1
0
mirror of synced 2025-01-10 04:01:46 +01:00

252 lines
9.1 KiB
C#
Raw Normal View History

using System.IdentityModel.Tokens.Jwt;
2024-05-16 23:32:46 +01:00
using System.Net.Http.Headers;
using System.Security.Claims;
using System.Text.Json;
2023-10-16 10:38:27 +01:00
using Microsoft.Extensions.Options;
using TaikoWebUI.Settings;
using Blazored.LocalStorage;
2023-10-16 10:38:27 +01:00
namespace TaikoWebUI.Services;
2024-05-16 23:32:46 +01:00
public sealed class AuthService
2023-10-16 10:38:27 +01:00
{
2024-05-16 23:32:46 +01:00
public event EventHandler? LoginStatusChanged;
public bool LoginRequired { get; }
public bool OnlyAdmin { get; }
private readonly int boundAccessCodeUpperLimit;
public bool RegisterWithLastPlayTime { get; }
public bool AllowUserDelete { get; }
public bool AllowFreeProfileEditing { get; }
public bool IsLoggedIn { get; private set; }
2024-05-16 23:32:46 +01:00
private uint LoggedInBaid { get; set; }
public bool IsAdmin { get; private set; }
private readonly ILocalStorageService localStorage;
2024-05-16 23:32:46 +01:00
private readonly HttpClient client;
private readonly NavigationManager navigationManager;
2024-05-16 23:32:46 +01:00
public AuthService(IOptions<WebUiSettings> settings, ILocalStorageService localStorage, HttpClient client,
NavigationManager navigationManager)
2023-10-16 10:38:27 +01:00
{
this.localStorage = localStorage;
2023-10-16 10:38:27 +01:00
IsLoggedIn = false;
IsAdmin = false;
var webUiSettings = settings.Value;
LoginRequired = webUiSettings.LoginRequired;
OnlyAdmin = webUiSettings.OnlyAdmin;
boundAccessCodeUpperLimit = webUiSettings.BoundAccessCodeUpperLimit;
RegisterWithLastPlayTime = webUiSettings.RegisterWithLastPlayTime;
AllowUserDelete = webUiSettings.AllowUserDelete;
AllowFreeProfileEditing = webUiSettings.AllowFreeProfileEditing;
2024-05-16 23:32:46 +01:00
this.client = client;
this.navigationManager = navigationManager;
2023-10-16 10:38:27 +01:00
}
2024-05-16 23:32:46 +01:00
private void OnLoginStatusChanged()
{
LoginStatusChanged?.Invoke(this, EventArgs.Empty);
}
2024-05-16 23:32:46 +01:00
private static (uint, bool) GetBaidAndIsAdminFromToken(string authToken)
{
var handler = new JwtSecurityTokenHandler();
var jwtSecurityToken = handler.ReadJwtToken(authToken);
var baid = uint.Parse(jwtSecurityToken.Claims.First(claim => claim.Type == ClaimTypes.Name).Value);
var isAdmin = jwtSecurityToken.Claims.First(claim => claim.Type == ClaimTypes.Role).Value == "Admin";
return (baid, isAdmin);
}
2024-05-16 23:32:46 +01:00
public async Task<int> Login(string inputAccessCode, string inputPassword)
2023-10-16 10:38:27 +01:00
{
2024-03-09 13:45:20 -05:00
// strip spaces or dashes from card number
inputAccessCode = inputAccessCode.Replace(" ", "").Replace("-", "").Replace(":", "");
2024-03-09 13:45:20 -05:00
var request = new LoginRequest
2023-10-16 10:38:27 +01:00
{
AccessCode = inputAccessCode,
Password = inputPassword
};
2024-05-16 23:32:46 +01:00
var responseMessage = await client.PostAsJsonAsync("api/Auth/Login", request);
if (!responseMessage.IsSuccessStatusCode)
{
// Unauthorized, extract specific error message as json
var responseContent = await responseMessage.Content.ReadAsStringAsync();
var responseJson = JsonSerializer.Deserialize<Dictionary<string, string>>(responseContent);
// Unknown error message
if (responseJson is null) return 5;
var errorMessage = responseJson["message"];
return errorMessage switch
{
"Access Code Not Found" => 3,
"User Not Registered" => 4,
"Invalid Password" => 2,
_ => 5
};
}
else
{
// Authorized, store Jwt token
var responseContent = await responseMessage.Content.ReadAsStringAsync();
var responseJson = JsonSerializer.Deserialize<Dictionary<string, string>>(responseContent);
if (responseJson is null) return 5;
2024-05-16 23:32:46 +01:00
var authToken = responseJson["authToken"];
await localStorage.SetItemAsync("authToken", authToken);
2024-05-16 23:32:46 +01:00
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", authToken);
2024-05-16 23:32:46 +01:00
var (baid, isAdmin) = GetBaidAndIsAdminFromToken(authToken);
IsLoggedIn = true;
IsAdmin = isAdmin;
LoggedInBaid = baid;
OnLoginStatusChanged();
return 1;
2023-10-16 10:38:27 +01:00
}
}
2024-05-16 23:32:46 +01:00
public async Task LoginWithAuthToken()
{
2024-05-16 23:32:46 +01:00
var hasAuthToken = await localStorage.ContainKeyAsync("authToken");
if (!hasAuthToken)
{
navigationManager.NavigateTo("/Login");
return;
}
2024-05-16 23:32:46 +01:00
// Attempt to get JWT token from local storage
var authToken = await localStorage.GetItemAsync<string>("authToken");
if (authToken == null)
{
navigationManager.NavigateTo("/Login");
return;
}
2024-05-16 23:32:46 +01:00
