Compare commits
7 Commits
5cc54eac44
...
85722f8552
| Author | SHA1 | Date | |
|---|---|---|---|
| 85722f8552 | |||
| 9231c4d5ca | |||
| 7b94f9cc1f | |||
| 7bafbb95c4 | |||
| 544ad6e791 | |||
| e4b942d062 | |||
| f2e79e51f2 |
@ -22,4 +22,17 @@ public class LoggingRequest
|
||||
/// Gets or sets the log file path.
|
||||
/// </summary>
|
||||
public string? LogFilePath { get; set; }
|
||||
|
||||
/// <summary>
|
||||
/// Gets or sets the API key for integrating with Seq, a log aggregation service.
|
||||
/// If provided, logs will be sent to a Seq server using this API key.
|
||||
/// </summary>
|
||||
public string? ApiKeySeq { get; set; }
|
||||
|
||||
/// <summary>
|
||||
/// Gets or sets the server URL for the Seq logging service.
|
||||
/// This property specifies the Seq server endpoint to which logs will be sent.
|
||||
/// If <see cref="ApiKeySeq"/> is provided, logs will be sent to this server.
|
||||
/// </summary>
|
||||
public string? ApiServerSeq { get; set; }
|
||||
}
|
||||
@ -1,22 +0,0 @@
|
||||
using System.ComponentModel.DataAnnotations;
|
||||
|
||||
namespace Mirea.Api.Dto.Responses;
|
||||
|
||||
/// <summary>
|
||||
/// A class for providing information about an error
|
||||
/// </summary>
|
||||
public class ErrorResponse
|
||||
{
|
||||
/// <summary>
|
||||
/// The text or translation code of the error. This field may not contain information in specific scenarios.
|
||||
/// For example, it might be empty for HTTP 204 responses where no content is returned or if the validation texts have not been configured.
|
||||
/// </summary>
|
||||
[Required]
|
||||
public required string Error { get; set; }
|
||||
/// <summary>
|
||||
/// In addition to returning the response code in the header, it is also duplicated in this field.
|
||||
/// Represents the HTTP response code.
|
||||
/// </summary>
|
||||
[Required]
|
||||
public required int Code { get; set; }
|
||||
}
|
||||
@ -1,9 +1,8 @@
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Mirea.Api.Dto.Responses;
|
||||
using System;
|
||||
|
||||
namespace Mirea.Api.Endpoint.Common.Attributes;
|
||||
|
||||
[AttributeUsage(AttributeTargets.Method, Inherited = false, AllowMultiple = true)]
|
||||
public class BadRequestResponseAttribute() : ProducesResponseTypeAttribute(typeof(ErrorResponse), StatusCodes.Status400BadRequest);
|
||||
public class BadRequestResponseAttribute() : ProducesResponseTypeAttribute(typeof(ProblemDetails), StatusCodes.Status400BadRequest);
|
||||
@ -1,9 +1,8 @@
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Mirea.Api.Dto.Responses;
|
||||
using System;
|
||||
|
||||
namespace Mirea.Api.Endpoint.Common.Attributes;
|
||||
|
||||
[AttributeUsage(AttributeTargets.Method, Inherited = false, AllowMultiple = true)]
|
||||
public class NotFoundResponseAttribute() : ProducesResponseTypeAttribute(typeof(ErrorResponse), StatusCodes.Status404NotFound);
|
||||
public class NotFoundResponseAttribute() : ProducesResponseTypeAttribute(typeof(ProblemDetails), StatusCodes.Status404NotFound);
|
||||
8
Endpoint/Common/Exceptions/ServerUnavailableException.cs
Normal file
8
Endpoint/Common/Exceptions/ServerUnavailableException.cs
Normal file
@ -0,0 +1,8 @@
|
||||
using System;
|
||||
|
||||
namespace Mirea.Api.Endpoint.Common.Exceptions;
|
||||
|
||||
public class ServerUnavailableException(string message, bool addRetryAfter) : Exception(message)
|
||||
{
|
||||
public bool AddRetryAfter { get; } = addRetryAfter;
|
||||
}
|
||||
@ -1,10 +1,13 @@
|
||||
using FluentValidation;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.Extensions.Logging;
