task<ActionResult<HttpVerifyTokenResponse>> Verify([FromBody] HttpVerifyTokenRequest request)
{
try
{
var result = await _userTokenManager.VerifyTokenAsync(request.Token);
return new HttpVerifyTokenResponse
{
User = await _mapper.MapAsync<HttpUser>(result, Url, User)
};
}
catch (UserTokenTimeExpiredException)
{
return BadRequest(ErrorResponse.TokenController.Verify_TimeExpired());
}
catch (UserTokenVersionExpiredException)
{
return BadRequest(ErrorResponse.TokenController.Verify_OldVersion());
}
catch (UserTokenBadFormatException)
{
return BadRequest(ErrorResponse.TokenController.Verify_BadFormat());
}
catch (UserTokenUserNotExistException)
{
return BadRequest(ErrorResponse.TokenController.Verify_UserNotExist());
}
}
}
}
|
