Compare commits
4 Commits
481839159c
...
07d7fec24f
| Author | SHA1 | Date | |
|---|---|---|---|
| 07d7fec24f | |||
| 22793c7882 | |||
| 9bf9eabad7 | |||
| 966ab9bdda |
19
Endpoint/Common/Attributes/LocalhostAttribute.cs
Normal file
19
Endpoint/Common/Attributes/LocalhostAttribute.cs
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
using Microsoft.AspNetCore.Mvc;
|
||||||
|
using Microsoft.AspNetCore.Mvc.Filters;
|
||||||
|
using System.Net;
|
||||||
|
|
||||||
|
namespace Mirea.Api.Endpoint.Common.Attributes;
|
||||||
|
|
||||||
|
public class LocalhostAttribute : ActionFilterAttribute
|
||||||
|
{
|
||||||
|
public override void OnActionExecuting(ActionExecutingContext context)
|
||||||
|
{
|
||||||
|
var ip = context.HttpContext.Connection.RemoteIpAddress;
|
||||||
|
if (ip == null || !IPAddress.IsLoopback(ip))
|
||||||
|
{
|
||||||
|
context.Result = new UnauthorizedResult();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
base.OnActionExecuting(context);
|
||||||
|
}
|
||||||
|
}
|
||||||
49
Endpoint/Controllers/Configuration/SetupController.cs
Normal file
49
Endpoint/Controllers/Configuration/SetupController.cs
Normal file
@ -0,0 +1,49 @@
|
|||||||
|
using System;
|
||||||
|
using System.Security.Cryptography;
|
||||||
|
using Microsoft.AspNetCore.Http;
|
||||||
|
using Microsoft.AspNetCore.Mvc;
|
||||||
|
using Mirea.Api.Endpoint.Common.Attributes;
|
||||||
|
using Mirea.Api.Endpoint.Common.Exceptions;
|
||||||
|
using Mirea.Api.Endpoint.Common.Interfaces;
|
||||||
|
using Mirea.Api.Endpoint.Configuration.General;
|
||||||
|
|
||||||
|
namespace Mirea.Api.Endpoint.Controllers.Configuration;
|
||||||
|
|
||||||
|
[ApiVersion("1.0")]
|
||||||
|
[ApiController]
|
||||||
|
[MaintenanceModeIgnore]
|
||||||
|
public class SetupController(ISetupToken setupToken, IMaintenanceModeNotConfigureService notConfigureService) : BaseController
|
||||||
|
{
|
||||||
|
[HttpGet("GenerateToken")]
|
||||||
|
[Localhost]
|
||||||
|
public ActionResult<string> GenerateToken()
|
||||||
|
{
|
||||||
|
if (!notConfigureService.IsMaintenanceMode)
|
||||||
|
throw new ControllerArgumentException(
|
||||||
|
"The token cannot be generated because the server has been configured. " +
|
||||||
|
$"If you need to restart the configuration, then delete the \"{PathBuilder.Combine(GeneralConfig.FilePath)}\" file and restart the application.");
|
||||||
|
|
||||||
|
var token = new byte[32];
|
||||||
|
RandomNumberGenerator.Create().GetBytes(token);
|
||||||
|
setupToken.SetToken(token);
|
||||||
|
|
||||||
|
return Ok(Convert.ToBase64String(token));
|
||||||
|
}
|
||||||
|
|
||||||
|
[HttpGet("CheckToken")]
|
||||||
|
public ActionResult<bool> CheckToken([FromQuery] string token)
|
||||||
|
{
|
||||||
|
if (!setupToken.MatchToken(Convert.FromBase64String(token))) return Unauthorized("The token is not valid");
|
||||||
|
|
||||||
|
Response.Cookies.Append("AuthToken", token, new CookieOptions
|
||||||
|
{
|
||||||
|
HttpOnly = false,
|
||||||
|
Secure = false,
|
||||||
|
Path = "/"
|
||||||
|
});
|
||||||
|
|
||||||
|
return Ok(true);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
}
|
||||||
Loading…
Reference in New Issue
Block a user