|
||||
using Mirea.Api.DataAccess.Application.Common.Exceptions;
|
||||
using Mirea.Api.Dto.Responses;
|
||||
using Mirea.Api.Endpoint.Common.Exceptions;
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Diagnostics;
|
||||
using System.Linq;
|
||||
using System.Security;
|
||||
using System.Text.Json;
|
||||
using System.Threading.Tasks;
|
||||
@ -27,50 +30,63 @@ public class CustomExceptionHandlerMiddleware(RequestDelegate next, ILogger<Cust
|
||||
|
||||
private Task HandleExceptionAsync(HttpContext context, Exception exception)
|
||||
{
|
||||
var code = StatusCodes.Status500InternalServerError;
|
||||
var result = string.Empty;
|
||||
var traceId = Activity.Current?.Id ?? context.TraceIdentifier;
|
||||
|
||||
var problemDetails = new ProblemDetails
|
||||
{
|
||||
Type = "https://tools.ietf.org/html/rfc9110#section-15.6",
|
||||
Title = "An unexpected error occurred.",
|
||||
Status = StatusCodes.Status500InternalServerError,
|
||||
Detail = exception.Message,
|
||||
Extensions = new Dictionary<string, object?>()
|
||||
{
|
||||
{ "traceId", traceId }
|
||||
}
|
||||
};
|
||||
|
||||
switch (exception)
|
||||
{
|
||||
case ValidationException validationException:
|
||||
code = StatusCodes.Status400BadRequest;
|
||||
result = JsonSerializer.Serialize(new ErrorResponse()
|
||||
problemDetails.Status = StatusCodes.Status400BadRequest;
|
||||
problemDetails.Type = "https://tools.ietf.org/html/rfc9110#section-15.5.1";
|
||||
problemDetails.Title = "Validation errors occurred.";
|
||||
problemDetails.Extensions = new Dictionary<string, object?>
|
||||
{
|
||||
Error = validationException.Message,
|
||||
Code = code
|
||||
});
|
||||
{ "errors", validationException.Errors.Select(e => e.ErrorMessage).ToArray() },
|
||||
{ "traceId", traceId }
|
||||
};
|
||||
break;
|
||||
case NotFoundException:
|
||||
code = StatusCodes.Status404NotFound;
|
||||
problemDetails.Status = StatusCodes.Status404NotFound;
|
||||
problemDetails.Type = "https://tools.ietf.org/html/rfc9110#section-15.5.4";
|
||||
problemDetails.Title = "Resource not found.";
|
||||
break;
|
||||
case ControllerArgumentException:
|
||||
code = StatusCodes.Status400BadRequest;
|
||||
problemDetails.Status = StatusCodes.Status400BadRequest;
|
||||
problemDetails.Type = "https://tools.ietf.org/html/rfc9110#section-15.5.1";
|
||||
problemDetails.Title = "Invalid arguments provided.";
|
||||
break;
|
||||
case SecurityException:
|
||||
code = StatusCodes.Status401Unauthorized;
|
||||
problemDetails.Status = StatusCodes.Status401Unauthorized;
|
||||
problemDetails.Type = "https://tools.ietf.org/html/rfc9110#section-15.5.2";
|
||||
problemDetails.Title = "Unauthorized access.";
|
||||
break;
|
||||
case ServerUnavailableException unavailableException:
|
||||
problemDetails.Status = StatusCodes.Status503ServiceUnavailable;
|
||||
problemDetails.Type = "https://datatracker.ietf.org/doc/html/rfc9110#section-15.6.4";
|
||||
problemDetails.Title = "Server unavailable.";
|
||||
problemDetails.Detail = unavailableException.Message;
|
||||
if (unavailableException.AddRetryAfter)
|
||||
context.Response.Headers.RetryAfter = "600";
|
||||
break;
|
||||
}
|
||||
|
||||
context.Response.ContentType = "application/json";
|
||||
context.Response.StatusCode = code;
|
||||
|
||||
if (!string.IsNullOrEmpty(result))
|
||||
return context.Response.WriteAsync(result);
|
||||
|
||||
string error;
|
||||
if (code == StatusCodes.Status500InternalServerError)
|
||||
{
|
||||
error = "Internal Server Error";
|
||||
if (problemDetails.Status == StatusCodes.Status500InternalServerError)
