massive checkpoint
This commit is contained in:
@@ -1,96 +1,113 @@
|
||||
using Gameboard.ShogiUI.Sockets.Managers;
|
||||
using Gameboard.ShogiUI.Sockets.Extensions;
|
||||
using Gameboard.ShogiUI.Sockets.Managers;
|
||||
using Gameboard.ShogiUI.Sockets.Models;
|
||||
using Gameboard.ShogiUI.Sockets.Repositories;
|
||||
using Gameboard.ShogiUI.Sockets.ServiceModels.Api;
|
||||
using Microsoft.AspNetCore.Authentication;
|
||||
using Microsoft.AspNetCore.Authentication.Cookies;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.Extensions.Logging;
|
||||
using System;
|
||||
using System.Linq;
|
||||
using System.Security.Claims;
|
||||
using System.Threading.Tasks;
|
||||
|
||||
namespace Gameboard.ShogiUI.Sockets.Controllers
|
||||
{
|
||||
[Authorize]
|
||||
[Route("[controller]")]
|
||||
[ApiController]
|
||||
[Route("[controller]")]
|
||||
[Authorize(Roles = "Shogi")]
|
||||
public class SocketController : ControllerBase
|
||||
{
|
||||
public static readonly string WebSessionKey = "session-id";
|
||||
private readonly ILogger<SocketController> logger;
|
||||
private readonly ISocketTokenManager tokenManager;
|
||||
private readonly ISocketTokenCache tokenCache;
|
||||
private readonly IGameboardManager gameboardManager;
|
||||
private readonly IGameboardRepository gameboardRepository;
|
||||
private readonly CookieOptions createSessionOptions;
|
||||
private readonly CookieOptions deleteSessionOptions;
|
||||
private readonly AuthenticationProperties authenticationProps;
|
||||
|
||||
public SocketController(
|
||||
ILogger<SocketController> logger,
|
||||
ISocketTokenManager tokenManager,
|
||||
ISocketTokenCache tokenCache,
|
||||
IGameboardManager gameboardManager,
|
||||
IGameboardRepository gameboardRepository)
|
||||
{
|
||||
this.logger = logger;
|
||||
this.tokenManager = tokenManager;
|
||||
this.tokenCache = tokenCache;
|
||||
this.gameboardManager = gameboardManager;
|
||||
this.gameboardRepository = gameboardRepository;
|
||||
createSessionOptions = new CookieOptions
|
||||
authenticationProps = new AuthenticationProperties
|
||||
{
|
||||
Secure = true,
|
||||
HttpOnly = true,
|
||||
SameSite = SameSiteMode.None,
|
||||
Expires = DateTimeOffset.Now.AddYears(5)
|
||||
AllowRefresh = true,
|
||||
IsPersistent = true
|
||||
};
|
||||
deleteSessionOptions = new CookieOptions();
|
||||
}
|
||||
|
||||
[HttpGet("Yep")]
|
||||
[HttpGet("GuestLogout")]
|
||||
[AllowAnonymous]
|
||||
public IActionResult Yep()
|
||||
public async Task<IActionResult> GuestLogout()
|
||||
{
|
||||
deleteSessionOptions.Expires = DateTimeOffset.Now.AddDays(-1);
|
||||
Response.Cookies.Append(WebSessionKey, "", deleteSessionOptions);
|
||||
await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
|
||||
return Ok();
|
||||
}
|
||||
|
||||
[HttpGet("Token")]
|
||||
public IActionResult GetToken()
|
||||
public async Task<IActionResult> GetToken()
|
||||
{
|
||||
var userName = HttpContext.User.Claims.First(c => c.Type == "preferred_username").Value;
|
||||
var token = tokenManager.GenerateToken(userName);
|
||||
var identityId = User.UserId();
|
||||
if (string.IsNullOrWhiteSpace(identityId))
|
||||
{
|
||||
return Unauthorized();
|
||||
}
|
||||
|
||||
var user = await gameboardManager.ReadUser(User);
|
||||
if (user == null)
|
||||
{
|
||||
user = new User(identityId);
|
||||
var success = await gameboardRepository.CreateUser(user);
|
||||
if (!success)
|
||||
{
|
||||
return Unauthorized();
|
||||
}
|
||||
}
|
||||
|
||||
var token = tokenCache.GenerateToken(user.Name);
|
||||
return new JsonResult(new GetTokenResponse(token));
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Builds a token for guest users to send when requesting a socket connection.
|
||||
/// Sends a HttpOnly cookie to the client with which to identify guest users.
|
||||
/// </summary>
|
||||
/// <param name="request"></param>
|
||||
/// <returns></returns>
|
||||
[AllowAnonymous]
|
||||
[HttpGet("GuestToken")]
|
||||
[AllowAnonymous]
|
||||
public async Task<IActionResult> GetGuestToken()
|
||||
{
|
||||
var cookies = Request.Cookies;
|
||||
var webSessionId = cookies.ContainsKey(WebSessionKey)
|
||||
? Guid.Parse(cookies[WebSessionKey]!)
|
||||
: Guid.NewGuid();
|
||||
var webSessionIdAsString = webSessionId.ToString();
|
||||
|
||||
var user = await gameboardRepository.ReadGuestUser(webSessionId);
|
||||
if (user == null)
|
||||
if (Guid.TryParse(User.UserId(), out Guid webSessionId))
|
||||
{
|
||||
var userName = await gameboardManager.CreateGuestUser(webSessionId);
|
||||
var token = tokenManager.GenerateToken(webSessionIdAsString);
|
||||
Response.Cookies.Append(WebSessionKey, webSessionIdAsString, createSessionOptions);
|
||||
return new JsonResult(new GetGuestTokenResponse(userName, token));
|
||||
var user = await gameboardRepository.ReadGuestUser(webSessionId);
|
||||
if (user != null)
|
||||
{
|
||||
var token = tokenCache.GenerateToken(webSessionId.ToString());
|
||||
return new JsonResult(new GetGuestTokenResponse(user.Name, token));
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
var token = tokenManager.GenerateToken(webSessionIdAsString);
|
||||
Response.Cookies.Append(WebSessionKey, webSessionIdAsString, createSessionOptions);
|
||||
return new JsonResult(new GetGuestTokenResponse(user.Name, token));
|
||||
// Setup a guest user.
|
||||
var newSessionId = Guid.NewGuid();
|
||||
var user = new User(Guid.NewGuid().ToString(), newSessionId);
|
||||
if (await gameboardRepository.CreateUser(user))
|
||||
{
|
||||
var identity = user.CreateGuestUserIdentity();
|
||||
await this.HttpContext.SignInAsync(
|
||||
CookieAuthenticationDefaults.AuthenticationScheme,
|
||||
new ClaimsPrincipal(identity),
|
||||
authenticationProps
|
||||
);
|
||||
|
||||
var token = tokenCache.GenerateToken(newSessionId.ToString());
|
||||
return new JsonResult(new GetGuestTokenResponse(user.Name, token));
|
||||
}
|
||||
}
|
||||
|
||||
return Unauthorized();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user