using System; using System.Security.Cryptography; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Mirea.Api.Endpoint.Common.Attributes; using Mirea.Api.Endpoint.Common.Exceptions; using Mirea.Api.Endpoint.Common.Interfaces; using Mirea.Api.Endpoint.Configuration.General; namespace Mirea.Api.Endpoint.Controllers.Configuration; [ApiVersion("1.0")] [ApiController] [MaintenanceModeIgnore] public class SetupController(ISetupToken setupToken, IMaintenanceModeNotConfigureService notConfigureService) : BaseController { [HttpGet("GenerateToken")] [Localhost] public ActionResult GenerateToken() { if (!notConfigureService.IsMaintenanceMode) throw new ControllerArgumentException( "The token cannot be generated because the server has been configured. " + $"If you need to restart the configuration, then delete the \"{PathBuilder.Combine(GeneralConfig.FilePath)}\" file and restart the application."); var token = new byte[32]; RandomNumberGenerator.Create().GetBytes(token); setupToken.SetToken(token); return Ok(Convert.ToBase64String(token)); } [HttpGet("CheckToken")] public ActionResult CheckToken([FromQuery] string token) { if (!setupToken.MatchToken(Convert.FromBase64String(token))) return Unauthorized("The token is not valid"); Response.Cookies.Append("AuthToken", token, new CookieOptions { HttpOnly = false, Secure = false, Path = "/" }); return Ok(true); } }