session

2025-05-14 23:53:00 +02:00 · 2025-05-14 23:53:00 +02:00 · 0dc41337da
commit 0dc41337da
parent baea64229b
36 changed files with 324 additions and 95 deletions
--- a/Femto.Modules.Auth/Application/Commands/Login/LoginCommand.cs
+++ b/Femto.Modules.Auth/Application/Commands/Login/LoginCommand.cs
@ -0,0 +1,6 @@
+using Femto.Common.Domain;
+using Femto.Modules.Auth.Application.Dto;
+
+namespace Femto.Modules.Auth.Application.Commands.Login;
+
+public record LoginCommand(string Username, string Password) : ICommand<LoginResult>;
--- a/Femto.Modules.Auth/Application/Commands/Login/LoginCommandHandler.cs
+++ b/Femto.Modules.Auth/Application/Commands/Login/LoginCommandHandler.cs
@ -0,0 +1,33 @@
+using Femto.Common.Domain;
+using Femto.Modules.Auth.Application.Dto;
+using Femto.Modules.Auth.Application.Services;
+using Femto.Modules.Auth.Data;
+using Femto.Modules.Auth.Models;
+using MediatR;
+using Microsoft.EntityFrameworkCore;
+
+namespace Femto.Modules.Auth.Application.Commands.Login;
+
+internal class LoginCommandHandler(AuthContext context, SessionGenerator sessionGenerator)
+    : ICommandHandler<LoginCommand, LoginResult>
+{
+    public async Task<LoginResult> Handle(LoginCommand request, CancellationToken cancellationToken)
+    {
+        var user = await context.Users.SingleOrDefaultAsync(
+            u => u.Username == request.Username,
+            cancellationToken
+        );
+
+        if (user is null)
+            throw new DomainException("invalid credentials");
+
+        if (!user.HasPassword(request.Password))
+            throw new DomainException("invalid credentials");
+        
+        var session = sessionGenerator.GenerateSession();
+
+        await context.AddAsync(session, cancellationToken);
+
+        return new(new Session(session.Id, session.Expires), user.Id, user.Username);
+    }
+}
--- a/Femto.Modules.Auth/Application/Commands/Register/RegisterCommand.cs
+++ b/Femto.Modules.Auth/Application/Commands/Register/RegisterCommand.cs
@ -0,0 +1,6 @@
+using Femto.Common.Domain;
+using Femto.Modules.Auth.Application.Dto;
+
+namespace Femto.Modules.Auth.Application.Commands.Register;
+
+public record RegisterCommand(string Username, string Password) : ICommand<RegisterResult>;
--- a/Femto.Modules.Auth/Application/Commands/Register/RegisterCommandHandler.cs
+++ b/Femto.Modules.Auth/Application/Commands/Register/RegisterCommandHandler.cs
@ -0,0 +1,23 @@
+using Femto.Common.Domain;
+using Femto.Modules.Auth.Application.Dto;
+using Femto.Modules.Auth.Application.Services;
+using Femto.Modules.Auth.Data;
+using Femto.Modules.Auth.Models;
+
+namespace Femto.Modules.Auth.Application.Commands.Register;
+
+internal class RegisterCommandHandler(AuthContext context, SessionGenerator sessionGenerator) : ICommandHandler<RegisterCommand, RegisterResult>
+{
+    public async Task<RegisterResult> Handle(RegisterCommand request, CancellationToken cancellationToken)
+    {
+        var user = new UserIdentity(request.Username);
+        
+        user.SetPassword(request.Password);
+
+        var session = user.StartNewSession();
+        
+        await context.AddAsync(user, cancellationToken);
+        
+        return new(new Session(session.Id, session.Expires), user.Id, user.Username);    
+    }
+}
--- a/Femto.Modules.Auth/Application/Commands/ValidateSession/ValidateSessionCommand.cs
+++ b/Femto.Modules.Auth/Application/Commands/ValidateSession/ValidateSessionCommand.cs
@ -0,0 +1,6 @@
+using Femto.Common.Domain;
+using Femto.Modules.Auth.Application.Dto;
+
+namespace Femto.Modules.Auth.Application.Commands.ValidateSession;
+
+public record ValidateSessionCommand(string SessionId) : ICommand<ValidateSessionResult>;
--- a/Femto.Modules.Auth/Application/Commands/ValidateSession/ValidateSessionCommandHandler.cs
+++ b/Femto.Modules.Auth/Application/Commands/ValidateSession/ValidateSessionCommandHandler.cs
@ -0,0 +1,34 @@
+using Femto.Common.Domain;
+using Femto.Modules.Auth.Application.Dto;
+using Femto.Modules.Auth.Data;
+using Microsoft.EntityFrameworkCore;
+
+namespace Femto.Modules.Auth.Application.Commands.ValidateSession;
+
+internal class ValidateSessionCommandHandler(AuthContext context)
+    : ICommandHandler<ValidateSessionCommand, ValidateSessionResult>
+{
+    public async Task<ValidateSessionResult> Handle(
+        ValidateSessionCommand request,
+        CancellationToken cancellationToken
+    )
+    {
+        var now = DateTimeOffset.UtcNow;
+
+        var user = await context.Users.SingleOrDefaultAsync(
+            u => u.Sessions.Any(s => s.Id == request.SessionId && s.Expires > now),
+            cancellationToken
+        );
+
+        if (user is null)
+            throw new DomainException("invalid session");
+
+        var session = user.StartNewSession();
+
+        return new ValidateSessionResult(
+            new Session(session.Id, session.Expires),
+            user.Id,
+            user.Username
+        );
+    }
+}