|
||||
logger.LogError(exception, "Internal server error when processing the request");
|
||||
}
|
||||
else
|
||||
error = exception.Message;
|
||||
|
||||
result = JsonSerializer.Serialize(new ErrorResponse()
|
||||
{
|
||||
Error = error,
|
||||
Code = code
|
||||
});
|
||||
context.Response.ContentType = "application/json";
|
||||
context.Response.StatusCode = problemDetails.Status.Value;
|
||||
|
||||
return context.Response.WriteAsync(result);
|
||||
return context.Response.WriteAsync(JsonSerializer.Serialize(problemDetails));
|
||||
}
|
||||
}
|
||||
@ -1,5 +1,6 @@
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Mirea.Api.Endpoint.Common.Attributes;
|
||||
using Mirea.Api.Endpoint.Common.Exceptions;
|
||||
using Mirea.Api.Endpoint.Common.Interfaces;
|
||||
using System.Threading.Tasks;
|
||||
|
||||
@ -23,17 +24,11 @@ public class MaintenanceModeMiddleware(RequestDelegate next, IMaintenanceModeSer
|
||||
context.Response.StatusCode = StatusCodes.Status503ServiceUnavailable;
|
||||
context.Response.ContentType = "plain/text";
|
||||
|
||||
string error;
|
||||
if (maintenanceModeService.IsMaintenanceMode)
|
||||
{
|
||||
context.Response.Headers.RetryAfter = "600";
|
||||
error = "The service is currently undergoing maintenance. Please try again later.";
|
||||
}
|
||||
else
|
||||
error =
|
||||
"The service is currently not configured. Go to the setup page if you are an administrator or try again later.";
|
||||
throw new ServerUnavailableException("The service is currently undergoing maintenance. Please try again later.", true);
|
||||
|
||||
await context.Response.WriteAsync(error);
|
||||
throw new ServerUnavailableException(
|
||||
"The service is currently not configured. Go to the setup page if you are an administrator or try again later.", false);
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -4,9 +4,11 @@ using Microsoft.Extensions.Hosting;
|
||||
using Mirea.Api.Endpoint.Common.Services;
|
||||
using Mirea.Api.Endpoint.Configuration.Model;
|
||||
using Serilog;
|
||||
using Serilog.Context;
|
||||
using Serilog.Events;
|
||||
using Serilog.Filters;
|
||||
using Serilog.Formatting.Compact;
|
||||
using System.Diagnostics;
|
||||
using System.IO;
|
||||
|
||||
namespace Mirea.Api.Endpoint.Configuration.Core.Startup;
|
||||
@ -43,6 +45,12 @@ public static class LoggerConfiguration
|
||||
rollingInterval: RollingInterval.Day);
|
||||
}
|
||||
|
||||
#if !DEBUG
|
||||
if (generalConfig != null && !string.IsNullOrEmpty(generalConfig.ApiServerSeq) &&
|
||||
Uri.TryCreate(generalConfig.ApiServerSeq, UriKind.Absolute, out var _))
|
||||
configuration.WriteTo.Seq(generalConfig.ApiServerSeq, apiKey: generalConfig.ApiKeySeq);
|
||||
#endif
|
||||
|
||||
configuration
|
||||
.MinimumLevel.Override("Microsoft.AspNetCore.Hosting", LogEventLevel.Warning)
|
||||
.MinimumLevel.Override("Microsoft.AspNetCore.Mvc", LogEventLevel.Warning)
|
||||
@ -55,7 +63,14 @@ public static class LoggerConfiguration
|
||||
|
||||
public static IApplicationBuilder UseCustomSerilog(this IApplicationBuilder app)
|
||||
{
|
||||
return app.UseSerilogRequestLogging(options =>
|
||||
return app.Use(async (context, next) =>
|
||||
{
|
||||
var traceId = Activity.Current?.Id ?? context.TraceIdentifier;
|
||||
using (LogContext.PushProperty("TraceId", traceId))
|
||||
{
|
||||
await next();
|
||||
}
|
||||
}).UseSerilogRequestLogging(options =>
|
||||
{
|
||||
options.MessageTemplate = "[{RequestMethod}] {RequestPath} [Client {RemoteIPAddress}] [{StatusCode}] in {Elapsed:0.0000} ms";
|
||||
|
||||
|
