From 6fb5a83183ae58bc731e3da8c6dda823ac6e2f87 Mon Sep 17 00:00:00 2001
From: Polianin Nikita <nikitkapolyanin@yandex.ru>
Date: Sat, 1 Jun 2024 08:18:27 +0300
Subject: [PATCH 1/3] feat: add model to endpoint

---
 Endpoint/Common/Model/Admin.cs | 10 ++++++++++
 1 file changed, 10 insertions(+)
 create mode 100644 Endpoint/Common/Model/Admin.cs

diff --git a/Endpoint/Common/Model/Admin.cs b/Endpoint/Common/Model/Admin.cs
new file mode 100644
index 0000000..59e4b60
--- /dev/null
+++ b/Endpoint/Common/Model/Admin.cs
@@ -0,0 +1,10 @@
+namespace Mirea.Api.Endpoint.Common.Model;
+
+public class Admin
+{
+    public const string PathToSave = "admin.json";
+    public required string Username { get; set; }
+    public required string Email { get; set; }
+    public required string PasswordHash { get; set; }
+    public required string Salt { get; set; }
+}
\ No newline at end of file
-- 
2.34.1


From bba943173354d3aeba0f2dece4c3524ec730a015 Mon Sep 17 00:00:00 2001
From: Polianin Nikita <nikitkapolyanin@yandex.ru>
Date: Sat, 1 Jun 2024 08:19:26 +0300
Subject: [PATCH 2/3] feat: add data checks

---
 Endpoint/Controllers/Configuration/SetupController.cs | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/Endpoint/Controllers/Configuration/SetupController.cs b/Endpoint/Controllers/Configuration/SetupController.cs
index 1c9d275..adc1695 100644
--- a/Endpoint/Controllers/Configuration/SetupController.cs
+++ b/Endpoint/Controllers/Configuration/SetupController.cs
@@ -8,19 +8,23 @@ using Mirea.Api.Dto.Requests.Configuration;
 using Mirea.Api.Endpoint.Common.Attributes;
 using Mirea.Api.Endpoint.Common.Exceptions;
 using Mirea.Api.Endpoint.Common.Interfaces;
+using Mirea.Api.Endpoint.Common.Model;
 using Mirea.Api.Endpoint.Common.Services;
 using Mirea.Api.Endpoint.Configuration.General;
 using Mirea.Api.Endpoint.Configuration.General.Settings;
 using Mirea.Api.Endpoint.Configuration.General.Validators;
+using Mirea.Api.Security.Services;
 using MySqlConnector;
 using Npgsql;
 using StackExchange.Redis;
 using System;
 using System.Data;
 using System.IO;
+using System.Net.Mail;
 using System.Runtime.InteropServices;
 using System.Security.Cryptography;
 using System.Text.Json;
+using System.Text.RegularExpressions;
 
 namespace Mirea.Api.Endpoint.Controllers.Configuration;
 
@@ -199,8 +203,11 @@ public class SetupController(ISetupToken setupToken, IMaintenanceModeNotConfigur
     [BadRequestResponse]
     public ActionResult<string> CreateAdmin([FromBody] CreateUserRequest user)
     {
-        // todo: change CreateUserRequest to Domain entity
-        cache.Set(CacheAdminKey, user);
+        if (user.Password.Length < 8 || !Regex.IsMatch(user.Password, "[A-Z]+") || !Regex.IsMatch(user.Password, "[!@#$%^&*]+"))
+            throw new ControllerArgumentException("The password must be at least 8 characters long and contain at least one uppercase letter and one special character.");
+
+        if (!MailAddress.TryCreate(user.Email, out _))
+            throw new ControllerArgumentException("The email address is incorrect.");
         return Ok(true);
     }
 
-- 
2.34.1


From 2addd2aa786fbcfb582d74376701085f58deaaee Mon Sep 17 00:00:00 2001
From: Polianin Nikita <nikitkapolyanin@yandex.ru>
Date: Sat, 1 Jun 2024 08:20:27 +0300
Subject: [PATCH 3/3] feat: use Admin model

---
 .../Configuration/SetupController.cs          | 23 +++++++++++++++----
 1 file changed, 19 insertions(+), 4 deletions(-)

diff --git a/Endpoint/Controllers/Configuration/SetupController.cs b/Endpoint/Controllers/Configuration/SetupController.cs
index adc1695..9bda318 100644
--- a/Endpoint/Controllers/Configuration/SetupController.cs
+++ b/Endpoint/Controllers/Configuration/SetupController.cs
@@ -32,7 +32,11 @@ namespace Mirea.Api.Endpoint.Controllers.Configuration;
 [ApiController]
 [MaintenanceModeIgnore]
 [ApiExplorerSettings(IgnoreApi = true)]
-public class SetupController(ISetupToken setupToken, IMaintenanceModeNotConfigureService notConfigureService, IMemoryCache cache) : BaseController
+public class SetupController(
+    ISetupToken setupToken,
+    IMaintenanceModeNotConfigureService notConfigureService,
+    IMemoryCache cache,
+    PasswordHashService passwordHashService) : BaseController
 {
     private const string CacheGeneralKey = "config_general";
     private const string CacheAdminKey = "config_admin";
@@ -208,6 +212,18 @@ public class SetupController(ISetupToken setupToken, IMaintenanceModeNotConfigur
 
         if (!MailAddress.TryCreate(user.Email, out _))
             throw new ControllerArgumentException("The email address is incorrect.");
+
+        var (salt, hash) = passwordHashService.HashPassword(user.Password);
+
+        var admin = new Admin
+        {
+            Username = user.Username,
+            Email = user.Email,
+            PasswordHash = hash,
+            Salt = salt
+        };
+
+        cache.Set(CacheAdminKey, admin);
         return Ok(true);
     }
 
@@ -297,14 +313,13 @@ public class SetupController(ISetupToken setupToken, IMaintenanceModeNotConfigur
         if (!new SettingsRequiredValidator(GeneralConfig).AreSettingsValid())
             throw new ControllerArgumentException("The necessary data has not been configured.");
 
-        // todo: change CreateUserRequest to Domain entity
-        if (!cache.TryGetValue(CacheAdminKey, out CreateUserRequest? user) || user == null)
+        if (!cache.TryGetValue(CacheAdminKey, out Admin? admin) || admin == null)
             throw new ControllerArgumentException("The administrator's data was not set.");
 
         if (System.IO.File.Exists(PathBuilder.Combine(GeneralConfig.FilePath)))
             System.IO.File.Delete(PathBuilder.Combine(GeneralConfig.FilePath));
 
-        System.IO.File.WriteAllText(PathBuilder.Combine("admin.json"), JsonSerializer.Serialize(user));
+        System.IO.File.WriteAllText(PathBuilder.Combine(Admin.PathToSave), JsonSerializer.Serialize(admin));
 
         System.IO.File.WriteAllText(
             PathBuilder.Combine(GeneralConfig.FilePath),
-- 
2.34.1