Add Authentication on frontend

2025-04-20 23:23:00 +02:00
parent 772c0fda66
commit 4fd5f71724
14 changed files with 226 additions and 49 deletions
--- a/src/GameIdeas/Server/GameIdeas.WebAPI/Controllers/UserController.cs
+++ b/src/GameIdeas/Server/GameIdeas.WebAPI/Controllers/UserController.cs
@@ -1,54 +1,37 @@
-using GameIdeas.Resources;
-using GameIdeas.Shared.Constants;
-using GameIdeas.Shared.Dto;
-using GameIdeas.Shared.Model;
-using Microsoft.AspNetCore.Identity;
+using GameIdeas.Shared.Dto;
+using GameIdeas.WebAPI.Exceptions;
+using GameIdeas.WebAPI.Services.Users;
 using Microsoft.AspNetCore.Mvc;
-using Microsoft.IdentityModel.Tokens;
-using System.IdentityModel.Tokens.Jwt;
-using System.Security.Claims;
-using System.Text;

 namespace GameIdeas.WebAPI.Controllers;

-public class UserController(UserManager<User> userManager) : Controller
+public class UserController(
+    IUserService userService,
+    ILoggerFactory loggerFactory) : Controller
 {
+    private readonly ILogger<UserController> logger = loggerFactory.CreateLogger<UserController>();
+
    [HttpPost("login")]
    public async Task<ActionResult<TokenDto>> Login([FromBody] UserDto model)
    {
-        if (model.Username == null || model.Password == null)
-            throw new ArgumentNullException(paramName: nameof(model), ResourcesKey.UserArgumentsNull);
-
-        var user = await userManager.FindByNameAsync(model.Username);
-
-        if (user != null && await userManager.CheckPasswordAsync(user, model.Password))
-        {
-            List<Claim> authClaims =
-            [
-                new Claim(ClaimTypes.Name, user.UserName ?? string.Empty),
-                new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
-            ];
-
-            var jwtKey = Environment.GetEnvironmentVariable("JWT_KEY")
-                ?? throw new ArgumentNullException(message: ResourcesKey.InvalidToken, null);
-
-            var authSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtKey));
-
-            var token = new JwtSecurityToken(
-                issuer: Environment.GetEnvironmentVariable("JWT_ISSUER"),
-                audience: Environment.GetEnvironmentVariable("JWT_AUDIENCE"),
-                expires: DateTime.Now.AddHours(GlobalConstants.JWT_DURATION_HOUR),
-                claims: authClaims,
-                signingCredentials: new SigningCredentials(authSigningKey, SecurityAlgorithms.HmacSha256)
-            );
-
-            return Ok(new TokenDto
-            {
-                Token = new JwtSecurityTokenHandler().WriteToken(token),
-                Expiration = token.ValidTo
-            });
+		try
+		{
+            return Ok(await userService.Login(model));
+		}
+		catch (UserInvalidException e)
+		{
+            logger.LogInformation(e, "Missing informations for authentication");
+            return StatusCode(406, e.Message);
+        }
+		catch (UserUnauthorizedException e)
+        {
+            logger.LogWarning(e, "Authentication invalid with there informations");
+            return Unauthorized(e.Message);
+        }
+        catch (Exception e)
+		{
+            logger.LogError(e, "Internal error while search games");
+            return StatusCode(500, e.Message);
        }
-
-        return Unauthorized();
    }
 }