||||
@ -9,6 +9,8 @@ public class LogSettings : IIsConfigured
|
||||
public bool EnableLogToFile { get; set; }
|
||||
public string? LogFilePath { get; set; }
|
||||
public string? LogFileName { get; set; }
|
||||
public string? ApiKeySeq { get; set; }
|
||||
public string? ApiServerSeq { get; set; }
|
||||
|
||||
public bool IsConfigured()
|
||||
{
|
||||
|
||||
@ -22,6 +22,7 @@ using Mirea.Api.Security.Common.Domain;
|
||||
using Mirea.Api.Security.Services;
|
||||
using MySqlConnector;
|
||||
using Npgsql;
|
||||
using Serilog;
|
||||
using StackExchange.Redis;
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
@ -30,6 +31,7 @@ using System.IO;
|
||||
using System.Linq;
|
||||
using System.Net.Mail;
|
||||
using System.Runtime.InteropServices;
|
||||
using System.Security;
|
||||
using System.Security.Cryptography;
|
||||
using PasswordPolicy = Mirea.Api.Dto.Common.PasswordPolicy;
|
||||
|
||||
@ -88,7 +90,7 @@ public class SetupController(
|
||||
}
|
||||
|
||||
if (!setupToken.MatchToken(tokenBase64))
|
||||
return Unauthorized("The token is not valid");
|
||||
throw new SecurityException("The token is not valid");
|
||||
|
||||
Response.Cookies.Append(TokenAuthenticationAttribute.AuthToken, token, new CookieOptions
|
||||
{
|
||||
@ -407,6 +409,29 @@ public class SetupController(
|
||||
}
|
||||
};
|
||||
|
||||
if (!string.IsNullOrEmpty(request?.ApiServerSeq))
|
||||
{
|
||||
settings.ApiServerSeq = request.ApiServerSeq;
|
||||
settings.ApiKeySeq = request.ApiKeySeq;
|
||||
|
||||
try
|
||||
{
|
||||
Log.Logger = new LoggerConfiguration()
|
||||
.WriteTo.Seq(settings.ApiServerSeq, apiKey: settings.ApiKeySeq)
|
||||
.CreateLogger();
|
||||
|
||||
Log.Warning("Testing configuration Seq.");
|
||||
}
|
||||
catch
|
||||
{
|
||||
// ignoring
|
||||
}
|
||||
finally
|
||||
{
|
||||
Log.CloseAndFlush();
|
||||
}
|
||||
}
|
||||
|
||||
if (settings.EnableLogToFile)
|
||||
{
|
||||
if (string.IsNullOrEmpty(settings.LogFileName))
|
||||
@ -426,7 +451,9 @@ public class SetupController(
|
||||
{
|
||||
EnableLogToFile = settings.EnableLogToFile,
|
||||
LogFileName = settings.LogFileName,
|
||||
LogFilePath = settings.LogFilePath
|
||||
LogFilePath = settings.LogFilePath,
|
||||
ApiKeySeq = settings.ApiKeySeq,
|
||||
ApiServerSeq = settings.ApiServerSeq
|
||||
});
|
||||
|
||||
return true;
|
||||
|
||||
@ -15,6 +15,7 @@ using Mirea.Api.Security.Common.Domain;
|
||||
using Mirea.Api.Security.Services;
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Diagnostics;
|
||||
using System.Security.Claims;
|
||||
using System.Threading.Tasks;
|
||||
using OAuthProvider = Mirea.Api.Security.Common.Domain.OAuthProvider;
|
||||
@ -31,17 +32,17 @@ public class AuthController(IOptionsSnapshot<Admin> user, IOptionsSnapshot<Gener
|
||||
Path = UrlHelper.GetSubPathWithoutFirstApiName + "api"
|
||||
};
|
||||
|
||||
private static string GenerateHtmlResponse(string title, string message, OAuthProvider? provider, bool isError = false)
|
||||
private static string GenerateHtmlResponse(string title, string message, OAuthProvider? provider, bool isError = false, string? traceId = null)
|
||||
{
|
||||
string messageColor = isError ? "red" : "white";
|
||||
string script = "<script>setTimeout(()=>{if(window.opener){window.opener.postMessage(" +
|
||||
"{success:" + !isError +
|
||||
"{success:" + (!isError).ToString().ToLower() +
|
||||
",provider:'" + (provider == null ? "null" : (int)provider) +
|
||||
"',providerName:'" + (provider == null ? "null" : Enum.GetName(provider.Value)) +
|
||||
"',message:'" + message.Replace("'", "\\'") +
