From 5565be07f8d8d473759315fd99747c64e2ce3450 Mon Sep 17 00:00:00 2001 From: Jake Mannens Date: Fri, 15 Sep 2023 10:31:20 +1000 Subject: Completed initial login functionality --- Controllers/LoginController.cs | 50 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) create mode 100644 Controllers/LoginController.cs (limited to 'Controllers') diff --git a/Controllers/LoginController.cs b/Controllers/LoginController.cs new file mode 100644 index 0000000..b01553c --- /dev/null +++ b/Controllers/LoginController.cs @@ -0,0 +1,50 @@ +using HyperBooru.Services; +using Microsoft.AspNetCore.Authentication; +using Microsoft.AspNetCore.Authentication.Cookies; +using Microsoft.AspNetCore.Cryptography.KeyDerivation; +using Microsoft.AspNetCore.Mvc; +using System.Security.Claims; + +namespace HyperBooru.Controllers; + +[ApiController] +[Route("/")] +public class LoginController : Controller { + private IHttpContextAccessor httpContextAccessor; + + public LoginController(IHttpContextAccessor httpContextAccessor) => + this.httpContextAccessor = httpContextAccessor; + + [HttpPost("Login")] + public async Task Login( + [FromForm] string username, + [FromForm] string password, + HBContext db) { + + var user = db.Users.FirstOrDefault(u => u.Username == username); + if(user is null) + return StatusCode(403); + + var hash = UserService.HashPassword(password); + if(hash != user.PasswordHash) + return StatusCode(403); + + var claims = new Claim[] { + new Claim(ClaimTypes.Name, user.Username), + new Claim("ObjectId", user.ObjectId.ToString()) + }; + + var claimsIdentity = new ClaimsIdentity( + claims, + CookieAuthenticationDefaults.AuthenticationScheme); + + var claimsPrincipal = new ClaimsPrincipal(claimsIdentity); + + await httpContextAccessor.HttpContext!.SignInAsync(claimsPrincipal); + return Ok(); + } + + [HttpPost("Logout")] + public async Task Logout() => + await httpContextAccessor.HttpContext!.SignOutAsync(); +} -- cgit v1.3