Changed method to insert userId in endpoint with claim of the token
This commit is contained in:
@@ -3,5 +3,4 @@
|
||||
public class UnlockAchievementDto
|
||||
{
|
||||
public int AchievementId { get; set; }
|
||||
public int UserId { get; set; }
|
||||
}
|
||||
@@ -2,6 +2,5 @@
|
||||
|
||||
public class PatchUserDesignationDto
|
||||
{
|
||||
public int Id { get; set; }
|
||||
public int DesignationId { get; set; }
|
||||
}
|
||||
@@ -1,7 +1,6 @@
|
||||
namespace BeReadyBackend.DTO.Users;
|
||||
|
||||
public class PatchUserPasswordDto
|
||||
{
|
||||
public int Id { get; set; }
|
||||
{
|
||||
public string? Password { get; set; }
|
||||
}
|
||||
@@ -2,7 +2,6 @@
|
||||
|
||||
public class UpdateUserDto
|
||||
{
|
||||
public int Id { get; set; }
|
||||
public string? FirstName { get; set; }
|
||||
public string? Name { get; set; }
|
||||
public string? Username { get; set; }
|
||||
|
||||
@@ -9,7 +9,6 @@ public class GetAllAchievementsEndpoint(AchievementsRepository achievementsRepos
|
||||
public override void Configure()
|
||||
{
|
||||
Get("/Achievements/");
|
||||
AllowAnonymous();
|
||||
}
|
||||
|
||||
public override async Task HandleAsync(CancellationToken ct)
|
||||
|
||||
@@ -1,31 +1,29 @@
|
||||
using BeReadyBackend.DTO.Achievements;
|
||||
using BeReadyBackend.Models;
|
||||
using BeReadyBackend.Repositories;
|
||||
using BeReadyBackend.Services;
|
||||
using BeReadyBackend.Specifications.Achievements;
|
||||
using BeReadyBackend.Specifications.Users;
|
||||
using FastEndpoints;
|
||||
|
||||
namespace BeReadyBackend.Endpoints.Achievements;
|
||||
|
||||
public class UserAchievementsLockedRequest
|
||||
{
|
||||
public int UserId { get; set; }
|
||||
}
|
||||
|
||||
public class GetLockedAchievementsEndpoint(
|
||||
UsersRepository usersRepository,
|
||||
AchievementsRepository achievementsRepository)
|
||||
: Endpoint<UserAchievementsLockedRequest, List<GetAchievementDto>>
|
||||
AchievementsRepository achievementsRepository,
|
||||
UserService userService)
|
||||
: EndpointWithoutRequest<List<GetAchievementDto>>
|
||||
{
|
||||
public override void Configure()
|
||||
{
|
||||
Get("/Achievements/Locked/Users/{@UserId}/", x => new {x.UserId});
|
||||
AllowAnonymous();
|
||||
Get("/Achievements/Locked/Users/");
|
||||
}
|
||||
|
||||
public override async Task HandleAsync(UserAchievementsLockedRequest req, CancellationToken ct)
|
||||
public override async Task HandleAsync(CancellationToken ct)
|
||||
{
|
||||
User? user = await usersRepository.SingleOrDefaultAsync(new GetUserByIdSpec(req.UserId), ct);
|
||||
int userId = userService.GetUserIdFromToken();
|
||||
|
||||
User? user = await usersRepository.SingleOrDefaultAsync(new GetUserByIdSpec(userId), ct);
|
||||
|
||||
if (user is null)
|
||||
{
|
||||
@@ -33,7 +31,7 @@ public class GetLockedAchievementsEndpoint(
|
||||
return;
|
||||
}
|
||||
|
||||
List<GetAchievementDto> achievementsLocked = await achievementsRepository.ProjectToListAsync<GetAchievementDto>(new GetLockedAchievementsSpec(req.UserId), ct);
|
||||
List<GetAchievementDto> achievementsLocked = await achievementsRepository.ProjectToListAsync<GetAchievementDto>(new GetLockedAchievementsSpec(userId), ct);