|
||||
"'},'*');}window.close();}, 5000);</script>";
|
||||
"'},'*');}window.close();}, 15000);</script>";
|
||||
|
||||
return $"<!DOCTYPE html><html lang=ru><head><meta charset=UTF-8><meta content=\"width=device-width,initial-scale=1\"name=viewport><link href=\"https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap\"rel=stylesheet><style>body{{background-color:#121212;color:#fff;font-family:Roboto,sans-serif;display:flex;justify-content:center;align-items:center;height:100vh;margin:0;text-align:center}}.container{{max-width:600px;padding:20px;border-radius:8px;background-color:#1e1e1e;box-shadow:0 4px 20px rgba(0,0,0,.5)}}h1{{font-size:24px;margin-bottom:20px}}p{{font-size:16px;color:{messageColor}}}</style><title>{title}</title></head><body><div class=container><h1>{title}</h1><p>{message}<p style=font-size:14px;color:silver;>Это информационная страница. Вы можете закрыть её.</div>{script}</body></html>";
|
||||
return $"<!DOCTYPE html><html lang=ru><head><meta charset=UTF-8><meta content=\"width=device-width,initial-scale=1\"name=viewport><link href=\"https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap\"rel=stylesheet><style>body{{background-color:#121212;color:#fff;font-family:Roboto,sans-serif;display:flex;justify-content:center;align-items:center;height:100vh;margin:0;text-align:center}}.container{{max-width:600px;padding:20px;border-radius:8px;background-color:#1e1e1e;box-shadow:0 4px 20px rgba(0,0,0,.5)}}h1{{font-size:24px;margin-bottom:20px}}p{{font-size:16px;color:{messageColor}}}</style><title>{title}</title></head><body><div class=container><h1>{title}</h1><p>{message}</p><p style=font-size:14px;color:silver;>Это информационная страница. Вы можете закрыть её.</p>{(!string.IsNullOrEmpty(traceId) ? $"<code style=font-size:12px;color:gray;>TraceId={traceId}</code>" : string.Empty)}</div>{script}</body></html>";
|
||||
}
|
||||
|
||||
[HttpGet("OAuth2")]
|
||||
@ -56,6 +57,7 @@ public class AuthController(IOptionsSnapshot<Admin> user, IOptionsSnapshot<Gener
|
||||
string message;
|
||||
OAuthProvider provider;
|
||||
OAuthUser oAuthUser;
|
||||
var traceId = Activity.Current?.Id ?? HttpContext.TraceIdentifier;
|
||||
|
||||
try
|
||||
{
|
||||
@ -66,7 +68,7 @@ public class AuthController(IOptionsSnapshot<Admin> user, IOptionsSnapshot<Gener
|
||||
{
|
||||
title = "Произошла ошибка при общении с провайдером OAuth!";
|
||||
message = e.Message;
|
||||
return Content(GenerateHtmlResponse(title, message, null, true), "text/html");
|
||||
return Content(GenerateHtmlResponse(title, message, null, true, traceId), "text/html");
|
||||
}
|
||||
|
||||
var userEntity = user.Value;
|
||||
@ -79,7 +81,7 @@ public class AuthController(IOptionsSnapshot<Admin> user, IOptionsSnapshot<Gener
|
||||
{
|
||||
title = "Ошибка связи аккаунта!";
|
||||
message = "Этот OAuth провайдер уже связан с вашей учетной записью. Пожалуйста, используйте другого провайдера или удалите связь с аккаунтом.";
|
||||
return Content(GenerateHtmlResponse(title, message, provider, true), "text/html");
|
||||
return Content(GenerateHtmlResponse(title, message, provider, true, traceId), "text/html");
|
||||
}
|
||||
|
||||
userEntity.SaveSetting();
|
||||
@ -164,10 +166,6 @@ public class AuthController(IOptionsSnapshot<Admin> user, IOptionsSnapshot<Gener
|
||||
{
|
||||
var userEntity = user.Value;
|
||||
|
||||
if (!userEntity.Username.Equals(request.Username, StringComparison.OrdinalIgnoreCase) &&
|
||||
!userEntity.Email.Equals(request.Username, StringComparison.OrdinalIgnoreCase))
|
||||
