Basic API auth and Google login

1 files changed, 41 insertions, 0 deletions

diff --git a/backend/Elements.Backend/Controllers/UserController.cs b/backend/Elements.Backend/Controllers/UserController.cs
new file mode 100644
index 0000000..bde93aa
--- /dev/null
+++ b/backend/Elements.Backend/Controllers/UserController.cs
@@ -0,0 +1,41 @@
+using System.Security.Claims;
+using System.Text.Json;
+using Elements.Data;
+using Elements.Data.Models;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.EntityFrameworkCore;
+
+namespace Elements.Backend.Controllers;
+
+[ApiController]
+[Route("[controller]/[action]")]
+public class UserController: ControllerBase
+{
+    private readonly ApplicationDbContext _dbContext;
+
+    public UserController(ApplicationDbContext dbContext)
+    {
+        _dbContext = dbContext;
+    }
+    
+    [HttpGet]
+    [Authorize]
+    [Route("/user/{id:int}")]
+    public async Task<IActionResult> Users(int id)
+    {
+        IEnumerable<Claim> claims = User.Claims;
+        string? currentUserId = claims.FirstOrDefault(claim => claim.Type == "id")?.Value;
+        if (currentUserId == null)
+            return StatusCode(StatusCodes.Status500InternalServerError);
+        if (currentUserId != id.ToString())
+            return Unauthorized();
+
+        User? user = await _dbContext.Users.FirstOrDefaultAsync(user => user.Id == id);
+        if (user == null)
+            return StatusCode(StatusCodes.Status500InternalServerError);
+        
+        string userJson = JsonSerializer.Serialize(user);
+        return Ok(userJson);
+    }
+}
\ No newline at end of file