|
||||
|
||||
await Send.OkAsync(achievementsLocked, ct);
|
||||
}
|
||||
|
||||
@@ -1,31 +1,29 @@
|
||||
using BeReadyBackend.DTO.Achievements;
|
||||
using BeReadyBackend.Models;
|
||||
using BeReadyBackend.Repositories;
|
||||
using BeReadyBackend.Services;
|
||||
using BeReadyBackend.Specifications.UserAchievements;
|
||||
using BeReadyBackend.Specifications.Users;
|
||||
using FastEndpoints;
|
||||
|
||||
namespace BeReadyBackend.Endpoints.Achievements;
|
||||
|
||||
public class UserAchievementsRequest
|
||||
{
|
||||
public int UserId { get; set; }
|
||||
}
|
||||
|
||||
public class GetUserAchievementsEndpoint(
|
||||
UsersRepository usersRepository,
|
||||
UserAchievementsRepository userAchievementsRepository)
|
||||
: Endpoint<UserAchievementsRequest, List<GetAchievementDto>>
|
||||
UserAchievementsRepository userAchievementsRepository,
|
||||
UserService userService)
|
||||
: EndpointWithoutRequest<List<GetAchievementDto>>
|
||||
{
|
||||
public override void Configure()
|
||||
{
|
||||
Get("/Achievements/Users/{@UserId}/", x => new {x.UserId});
|
||||
AllowAnonymous();
|
||||
Get("/Achievements/Users/");
|
||||
}
|
||||
|
||||
public override async Task HandleAsync(UserAchievementsRequest req, CancellationToken ct)
|
||||
public override async Task HandleAsync(CancellationToken ct)
|
||||
{
|
||||
User? user = await usersRepository.SingleOrDefaultAsync(new GetUserByIdSpec(req.UserId), ct);
|
||||
int userId = userService.GetUserIdFromToken();
|
||||
|
||||
User? user = await usersRepository.SingleOrDefaultAsync(new GetUserByIdSpec(userId), ct);
|
||||
|
||||
if (user is null)
|
||||
{
|
||||
@@ -33,7 +31,7 @@ public class GetUserAchievementsEndpoint(
|
||||
return;
|
||||
}
|
||||
|
||||
List<GetAchievementDto> userAchievements = await userAchievementsRepository.ProjectToListAsync<GetAchievementDto>(new GetUserAchievementByUserIdSpec(req.UserId), ct);
|
||||
List<GetAchievementDto> userAchievements = await userAchievementsRepository.ProjectToListAsync<GetAchievementDto>(new GetUserAchievementByUserIdSpec(userId), ct);
|
||||
|
||||
await Send.OkAsync(userAchievements, ct);
|
||||
}
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
using BeReadyBackend.DTO.Achievements;
|
||||
using BeReadyBackend.Models;
|
||||
using BeReadyBackend.Repositories;
|
||||
using BeReadyBackend.Services;
|
||||
using BeReadyBackend.Specifications.Achievements;
|
||||
using BeReadyBackend.Specifications.UserAchievements;
|
||||
using BeReadyBackend.Specifications.Users;
|
||||
@@ -12,17 +13,19 @@ public class UnlockAchievementEndpoint(
|
||||
UserAchievementsRepository userAchievementsRepository,
|
||||
AchievementsRepository achievementsRepository,
|
||||
UsersRepository usersRepository,
|
||||
UserService userService,
|
||||
AutoMapper.IMapper mapper) : Endpoint<UnlockAchievementDto>
|
||||
{
|
||||
public override void Configure()
|
||||
{
|
||||
Post("/Achievements/{@AchievementId}/Users/{@UserId}/", x => new {x.AchievementId, x.UserId});
|
||||
AllowAnonymous();
|
||||
Post("/Achievements/{@AchievementId}/Users/");