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", authToken);
var responseMessage = await client.PostAsync("api/Auth/LoginWithToken", null);
if (!responseMessage.IsSuccessStatusCode)
{
// Clear JWT token
await localStorage.RemoveItemAsync("authToken");
navigationManager.NavigateTo("/Login");
2024-05-16 23:32:46 +01:00
return;
}
2024-05-16 23:32:46 +01:00
var (baid, isAdmin) = GetBaidAndIsAdminFromToken(authToken);
IsLoggedIn = true;
IsAdmin = isAdmin;
2024-05-16 23:32:46 +01:00
LoggedInBaid = baid;
OnLoginStatusChanged();
}
public async Task<int> Register(string inputCardNum, DateTime inputDateTime, string inputPassword,
2024-05-16 23:32:46 +01:00
string inputConfirmPassword, string inviteCode)
2023-10-16 10:38:27 +01:00
{
if (OnlyAdmin) return 0;
2024-03-08 18:42:56 -05:00
if (inputPassword != inputConfirmPassword) return 2;
2024-03-09 13:45:20 -05:00
// strip spaces or dashes from card number
inputCardNum = inputCardNum.Replace(" ", "").Replace("-", "").Replace(":", "");
2024-03-09 13:45:20 -05:00
var request = new RegisterRequest
2023-10-16 10:38:27 +01:00
{
AccessCode = inputCardNum,
Password = inputPassword,
RegisterWithLastPlayTime = RegisterWithLastPlayTime,
LastPlayDateTime = inputDateTime,
InviteCode = inviteCode
};
2023-10-16 10:38:27 +01:00
var responseMessage = await client.PostAsJsonAsync("api/Auth/Register", request);
if (responseMessage.IsSuccessStatusCode) return 1;
2024-05-16 23:32:46 +01:00
// Unauthorized, extract specific error message as json
var responseContent = await responseMessage.Content.ReadAsStringAsync();
var responseJson = JsonSerializer.Deserialize<Dictionary<string, string>>(responseContent);
// Unknown error message
if (responseJson is null) return 6;
var errorMessage = responseJson["message"];
return errorMessage switch
{
"Access Code Not Found" => 3,
"User Already Registered" => 4,
"Wrong Last Play Time" => 5,
_ => 6
};
2023-10-16 10:38:27 +01:00
}
2024-05-16 23:32:46 +01:00
public async Task<int> ChangePassword(string inputAccessCode, string inputOldPassword, string inputNewPassword,
2024-05-16 23:32:46 +01:00
string inputConfirmNewPassword)
2023-10-16 10:38:27 +01:00
{
if (OnlyAdmin) return 0;
2024-05-16 23:32:46 +01:00
if (inputNewPassword != inputConfirmNewPassword) return 2;
2024-05-16 23:32:46 +01:00
var request = new ChangePasswordRequest
2023-10-16 10:38:27 +01:00
{
AccessCode = inputAccessCode,
OldPassword = inputOldPassword,
NewPassword = inputNewPassword
};
2024-05-16 23:32:46 +01:00
var responseMessage = await client.PostAsJsonAsync("api/Auth/ChangePassword", request);
2024-05-16 23:32:46 +01:00
if (responseMessage.IsSuccessStatusCode) return 1;
2024-05-16 23:32:46 +01:00
// Unauthorized, extract specific error message as json
var responseContent = await responseMessage.Content.ReadAsStringAsync();
var responseJson = JsonSerializer.Deserialize<Dictionary<string, string>>(responseContent);
// Unknown error message
if (responseJson is null) return 6;
var errorMessage = responseJson["message"];
return errorMessage switch
{
"Access Code Not Found" => 3,
"User Not Registered" => 5,
"Wrong Old Password" => 4,
_ => 6
};
2023-10-16 10:38:27 +01:00
}
public async Task Logout()
2023-10-16 10:38:27 +01:00
{
IsLoggedIn = false;
2024-05-16 23:32:46 +01:00
LoggedInBaid = 0;
2023-10-16 10:38:27 +01:00
IsAdmin = false;
2024-05-16 23:32:46 +01:00
// Clear JWT token
await localStorage.RemoveItemAsync("authToken");
OnLoginStatusChanged();
2023-10-16 10:38:27 +01:00
}
2024-05-16 23:32:46 +01:00
public async Task<User?> GetLoggedInUser()
2023-10-16 10:38:27 +01:00
{
2024-05-16 23:32:46 +01:00
return await client.GetFromJsonAsync<User>($"api/Users/{LoggedInBaid}");
2023-10-16 10:38:27 +01:00
}
2024-05-16 23:32:46 +01:00
public uint GetLoggedInBaid()
{
2024-05-16 23:32:46 +01:00
return LoggedInBaid;
}
2024-05-16 23:32:46 +01:00
public async Task<int> BindAccessCode(string inputAccessCode, User user)
{
if (inputAccessCode.Trim() == "") return 4; /*Empty access code*/
if (!IsLoggedIn && LoginRequired) return 0; /*User not connected and login is required*/
2024-05-16 23:32:46 +01:00
var loggedInUser = await GetLoggedInUser();
if (loggedInUser == null) return 0;
if (LoginRequired && !IsAdmin && user.Baid != loggedInUser.Baid) return 5; /*User not admin trying to update someone else's Access Codes*/
if (user.AccessCodes.Count >= boundAccessCodeUpperLimit) return 2; /*Limit of codes has been reached*/
2024-05-16 23:32:46 +01:00
var request = new BindAccessCodeRequest
{
AccessCode = inputAccessCode,
Baid = user.Baid
};
2024-05-16 23:32:46 +01:00
var responseMessage = await client.PostAsJsonAsync("api/Cards/BindAccessCode", request);
return responseMessage.IsSuccessStatusCode ? 1 : 3;
}
2024-05-16 23:32:46 +01:00
}