return Unauthorized("Authentication failed. Please check your credentials.");
|
||||
|
||||
var tokenResult = await auth.LoginAsync(
|
||||
GetCookieParams(),
|
||||
new User
|
||||
@ -181,7 +179,7 @@ public class AuthController(IOptionsSnapshot<Admin> user, IOptionsSnapshot<Gener
|
||||
SecondFactorToken = userEntity.Secret,
|
||||
OAuthProviders = userEntity.OAuthProviders
|
||||
},
|
||||
HttpContext, request.Password);
|
||||
HttpContext, request.Password, request.Username);
|
||||
|
||||
return Ok(tokenResult.ConvertToDto());
|
||||
}
|
||||
|
||||
@ -6,6 +6,7 @@ using Mirea.Api.DataAccess.Application.Cqrs.Discipline.Queries.GetDisciplineList
|
||||
using Mirea.Api.Dto.Responses;
|
||||
using Mirea.Api.Endpoint.Common.Attributes;
|
||||
using System.Collections.Generic;
|
||||
using System.ComponentModel.DataAnnotations;
|
||||
using System.Linq;
|
||||
using System.Threading.Tasks;
|
||||
|
||||
@ -23,7 +24,7 @@ public class DisciplineController(IMediator mediator) : BaseController
|
||||
/// <returns>Paginated list of disciplines.</returns>
|
||||
[HttpGet]
|
||||
[BadRequestResponse]
|
||||
public async Task<ActionResult<List<DisciplineResponse>>> Get([FromQuery] int? page, [FromQuery] int? pageSize)
|
||||
public async Task<ActionResult<List<DisciplineResponse>>> Get([FromQuery][Range(0, int.MaxValue)] int? page, [FromQuery][Range(1, int.MaxValue)] int? pageSize)
|
||||
{
|
||||
var result = await mediator.Send(new GetDisciplineListQuery()
|
||||
{
|
||||
|
||||
@ -5,6 +5,7 @@ using Mirea.Api.DataAccess.Application.Cqrs.Faculty.Queries.GetFacultyList;
|
||||
using Mirea.Api.Dto.Responses;
|
||||
using Mirea.Api.Endpoint.Common.Attributes;
|
||||
using System.Collections.Generic;
|
||||
using System.ComponentModel.DataAnnotations;
|
||||
using System.Linq;
|
||||
using System.Threading.Tasks;
|
||||
|
||||
@ -22,7 +23,7 @@ public class FacultyController(IMediator mediator) : BaseController
|
||||
/// <returns>Paginated list of faculties.</returns>
|
||||
[HttpGet]
|
||||
[BadRequestResponse]
|
||||
public async Task<ActionResult<List<FacultyResponse>>> Get([FromQuery] int? page, [FromQuery] int? pageSize)
|
||||
public async Task<ActionResult<List<FacultyResponse>>> Get([FromQuery][Range(0, int.MaxValue)] int? page, [FromQuery][Range(1, int.MaxValue)] int? pageSize)
|
||||
{
|
||||
var result = await mediator.Send(new GetFacultyListQuery()
|
||||
{
|
||||
|
||||
@ -7,6 +7,7 @@ using Mirea.Api.Dto.Responses;
|
||||
using Mirea.Api.Endpoint.Common.Attributes;
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.ComponentModel.DataAnnotations;
|
||||
using System.Linq;
|
||||
using System.Threading.Tasks;
|
||||
|
||||
@ -37,7 +38,7 @@ public class GroupController(IMediator mediator) : BaseController
|
||||
/// <returns>A list of groups.</returns>
|
||||
[HttpGet]
|
||||
[BadRequestResponse]
|
||||
public async Task<ActionResult<List<GroupResponse>>> Get([FromQuery] int? page, [FromQuery] int? pageSize)
|
||||
public async Task<ActionResult<List<GroupResponse>>> Get([FromQuery][Range(0, int.MaxValue)] int? page, [FromQuery][Range(1, int.MaxValue)] int? pageSize)
|
||||
{
|
||||
var result = await mediator.Send(new GetGroupListQuery()
|
||||
{
|
||||
|
||||
@ -6,7 +6,9 @@ using Mirea.Api.DataAccess.Application.Cqrs.Professor.Queries.GetProfessorDetail
|
||||
using Mirea.Api.DataAccess.Application.Cqrs.Professor.Queries.GetProfessorList;
|
||||
using Mirea.Api.Dto.Responses;
|
||||
using Mirea.Api.Endpoint.Common.Attributes;
|
||||
using Mirea.Api.Endpoint.Common.Exceptions;
|
||||
using System.Collections.Generic;
|
||||