|
||||
}
|
||||
|
||||
public override async Task HandleAsync(UnlockAchievementDto req, CancellationToken ct)
|
||||
{
|
||||
User? user = await usersRepository.SingleOrDefaultAsync(new GetUserByIdSpec(req.UserId), ct);
|
||||
int userId = userService.GetUserIdFromToken();
|
||||
|
||||
User? user = await usersRepository.SingleOrDefaultAsync(new GetUserByIdSpec(userId), ct);
|
||||
Achievement? achievement = await achievementsRepository.SingleOrDefaultAsync(new GetAchievementByIdSpec(req.AchievementId), ct);
|
||||
|
||||
if (user is null || achievement is null)
|
||||
@@ -31,7 +34,7 @@ public class UnlockAchievementEndpoint(
|
||||
return;
|
||||
}
|
||||
|
||||
UserAchievement? userAchievement = await userAchievementsRepository.SingleOrDefaultAsync(new GetUserAchievementByIdSpec(req.UserId, req.AchievementId), ct);
|
||||
UserAchievement? userAchievement = await userAchievementsRepository.SingleOrDefaultAsync(new GetUserAchievementByIdSpec(userId, req.AchievementId), ct);
|
||||
if (userAchievement is not null)
|
||||
{
|
||||
await Send.StringAsync("Le succès est déjà attribué à cet utilisateur", 500, cancellation: ct);
|
||||
|
||||
@@ -9,7 +9,6 @@ public class GetAllDesignationsEndpoint(DesignationsRepository designationsRepos
|
||||
public override void Configure()
|
||||
{
|
||||
Get("/Designations/");
|
||||
AllowAnonymous();
|
||||
}
|
||||
|
||||
public override async Task HandleAsync(CancellationToken ct)
|
||||
|
||||
@@ -1,26 +1,23 @@
|
||||
using BeReadyBackend.Models;
|
||||
using BeReadyBackend.Repositories;
|
||||
using BeReadyBackend.Services;
|
||||
using BeReadyBackend.Specifications.Users;
|
||||
using FastEndpoints;
|
||||
|
||||
namespace BeReadyBackend.Endpoints.Users;
|
||||
|
||||
public class DeleteUserRequest
|
||||
{
|
||||
public int Id { get; set; }
|
||||
}
|
||||
|
||||
public class DeleteUserEndpoint(UsersRepository usersRepository) : Endpoint<DeleteUserRequest>
|
||||
public class DeleteUserEndpoint(UsersRepository usersRepository, UserService userService) : EndpointWithoutRequest
|
||||
{
|
||||
public override void Configure()
|
||||
{
|
||||
Delete("/Users/{@id}", x=>new {x.Id});
|
||||
AllowAnonymous();
|
||||
Delete("/Users/");
|
||||
}
|
||||
|
||||
public override async Task HandleAsync(DeleteUserRequest req, CancellationToken ct)
|
||||
public override async Task HandleAsync(CancellationToken ct)
|
||||
{
|
||||
User? user = await usersRepository.SingleOrDefaultAsync(new GetUserByIdSpec(req.Id), ct);
|
||||
int userId = userService.GetUserIdFromToken();
|
||||
|
||||
User? user = await usersRepository.SingleOrDefaultAsync(new GetUserByIdSpec(userId), ct);
|
||||
|
||||
if (user == null)
|
||||
{
|
||||
|
||||
@@ -1,26 +1,21 @@
|
||||
using BeReadyBackend.DTO.Users;
|
||||
using BeReadyBackend.Repositories;
|
||||
using BeReadyBackend.Services;
|
||||
using BeReadyBackend.Specifications.Users;
|
||||
using FastEndpoints;
|
||||
|
||||
namespace BeReadyBackend.Endpoints.Users;
|
||||
|
||||
// TODO: Prendre directement dans le token (comme pour partout où je peux recup l'id du user d'ailleurs en vrai) !!
