feat: give the user the ability to make a password policy

2024-12-18 07:27:57 +03:00
parent 598ebabc5c
commit e760ddae0a
8 changed files with 159 additions and 17 deletions
--- a/Endpoint/Common/MapperDto/PasswordPolicyConverter.cs
+++ b/Endpoint/Common/MapperDto/PasswordPolicyConverter.cs
@ -0,0 +1,23 @@
+using Mirea.Api.Dto.Common;
+
+namespace Mirea.Api.Endpoint.Common.MapperDto;
+
+public static class PasswordPolicyConverter
+{
+    public static Security.Common.Domain.PasswordPolicy ConvertFromDto(this PasswordPolicy policy) =>
+        new(policy.MinimumLength,
+            policy.RequireLetter,
+            policy.RequireLettersDifferentCase,
+            policy.RequireDigit,
+            policy.RequireSpecialCharacter);
+
+    public static PasswordPolicy ConvertToDto(this Security.Common.Domain.PasswordPolicy policy) =>
+        new()
+        {
+            MinimumLength = policy.MinimumLength,
+            RequireLetter = policy.RequireLetter,
+            RequireDigit = policy.RequireDigit,
+            RequireSpecialCharacter = policy.RequireSpecialCharacter,
+            RequireLettersDifferentCase = policy.RequireLettersDifferentCase
+        };
+}
--- a/Endpoint/Controllers/Configuration/SetupController.cs
+++ b/Endpoint/Controllers/Configuration/SetupController.cs
@ -25,6 +25,7 @@ using System.Linq;
 using System.Net.Mail;
 using System.Runtime.InteropServices;
 using System.Security.Cryptography;
+using PasswordPolicy = Mirea.Api.Dto.Common.PasswordPolicy;

 namespace Mirea.Api.Endpoint.Controllers.Configuration;

@ -340,6 +341,20 @@ public class SetupController(

        return true;
    }
+    [HttpPost("SetPasswordPolicy")]
+    [TokenAuthentication]
+    public ActionResult<bool> SetPasswordPolicy([FromBody] PasswordPolicy? policy = null)
+    {
+        GeneralConfig.PasswordPolicy = policy?.ConvertFromDto() ?? new Security.Common.Domain.PasswordPolicy();
+        cache.Set("password", true);
+        return true;
+    }
+
+    [HttpGet("PasswordPolicyConfiguration")]
+    [TokenAuthentication]
+    [ProducesResponseType(StatusCodes.Status204NoContent)]
+    public ActionResult<PasswordPolicy> PasswordPolicyConfiguration() =>
+         cache.TryGetValue("password", out _) ? Ok(GeneralConfig.PasswordPolicy) : NoContent();

    [HttpPost("Submit")]
    [TokenAuthentication]
--- a/Endpoint/Controllers/V1/AuthController.cs
+++ b/Endpoint/Controllers/V1/AuthController.cs
@ -149,13 +149,16 @@ public class AuthController(IOptionsSnapshot<Admin> user, AuthService auth, Pass
    [BadRequestResponse]
    public ActionResult<string> RenewPassword([FromBody] string? password = null)
    {
+        var passwordPolicy = generalConfig.Value.PasswordPolicy;
+        var passwordPolicyService = new PasswordPolicyService(passwordPolicy);
+
        if (string.IsNullOrEmpty(password))
            password = string.Empty;
-        else if (!PasswordHashService.HasPasswordInPolicySecurity(password))
-            throw new ControllerArgumentException("The password must be at least 8 characters long and contain at least one uppercase letter and one special character.");
+        else
+            passwordPolicyService.ValidatePasswordOrThrow(password);

-        while (!PasswordHashService.HasPasswordInPolicySecurity(password))
-            password = GeneratorKey.GenerateAlphaNumeric(16, includes: "!@#%^");
+        while (!passwordPolicyService.TryValidatePassword(password))
+            password = GeneratorKey.GenerateAlphaNumeric(passwordPolicy.MinimumLength + 2, includes: "!@#%^");

        var (salt, hash) = passwordService.HashPassword(password);

--- a/Endpoint/Controllers/V1/SecurityController.cs
+++ b/Endpoint/Controllers/V1/SecurityController.cs
@ -0,0 +1,26 @@
+using Asp.Versioning;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.Extensions.Options;
+using Mirea.Api.Dto.Common;
+using Mirea.Api.Endpoint.Common.Attributes;
+using Mirea.Api.Endpoint.Common.MapperDto;
+using Mirea.Api.Endpoint.Configuration.Model;
+using QRCoder;
+using System;
+using System.Drawing;
+
+namespace Mirea.Api.Endpoint.Controllers.V1;
+
+[ApiVersion("1.0")]
+public class SecurityController(IOptionsSnapshot<GeneralConfig> generalConfig) : BaseController
+{
+    /// <summary>
+    /// Retrieves the current password policy for user authentication.
+    /// </summary>
+    /// <returns>
+    /// The current password policy
+    /// </returns>
+    [HttpGet("PasswordPolicy")]
+    public ActionResult<PasswordPolicy> PasswordPolicy() =>
+        Ok(generalConfig.Value.PasswordPolicy.ConvertToDto());
+}