using System.ComponentModel.DataAnnotations;
|
||||
using System.Linq;
|
||||
using System.Threading.Tasks;
|
||||
|
||||
@ -24,7 +26,7 @@ public class ProfessorController(IMediator mediator) : BaseController
|
||||
/// <returns>A list of professors.</returns>
|
||||
[HttpGet]
|
||||
[BadRequestResponse]
|
||||
public async Task<ActionResult<List<ProfessorResponse>>> Get([FromQuery] int? page, [FromQuery] int? pageSize)
|
||||
public async Task<ActionResult<List<ProfessorResponse>>> Get([FromQuery][Range(0, int.MaxValue)] int? page, [FromQuery][Range(1, int.MaxValue)] int? pageSize)
|
||||
{
|
||||
var result = await mediator.Send(new GetProfessorListQuery()
|
||||
{
|
||||
@ -78,10 +80,10 @@ public class ProfessorController(IMediator mediator) : BaseController
|
||||
[HttpGet("{name:required}")]
|
||||
[BadRequestResponse]
|
||||
[NotFoundResponse]
|
||||
public async Task<ActionResult<List<ProfessorResponse>>> GetDetails(string name)
|
||||
public async Task<ActionResult<List<ProfessorResponse>>> GetDetails([MinLength(4)] string name)
|
||||
{
|
||||
if (string.IsNullOrEmpty(name) || name.Length < 4)
|
||||
return BadRequest($"The minimum number of characters is 4 (current: {name.Length}).");
|
||||
throw new ControllerArgumentException($"The minimum number of characters is 4 (current: {name.Length}).");
|
||||
|
||||
var result = await mediator.Send(new GetProfessorInfoSearchQuery()
|
||||
{
|
||||
|
||||
@ -8,6 +8,7 @@ using Mirea.Api.Dto.Common;
|
||||
using Mirea.Api.Dto.Requests;
|
||||
using Mirea.Api.Dto.Responses;
|
||||
using Mirea.Api.Endpoint.Common.Attributes;
|
||||
using Mirea.Api.Endpoint.Common.Exceptions;
|
||||
using Mirea.Api.Endpoint.Common.MapperDto;
|
||||
using Mirea.Api.Endpoint.Configuration.Model;
|
||||
using System;
|
||||
@ -52,14 +53,10 @@ public class ScheduleController(IMediator mediator, IOptionsSnapshot<GeneralConf
|
||||
(request.Professors == null || request.Professors.Length == 0) &&
|
||||
(request.LectureHalls == null || request.LectureHalls.Length == 0))
|
||||
{
|
||||
return BadRequest(new ErrorResponse()
|
||||
{
|
||||
Error = "At least one of the arguments must be selected."
|
||||
+ (request.IsEven.HasValue
|
||||
? $" \"{nameof(request.IsEven)}\" is not a strong argument"
|
||||
: string.Empty),
|
||||
Code = StatusCodes.Status400BadRequest
|
||||
});
|
||||
throw new ControllerArgumentException("At least one of the arguments must be selected."
|
||||
+ (request.IsEven.HasValue
|
||||
? $" \"{nameof(request.IsEven)}\" is not a strong argument"
|
||||
: string.Empty));
|
||||
}
|
||||
|
||||
var result = (await mediator.Send(new GetScheduleListQuery
|
||||
|
||||
@ -3,6 +3,7 @@ using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.Extensions.Options;
|
||||
using Mirea.Api.Dto.Common;
|
||||
using Mirea.Api.Endpoint.Common.Attributes;
|
||||
using Mirea.Api.Endpoint.Common.Exceptions;
|
||||
using Mirea.Api.Endpoint.Common.MapperDto;
|
||||
using Mirea.Api.Endpoint.Configuration.Model;
|
||||
using QRCoder;
|
||||
@ -68,7 +69,7 @@ public class SecurityController(IOptionsSnapshot<GeneralConfig> generalConfig) :
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
return BadRequest($"Failed to generate QR code: {ex.Message}");
|
||||
throw new ControllerArgumentException($"Failed to generate QR code: {ex.Message}");
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -5,9 +5,9 @@
|
||||
<ImplicitUsings>disable</ImplicitUsings>
|
||||
<Nullable>enable</Nullable>
|
||||
<Company>Winsomnia</Company>
|
||||
<Version>1.0-rc5</Version>
|
||||
<AssemblyVersion>1.0.2.5</AssemblyVersion>