|
||||
public class GetAllUserRequest
|
||||
{
|
||||
public int Id { get; set; }
|
||||
}
|
||||
|
||||
public class GetAllUsersEndpoint(UsersRepository usersRepository) : Endpoint<GetAllUserRequest, List<GetUserDto>>
|
||||
public class GetAllUsersEndpoint(UsersRepository usersRepository, UserService userService) : EndpointWithoutRequest<List<GetUserDto>>
|
||||
{
|
||||
public override void Configure()
|
||||
{
|
||||
Get("/Users/");
|
||||
AllowAnonymous();
|
||||
}
|
||||
|
||||
public override async Task HandleAsync(GetAllUserRequest req, CancellationToken ct)
|
||||
public override async Task HandleAsync(CancellationToken ct)
|
||||
{
|
||||
await Send.OkAsync(await usersRepository.ProjectToListAsync<GetUserDto>(new GetUserNotFriendSpec(req.Id), ct), ct);
|
||||
int userId = userService.GetUserIdFromToken();
|
||||
await Send.OkAsync(await usersRepository.ProjectToListAsync<GetUserDto>(new GetUserNotFriendSpec(userId), ct), ct);
|
||||
}
|
||||
}
|
||||
@@ -10,7 +10,6 @@ public class GetOverallRankingEndpoint(UsersRepository usersRepository) : Endpoi
|
||||
public override void Configure()
|
||||
{
|
||||
Get("/OverallRanking/");
|
||||
AllowAnonymous();
|
||||
}
|
||||
|
||||
public override async Task HandleAsync(CancellationToken ct)
|
||||
|
||||
@@ -1,32 +1,33 @@
|
||||
using BeReadyBackend.DTO.Users;
|
||||
using BeReadyBackend.Models;
|
||||
using BeReadyBackend.Repositories;
|
||||
using BeReadyBackend.Services;
|
||||
using BeReadyBackend.Specifications.Users;
|
||||
using FastEndpoints;
|
||||
using PasswordGenerator;
|
||||
|
||||
namespace BeReadyBackend.Endpoints.Users;
|
||||
|
||||
public class PatchUserDesignationEndpoint(UsersRepository usersRepository, AutoMapper.IMapper mapper) : Endpoint<PatchUserDesignationDto>
|
||||
public class PatchUserDesignationEndpoint(UsersRepository usersRepository, UserService userService, AutoMapper.IMapper mapper) : Endpoint<PatchUserDesignationDto>
|
||||
{
|
||||
public override void Configure()
|
||||
{
|
||||
Patch("/Users/{@Id}/Designation", x => new {x.Id});
|
||||
AllowAnonymous();
|
||||
Patch("/Users/Designation");
|
||||
}
|
||||
|
||||
public override async Task HandleAsync(PatchUserDesignationDto req, CancellationToken ct)
|
||||
{
|
||||
User? user = await usersRepository.SingleOrDefaultAsync(new GetUserByIdSpec(req.Id), ct);
|
||||
int userId = userService.GetUserIdFromToken();
|
||||
|
||||
User? user = await usersRepository.SingleOrDefaultAsync(new GetUserByIdSpec(userId), ct);
|
||||
|
||||
if (user is null)
|
||||
{
|
||||
await Send.NotFoundAsync(ct);
|
||||
return;
|
||||
}
|
||||
|
||||
|
||||
mapper.Map(req, user);
|
||||
|
||||
|
||||
await usersRepository.SaveChangesAsync(ct);
|
||||
await Send.OkAsync(ct);
|
||||
}
|
||||
|
||||
@@ -1,23 +1,25 @@
|
||||
using BeReadyBackend.DTO.Users;
|
||||
using BeReadyBackend.Models;
|
||||
using BeReadyBackend.Repositories;
|
||||
using BeReadyBackend.Services;
|
||||
using BeReadyBackend.Specifications.Users;
|
||||
using FastEndpoints;
|
||||
using PasswordGenerator;
|
||||
|
||||
namespace BeReadyBackend.Endpoints.Users;
|
||||
|
||||
public class PatchUserPasswordEndpoint(UsersRepository usersRepository) : Endpoint<PatchUserPasswordDto>
|
||||
public class PatchUserPasswordEndpoint(UsersRepository usersRepository, UserService userService) : Endpoint<PatchUserPasswordDto>
|
||||
{
|
||||
public override void Configure()
|
||||
{
|
||||
Patch("/Users/{@Id}/Password", x => new {x.Id});
|
||||
AllowAnonymous();
|
||||
Patch("/Users/Password");
|
||||
}
|
||||
|
||||
public override async Task HandleAsync(PatchUserPasswordDto req, CancellationToken ct)
|
||||
{
|
||||
User? user = await usersRepository.SingleOrDefaultAsync(new GetUserByIdSpec(req.Id), ct);
