From 12fef7cbaf2073f9cc349ed765ea140be0259d8e Mon Sep 17 00:00:00 2001 From: Paweł Bernaciak Date: Sat, 21 Oct 2023 11:55:33 +0200 Subject: Basic API auth and Google login --- .../Elements.Backend/Controllers/AuthController.cs | 106 +++++++++++++++++++++ 1 file changed, 106 insertions(+) create mode 100644 backend/Elements.Backend/Controllers/AuthController.cs (limited to 'backend/Elements.Backend/Controllers/AuthController.cs') diff --git a/backend/Elements.Backend/Controllers/AuthController.cs b/backend/Elements.Backend/Controllers/AuthController.cs new file mode 100644 index 0000000..56e7c3b --- /dev/null +++ b/backend/Elements.Backend/Controllers/AuthController.cs @@ -0,0 +1,106 @@ +using System.Runtime.Serialization; +using System.Security.Claims; +using System.Text.Json; +using Elements.Data; +using Elements.Data.Models; +using Google.Apis.Auth; +using Microsoft.AspNetCore.Authentication; +using Microsoft.AspNetCore.Authentication.Cookies; +using Microsoft.AspNetCore.Authorization; +using Microsoft.AspNetCore.Mvc; +using Microsoft.EntityFrameworkCore; + +namespace Elements.Backend.Controllers; + +[ApiController] +[Route("[controller]/[action]")] +public class AuthController : ControllerBase +{ + private readonly IConfiguration _config; + private readonly ApplicationDbContext _dbContext; + + public AuthController(IConfiguration config, ApplicationDbContext dbContext) + { + _config = config; + _dbContext = dbContext; + } + + public class LoginModel + { + public required string GoogleToken { get; init; } + } + + [HttpPost] + public async Task Login([FromBody] LoginModel model) + { + GoogleJsonWebSignature.Payload? payload = await VerifyGoogleIdToken(model.GoogleToken); + if (payload == null) + return Unauthorized(); + + User? user = await _dbContext.Users.SingleOrDefaultAsync(u => u.GoogleId == payload.Subject); + if (user != null) + { + //Check if user's name changed and update if it did + if (user.Name != payload.Name) + user.Name = payload.Name; + } + else + { + user = new User() + { + Name = payload.Name, + GoogleId = payload.Subject, + Elements = new List() + }; + + await _dbContext.Users.AddAsync(user); + } + + await _dbContext.SaveChangesAsync(); + + List claims = new() + { + new Claim("id", user.Id.ToString()), + new Claim(ClaimTypes.Role, "User") + }; + ClaimsIdentity claimsIdentity = new(claims, CookieAuthenticationDefaults.AuthenticationScheme); + + AuthenticationProperties authProperties = new() + { + IsPersistent = true, + AllowRefresh = true + }; + + await HttpContext.SignInAsync( + CookieAuthenticationDefaults.AuthenticationScheme, + new ClaimsPrincipal(claimsIdentity), + authProperties); + + var response = new + { + Id = user.Id.ToString() + }; + + return Ok(JsonSerializer.Serialize(response)); + } + + [HttpPost] + public async Task Logout() + { + await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme); + return Ok(); + } + + private async Task VerifyGoogleIdToken(string token) + { + try + { + GoogleJsonWebSignature.Payload? payload = await GoogleJsonWebSignature.ValidateAsync(token); + return payload; + } + catch (InvalidJwtException) + { + return null; + } + } +} \ No newline at end of file -- cgit v1.2.3