DifferentDirection/Relay
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

need to solve DB read issue

Browse Source
This commit is contained in:
Cody Larkin
2026-05-04 20:51:46 -04:00
parent 885db41ba9
commit f8b595f609
3 changed files with 69 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
RelayCore/Endpoints/AuthEndpoints.cs
View File

@@ -1,4 +1,5 @@
using RelayCore.Services; using Microsoft.Extensions.Primitives;
using RelayCore.Services;
namespace RelayCore.Endpoints; namespace RelayCore.Endpoints;
@@ -7,20 +8,30 @@ public static class AuthEndpoints
public static void MapAuthEndpoints(this WebApplication app) public static void MapAuthEndpoints(this WebApplication app)
{ {
app.MapPost("/user/signin", async (AuthSignin request, APIAuthService service, HttpContext context) => app.MapPost("/user/signin", async (AuthSignin request, APIAuthService service, HttpContext context) =>
{
string ip = "";
StringValues userAgent = "";
if (context != null)
{
ip = context.Connection.RemoteIpAddress?.MapToIPv4().ToString();
context.Request.Headers.TryGetValue("User-Agent", out userAgent);
}
var token = await service.UserSigninAsync(request, ip, userAgent.ToString());
return token != null ? Results.Ok(token) : Results.Unauthorized();
});
app.MapGet("/users", async (APIAuthService service) =>
{
return Results.Ok(service.GetUsersAsync());
});
app.MapPost("/user/register", async (AuthRegister request, APIAuthService service, HttpContext context) =>
{ {
var ip = context.Connection.RemoteIpAddress?.MapToIPv4().ToString(); var ip = context.Connection.RemoteIpAddress?.MapToIPv4().ToString();
context.Request.Headers.TryGetValue("User-Agent", out var userAgent); context.Request.Headers.TryGetValue("User-Agent", out var userAgent);
Console.WriteLine($"IP:{ip}\nUserAgent:{userAgent}"); var token = await service.UserRegisterAsync(request, ip, userAgent);
// var token = await service.UserSigninAsync(request, ip, userAgent); return token != null ? Results.Ok(token) : Results.Ok("Username or Email already exists!");
// return token != null ? Results.Ok(token) : Results.Unauthorized();
return Results.Ok();
});
app.MapPost("/user/register", async (AuthRegister request, APIAuthService service) =>
{
var token = await service.UserRegisterAsync(request);
return token != null ? Results.Ok(token) : Results.Unauthorized();
}); });
app.MapPost("/server/verify/user", async (AuthUserVerify request, APIAuthService service) => app.MapPost("/server/verify/user", async (AuthUserVerify request, APIAuthService service) =>
{ {

1
RelayCore/Models/Users.cs
View File

@@ -1,3 +1,4 @@
using System.Text.Json.Serialization;
using SurrealDb.Net.Models; using SurrealDb.Net.Models;
namespace RelayCore.Models; namespace RelayCore.Models;

55
RelayCore/Services/APIAuthService.cs
View File

@@ -1,4 +1,5 @@
using RelayCore.Endpoints; using Newtonsoft.Json;
using RelayCore.Endpoints;
using RelayCore.Models; using RelayCore.Models;
using SurrealDb.Net; using SurrealDb.Net;
using SurrealDb.Net.Models; using SurrealDb.Net.Models;
@@ -8,21 +9,25 @@ namespace RelayCore.Services;
public class APIAuthService(SurrealDbClient _db) public class APIAuthService(SurrealDbClient _db)
{ {
public async Task<string> UserSigninAsync(AuthSignin request) public async Task<string?> UserSigninAsync(AuthSignin request, string ip, string userAgent)
{ {
var hasher = new PasswordHasher(); var hasher = new PasswordHasher();
var users = await _db.Select<Users>("auth_users"); var users = await _db.Select<Users>("auth_users");
var user = users.FirstOrDefault(x => (x.Username == request.UserName || x.Email == request.UserName) var user = users.FirstOrDefault(x => (x.Username == request.UserName || x.Email == request.UserName) );
&& hasher.VerifyPassword(request.Password, x.Password)); // && hasher.VerifyPassword(request.Password, x.Password));
if (user == null)
return null;
var tokens = await _db.Select<Sessions>("auth_sessions"); var tokens = await _db.Select<Sessions>("auth_sessions");
var token = tokens.Where(x => x.UserId == user.Id && !x.Revoked).OrderByDescending(x => x.ExpiresAt).FirstOrDefault(); var token = tokens.Where(x => x.UserId == user.Id && x.IpAddress == ip && x.UserAgent == userAgent && !x.Revoked)
.OrderByDescending(x => x.ExpiresAt).FirstOrDefault();
if (token != null)
if (token.ExpiresAt > DateTime.UtcNow) if (token.ExpiresAt > DateTime.UtcNow)
return token.TokenHash; return token.TokenHash;
//TODO: Generate TOKEN //TODO: Generate TOKEN
var newToken = hasher.HashPassword($"{user.Email}{user.Username}{user.Password}"); var newToken = hasher.HashPassword($"{request.UserName}{userAgent}");
//TODO: Store TOKEN and Username for verification //TODO: Store TOKEN and Username for verification
var sessionId = await _db.Create<Sessions>(new Sessions var sessionId = await _db.Create("auth_sessions", new Sessions
{ {
UserId = user.Id, UserId = user.Id,
TokenHash = newToken, TokenHash = newToken,
@@ -30,20 +35,46 @@ public class APIAuthService(SurrealDbClient _db)
ExpiresAt = DateTime.UtcNow.AddDays(30), ExpiresAt = DateTime.UtcNow.AddDays(30),
DeviceName = "", DeviceName = "",
Revoked = false, Revoked = false,
IpAddress = "", IpAddress = ip,
UserAgent = "" UserAgent = userAgent
}); });
//TODO: Add invalidation to TOKENs //TODO: Add invalidation to TOKENs
return newToken; return newToken;
} }
public async Task<string> UserRegisterAsync(AuthRegister request) public async Task<List<Users>> GetUsersAsync()
{ {
throw new NotImplementedException(); var users = await _db.Select<Users>("auth_users");
return users.Where(x => x.Username is not null).OrderByDescending(x=>x.CreatedAt).ToList();
}
public async Task<string> UserRegisterAsync(AuthRegister request, string ip, string userAgent)
{
var hasher = new PasswordHasher();
var users = await _db.Select<Users>("auth_users");
var user = users.FirstOrDefault(x => x.Username == request.Username || x.Email == request.Username);
Console.WriteLine($"Register User found in DB: {user.Username}");
if (user == null)
{
return await UserSigninAsync(new AuthSignin{UserName=request.Username, Password = request.Password}, ip, userAgent);
}
return null;
} }
public async Task<bool> ServerVerifyUser(AuthUserVerify request) public async Task<bool> ServerVerifyUser(AuthUserVerify request)
{ {
throw new NotImplementedException(); var users = await _db.Select<Users>("auth_users");
var user = users.FirstOrDefault(x => x.Username == request.Username);
if (user == null)
return false;
var sessions = await _db.Select<Sessions>("auth_sessions");
var session = sessions.FirstOrDefault(x => x.TokenHash == request.Token && x.UserId == user.Id);
if (session == null)
return false;
return true;
} }
} }