|
||||
int userId = userService.GetUserIdFromToken();
|
||||
|
||||
User? user = await usersRepository.SingleOrDefaultAsync(new GetUserByIdSpec(userId), ct);
|
||||
|
||||
if (user is null)
|
||||
{
|
||||
|
||||
@@ -1,22 +1,25 @@
|
||||
using BeReadyBackend.DTO.Users;
|
||||
using BeReadyBackend.Models;
|
||||
using BeReadyBackend.Repositories;
|
||||
using BeReadyBackend.Services;
|
||||
using BeReadyBackend.Specifications.Users;
|
||||
using FastEndpoints;
|
||||
|
||||
namespace BeReadyBackend.Endpoints.Users;
|
||||
|
||||
public class UpdateUserEndpoint(UsersRepository usersRepository, AutoMapper.IMapper mapper) : Endpoint<UpdateUserDto>
|
||||
public class UpdateUserEndpoint(UsersRepository usersRepository, UserService userService, AutoMapper.IMapper mapper) : Endpoint<UpdateUserDto>
|
||||
{
|
||||
public override void Configure()
|
||||
{
|
||||
Put("/Users/{@Id}/", x => new {x.Id});
|
||||
Put("/Users/");
|
||||
AllowAnonymous();
|
||||
}
|
||||
|
||||
public override async Task HandleAsync(UpdateUserDto req, CancellationToken ct)
|
||||
{
|
||||
User? user = await usersRepository.FirstOrDefaultAsync(new GetUserByCriteriaSpec(req.Username!, req.Email!, req.Id), ct);
|
||||
int userId = userService.GetUserIdFromToken();
|
||||
|
||||
User? user = await usersRepository.FirstOrDefaultAsync(new GetUserByCriteriaSpec(req.Username!, req.Email!, userId), ct);
|
||||
|
||||
if (user is not null)
|
||||
{
|
||||
@@ -24,7 +27,7 @@ public class UpdateUserEndpoint(UsersRepository usersRepository, AutoMapper.IMap
|
||||
return;
|
||||
}
|
||||
|
||||
user = await usersRepository.SingleOrDefaultAsync(new GetUserByIdSpec(req.Id), ct);
|
||||
user = await usersRepository.SingleOrDefaultAsync(new GetUserByIdSpec(userId), ct);
|
||||
|
||||
if (user is null)
|
||||
{
|
||||
|
||||
@@ -12,9 +12,7 @@ public class DtoToEntityMappings : Profile
|
||||
CreateMap<UnlockAchievementDto, UserAchievement>();
|
||||
|
||||
CreateMap<CreateUserDto, User>();
|
||||
CreateMap<UpdateUserDto, User>()
|
||||
.ForMember(dest => dest.Id, opt => opt.Ignore());
|
||||
CreateMap<PatchUserDesignationDto, User>()
|
||||
.ForMember(dest => dest.Id, opt => opt.Ignore());
|
||||
CreateMap<UpdateUserDto, User>();
|
||||
CreateMap<PatchUserDesignationDto, User>();
|
||||
}
|
||||
}
|
||||
@@ -7,6 +7,7 @@ using FastEndpoints.Swagger;
|
||||
using FastEndpoints.Security;
|
||||
using Microsoft.Net.Http.Headers;
|
||||
using BeReadyBackend.Repositories;
|
||||
using BeReadyBackend.Services;
|
||||
|
||||
WebApplicationBuilder builder = WebApplication.CreateBuilder(args);
|
||||
|
||||
@@ -44,6 +45,10 @@ builder.Services.AddScoped<UserGroupsRepository>();
|
||||
builder.Services.AddScoped<UserRandomChallengesRepository>();
|
||||
builder.Services.AddScoped<UsersRepository>();
|
||||
|
||||
builder.Services.AddHttpContextAccessor();
|
||||
|
||||
builder.Services.AddScoped<UserService>();
|
||||
|
||||
MapperConfiguration mappingConfig = new(mc =>
|
||||
{
|
||||
mc.AddCollectionMappers();
|
||||
|
||||
@@ -0,0 +1,21 @@
|
||||
using System.Security.Claims;
|
||||
using BeReadyBackend.Models;
|
||||
|
||||
namespace BeReadyBackend.Services;
|
||||
|
||||
public class UserService
|
||||
{
|
||||
private readonly IHttpContextAccessor _httpContextAccessor;
|
||||
|
||||
public UserService(IHttpContextAccessor httpContextAccessor)
|
||||
{
|
||||
_httpContextAccessor = httpContextAccessor;
|
||||
}
|
||||
|
||||
public int GetUserIdFromToken()
|
||||
{
|
||||
ClaimsPrincipal user = _httpContextAccessor.HttpContext!.User;
|
||||
string? userId = user.Claims.FirstOrDefault(x => x.Type == "UserId")?.Value;
|
||||
return int.Parse(userId!);
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user