90 lines
3.2 KiB
C#
90 lines
3.2 KiB
C#
using Microsoft.AspNetCore.Authorization;
|
||
using Microsoft.AspNetCore.Identity;
|
||
using Microsoft.AspNetCore.Mvc;
|
||
using PlaylistShared.Api.Entities;
|
||
using PlaylistShared.Api.Extensions;
|
||
using PlaylistShared.Api.Services;
|
||
using PlaylistShared.Shared;
|
||
using PlaylistShared.Shared.Profile;
|
||
using PlaylistShared.Shared.Yandex;
|
||
|
||
namespace PlaylistShared.Api.Controllers;
|
||
|
||
[ApiController]
|
||
[Route("api/[controller]")]
|
||
[Authorize]
|
||
public class YandexAccountController : ControllerBase
|
||
{
|
||
private readonly UserManager<ApplicationUser> _userManager;
|
||
private readonly YandexAuthService _yandexService;
|
||
|
||
public YandexAccountController(UserManager<ApplicationUser> userManager, YandexAuthService yandexService)
|
||
{
|
||
_userManager = userManager;
|
||
_yandexService = yandexService;
|
||
}
|
||
|
||
[HttpPost("token")]
|
||
public async Task<ActionResult<ApiResponse<object>>> SetToken([FromBody] SetYandexTokenRequest request)
|
||
{
|
||
var userId = User.GetUserId();
|
||
var user = await _userManager.FindByIdAsync(userId.ToString());
|
||
if (user == null) return Unauthorized();
|
||
|
||
user.YandexAccessToken = _yandexService.Service.EncryptToken(request.Token);
|
||
// Не храним refresh-токен, так как пользователь вводит только access-токен
|
||
user.YandexTokenExpiryUtc = DateTime.UtcNow.AddMonths(1); // условно, т.к. срок жизни токена неизвестен
|
||
await _userManager.UpdateAsync(user);
|
||
|
||
return Ok(ApiResponse<object>.Ok(new { message = "Токен сохранён" }));
|
||
}
|
||
|
||
[HttpGet("status")]
|
||
public async Task<ActionResult<ApiResponse<YandexTokenStatus>>> GetStatus()
|
||
{
|
||
var userId = User.GetUserId();
|
||
var user = await _userManager.FindByIdAsync(userId.ToString());
|
||
if (user == null) return Unauthorized();
|
||
|
||
var hasToken = !string.IsNullOrEmpty(user.YandexAccessToken);
|
||
var isValid = hasToken && user.YandexTokenExpiryUtc > DateTime.UtcNow;
|
||
|
||
return Ok(ApiResponse<YandexTokenStatus>.Ok(new YandexTokenStatus
|
||
{
|
||
HasToken = hasToken,
|
||
IsValid = isValid,
|
||
ExpiryUtc = user.YandexTokenExpiryUtc
|
||
}));
|
||
}
|
||
|
||
[HttpGet("qr")]
|
||
public async Task<ActionResult<ApiResponse<YandexAuthQr>>> GetQr()
|
||
{
|
||
var userId = User.GetUserId();
|
||
var user = await _userManager.FindByIdAsync(userId.ToString());
|
||
if (user == null) return Unauthorized();
|
||
|
||
var qr = await _yandexService.GetQrOrGenerate(user);
|
||
|
||
return Ok(ApiResponse<YandexAuthQr>.Ok(qr));
|
||
}
|
||
|
||
[HttpGet("qr/{sessionId}")]
|
||
public async Task<IActionResult> CheckQr(int sessionId)
|
||
{
|
||
var userId = User.GetUserId();
|
||
var user = await _userManager.FindByIdAsync(userId.ToString());
|
||
if (user == null) return Unauthorized();
|
||
|
||
var checkResult = await _yandexService.CheckQrAsync(sessionId);
|
||
if (checkResult == null) return NotFound();
|
||
|
||
if (checkResult.Status == Shared.Enums.YandexAuthQrStatus.Authorized)
|
||
{
|
||
await SetToken(new() { Token = _yandexService.Service.Client.AuthStorage.Token });
|
||
|
||
}
|
||
|
||
return Ok(ApiResponse<YandexAuthQrCheck>.Ok(checkResult));
|
||
}
|
||
} |