From 44e7323720004dcc39bf4791f3f6fafdf5ae8afc Mon Sep 17 00:00:00 2001 From: Zoe Roux Date: Sat, 9 Mar 2024 14:08:00 +0100 Subject: [PATCH] Handle require verification on account creation --- .../Controllers/IRepository.cs | 7 ++++++ .../Controllers/OidcController.cs | 5 ++--- .../Kyoo.Authentication.csproj | 1 - back/src/Kyoo.Authentication/Views/AuthApi.cs | 18 ++++++--------- .../Repositories/UserRepository.cs | 22 +++++++++---------- back/src/Kyoo.Core/Kyoo.Core.csproj | 1 + 6 files changed, 28 insertions(+), 26 deletions(-) diff --git a/back/src/Kyoo.Abstractions/Controllers/IRepository.cs b/back/src/Kyoo.Abstractions/Controllers/IRepository.cs index 2efd68bf..197c43ec 100644 --- a/back/src/Kyoo.Abstractions/Controllers/IRepository.cs +++ b/back/src/Kyoo.Abstractions/Controllers/IRepository.cs @@ -261,4 +261,11 @@ namespace Kyoo.Abstractions.Controllers /// Type RepositoryType { get; } } + + public interface IUserRepository : IRepository + { + Task GetByExternalId(string provider, string id); + Task AddExternalToken(Guid userId, string provider, ExternalToken token); + Task DeleteExternalToken(Guid userId, string provider); + } } diff --git a/back/src/Kyoo.Authentication/Controllers/OidcController.cs b/back/src/Kyoo.Authentication/Controllers/OidcController.cs index 5cd872fe..6182cc51 100644 --- a/back/src/Kyoo.Authentication/Controllers/OidcController.cs +++ b/back/src/Kyoo.Authentication/Controllers/OidcController.cs @@ -23,15 +23,15 @@ using System.Net.Http; using System.Net.Http.Json; using System.Text; using System.Threading.Tasks; +using Kyoo.Abstractions.Controllers; using Kyoo.Abstractions.Models; using Kyoo.Authentication.Models; using Kyoo.Authentication.Models.DTO; -using Kyoo.Core.Controllers; namespace Kyoo.Authentication; public class OidcController( - UserRepository users, + IUserRepository users, IHttpClientFactory clientFactory, PermissionOption options ) @@ -89,7 +89,6 @@ public class OidcController( newUser.Username = username; newUser.Slug = Utils.Utility.ToSlug(newUser.Username); newUser.ExternalId.Add(provider, extToken); - newUser.Permissions = options.NewUser; return (newUser, extToken); } diff --git a/back/src/Kyoo.Authentication/Kyoo.Authentication.csproj b/back/src/Kyoo.Authentication/Kyoo.Authentication.csproj index 9ce67f54..b273ee03 100644 --- a/back/src/Kyoo.Authentication/Kyoo.Authentication.csproj +++ b/back/src/Kyoo.Authentication/Kyoo.Authentication.csproj @@ -10,7 +10,6 @@ - diff --git a/back/src/Kyoo.Authentication/Views/AuthApi.cs b/back/src/Kyoo.Authentication/Views/AuthApi.cs index 754c9384..e25560cf 100644 --- a/back/src/Kyoo.Authentication/Views/AuthApi.cs +++ b/back/src/Kyoo.Authentication/Views/AuthApi.cs @@ -28,7 +28,6 @@ using Kyoo.Abstractions.Models.Permissions; using Kyoo.Abstractions.Models.Utils; using Kyoo.Authentication.Models; using Kyoo.Authentication.Models.DTO; -using Kyoo.Core.Controllers; using Kyoo.Models; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; @@ -45,7 +44,7 @@ namespace Kyoo.Authentication.Views [Route("auth")] [ApiDefinition("Authentication", Group = UsersGroup)] public class AuthApi( - UserRepository users, + IUserRepository users, OidcController oidc, ITokenController tokenController, IThumbnailsManager thumbs, @@ -243,22 +242,19 @@ namespace Kyoo.Authentication.Views [ProducesResponseType(StatusCodes.Status409Conflict, Type = typeof(RequestError))] public async Task> Register([FromBody] RegisterRequest request) { - User user = request.ToUser(); - user.Permissions = options.NewUser; try { - await users.Create(user); + User user = await users.Create(request.ToUser()); + return new JwtToken( + tokenController.CreateAccessToken(user, out TimeSpan expireIn), + await tokenController.CreateRefreshToken(user), + expireIn + ); } catch (DuplicatedItemException) { return Conflict(new RequestError("A user already exists with this username.")); } - - return new JwtToken( - tokenController.CreateAccessToken(user, out TimeSpan expireIn), - await tokenController.CreateRefreshToken(user), - expireIn - ); } /// diff --git a/back/src/Kyoo.Core/Controllers/Repositories/UserRepository.cs b/back/src/Kyoo.Core/Controllers/Repositories/UserRepository.cs index 7d6a7369..679be823 100644 --- a/back/src/Kyoo.Core/Controllers/Repositories/UserRepository.cs +++ b/back/src/Kyoo.Core/Controllers/Repositories/UserRepository.cs @@ -23,8 +23,8 @@ using System.Linq; using System.Threading.Tasks; using Kyoo.Abstractions.Controllers; using Kyoo.Abstractions.Models; -using Kyoo.Abstractions.Models.Permissions; using Kyoo.Abstractions.Models.Utils; +using Kyoo.Authentication.Models; using Kyoo.Postgresql; using Microsoft.EntityFrameworkCore; @@ -40,8 +40,9 @@ public class UserRepository( DatabaseContext database, DbConnection db, SqlVariableContext context, - IThumbnailsManager thumbs -) : LocalRepository(database, thumbs) + IThumbnailsManager thumbs, + PermissionOption options +) : LocalRepository(database, thumbs), IUserRepository { /// public override async Task> Search( @@ -60,14 +61,13 @@ public class UserRepository( { // If no users exists, the new one will be an admin. Give it every permissions. if (!await database.Users.AnyAsync()) - { - obj.Permissions = Enum.GetNames() - .Where(x => x != nameof(Group.None)) - .SelectMany(group => - Enum.GetNames().Select(kind => $"{group}.{kind}".ToLowerInvariant()) - ) - .ToArray(); - } + + obj.Permissions = PermissionOption.Admin; + else if (!options.RequireVerification) + obj.Permissions = options.NewUser; + else + obj.Permissions = Array.Empty(); + await base.Create(obj); database.Entry(obj).State = EntityState.Added; await database.SaveChangesAsync(() => Get(obj.Slug)); diff --git a/back/src/Kyoo.Core/Kyoo.Core.csproj b/back/src/Kyoo.Core/Kyoo.Core.csproj index 59952646..783954ce 100644 --- a/back/src/Kyoo.Core/Kyoo.Core.csproj +++ b/back/src/Kyoo.Core/Kyoo.Core.csproj @@ -21,5 +21,6 @@ +