|
||||
<FileVersion>1.0.2.5</FileVersion>
|
||||
<Version>1.0-rc6</Version>
|
||||
<AssemblyVersion>1.0.2.6</AssemblyVersion>
|
||||
<FileVersion>1.0.2.6</FileVersion>
|
||||
<AssemblyName>Mirea.Api.Endpoint</AssemblyName>
|
||||
<RootNamespace>$(AssemblyName)</RootNamespace>
|
||||
<OutputType>Exe</OutputType>
|
||||
@ -41,7 +41,7 @@
|
||||
<IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
|
||||
</PackageReference>
|
||||
<PackageReference Include="Microsoft.IdentityModel.Protocols.OpenIdConnect" Version="8.3.0" />
|
||||
<PackageReference Include="Mirea.Tools.Schedule.WebParser" Version="1.0.4" />
|
||||
<PackageReference Include="Mirea.Tools.Schedule.WebParser" Version="1.0.5" />
|
||||
<PackageReference Include="QRCoder" Version="1.6.0" />
|
||||
<PackageReference Include="Serilog" Version="4.2.0" />
|
||||
<PackageReference Include="Serilog.AspNetCore" Version="8.0.3" />
|
||||
@ -50,7 +50,8 @@
|
||||
<PackageReference Include="Serilog.Sinks.Debug" Version="3.0.0" />
|
||||
<PackageReference Include="Serilog.Sinks.File" Version="6.0.0" />
|
||||
<PackageReference Include="Microsoft.Extensions.Caching.StackExchangeRedis" Version="8.0.11" />
|
||||
<PackageReference Include="StackExchange.Redis" Version="2.8.22" />
|
||||
<PackageReference Include="Serilog.Sinks.Seq" Version="8.0.0" />
|
||||
<PackageReference Include="StackExchange.Redis" Version="2.8.24" />
|
||||
<PackageReference Include="Swashbuckle.AspNetCore" Version="7.2.0" />
|
||||
<PackageReference Include="System.CodeDom" Version="[8.0.0, 9.0.0)" />
|
||||
<PackageReference Include="System.Composition" Version="[8.0.0, 9.0.0)" />
|
||||
|
||||
@ -47,10 +47,11 @@ public class AuthService(ICacheService cache, IAccessToken accessTokenService, I
|
||||
private Task RevokeAccessToken(string token) =>
|
||||
revokedToken.AddTokenToRevokedAsync(token, accessTokenService.GetExpireDateTime(token));
|
||||
|
||||
private async Task VerifyUserOrThrowError(RequestContextInfo requestContext, User user, string password,
|
||||
private async Task VerifyUserOrThrowError(RequestContextInfo requestContext, User user, string password, string username,
|
||||
CancellationToken cancellation = default)
|
||||
{
|
||||
if (passwordService.VerifyPassword(password, user.Salt, user.PasswordHash))
|
||||
if ((user.Email.Equals(username, StringComparison.OrdinalIgnoreCase) || user.Username.Equals(username, StringComparison.OrdinalIgnoreCase)) &&
|
||||
passwordService.VerifyPassword(password, user.Salt, user.PasswordHash))
|
||||
return;
|
||||
|
||||
var failedLoginCacheName = $"{requestContext.Fingerprint}_login_failed";
|
||||
@ -151,11 +152,11 @@ public class AuthService(ICacheService cache, IAccessToken accessTokenService, I
|
||||
return true;
|
||||
}
|
||||
|
||||
public async Task<TwoFactorAuthenticator> LoginAsync(CookieOptionsParameters cookieOptions, User user, HttpContext context, string password, CancellationToken cancellation = default)
|
||||
public async Task<TwoFactorAuthenticator> LoginAsync(CookieOptionsParameters cookieOptions, User user, HttpContext context, string password, string username, CancellationToken cancellation = default)
|
||||
{
|
||||
var requestContext = new RequestContextInfo(context, cookieOptions);
|
||||
|
||||
await VerifyUserOrThrowError(requestContext, user, password, cancellation);
|
||||
await VerifyUserOrThrowError(requestContext, user, password, username, cancellation);
|
||||
|
||||
if (user.TwoFactorAuthenticator == TwoFactorAuthenticator.None)
|
||||
{
|
||||
|
||||
Reference in New Issue
Block a user