refactor

2025-06-16 21:11:40 +02:00 · 2025-06-16 21:11:40 +02:00 · 84457413b2
commit 84457413b2
parent e282e2ece3
20 changed files with 224 additions and 246 deletions
--- a/Femto.Modules.Auth/Application/Services/AuthService.cs
+++ b/Femto.Modules.Auth/Application/Services/AuthService.cs
@ -1,4 +1,6 @@
+using Dapper;
 using Femto.Common.Domain;
+using Femto.Common.Infrastructure.DbConnection;
 using Femto.Modules.Auth.Application.Dto;
 using Femto.Modules.Auth.Data;
 using Femto.Modules.Auth.Infrastructure;
@ -7,9 +9,13 @@ using Microsoft.EntityFrameworkCore;

 namespace Femto.Modules.Auth.Application.Services;

-internal class AuthService(AuthContext context, SessionStorage storage) : IAuthService
+internal class AuthService(
+    AuthContext context,
+    SessionStorage storage,
+    IDbConnectionFactory connectionFactory
+) : IAuthService
 {
-    public async Task<UserInfo?> GetUserWithCredentials(
+    public async Task<UserAndSession?> GetUserWithCredentials(
        string username,
        string password,
        CancellationToken cancellationToken = default
@ -18,14 +24,21 @@ internal class AuthService(AuthContext context, SessionStorage storage) : IAuthS
        var user = await context
            .Users.Where(u => u.Username == username)
            .SingleOrDefaultAsync(cancellationToken);
-        
+
        if (user is null)
            return null;

        if (!user.HasPassword(password))
            return null;
-        
-        return new UserInfo(user.Id, user.Username, user.Roles.Select(r => r.Role).ToList());
+
+        var session = new Session(user.Id, true);
+
+        await storage.AddSession(session);
+
+        return new(
+            new UserInfo(user.Id, user.Username, user.Roles.Select(r => r.Role).ToList()),
+            session
+        );
    }

    public Task<UserInfo?> GetUserWithId(Guid? userId, CancellationToken cancellationToken)
@ -64,6 +77,97 @@ internal class AuthService(AuthContext context, SessionStorage storage) : IAuthS
        await storage.DeleteSession(sessionId);
    }

+    public async Task<UserAndSession> CreateUserWithCredentials(
+        string username,
+        string password,
+        string signupCode,
+        CancellationToken cancellationToken = default
+    )
+    {
+        var now = DateTimeOffset.UtcNow;
+
+        var code = await context
+            .SignupCodes.Where(c => c.Code == signupCode)
+            .Where(c => c.ExpiresAt == null || c.ExpiresAt > now)
+            .Where(c => c.RedeemingUserId == null)
+            .SingleOrDefaultAsync(cancellationToken);
+
+        if (code is null)
+            throw new DomainError("invalid signup code");
+
+        var usernameTaken = await context.Users.AnyAsync(
+            u => u.Username == username,
+            cancellationToken
+        );
+
+        if (usernameTaken)
+            throw new DomainError("username taken");
+
+        var user = new UserIdentity(username);
+
+        await context.AddAsync(user, cancellationToken);
+
+        user.SetPassword(password);
+
+        code.Redeem(user.Id);
+
+        var session = new Session(user.Id, true);
+
+        await storage.AddSession(session);
+
+        await context.SaveChangesAsync(cancellationToken);
+
+        return new(new UserInfo(user), session);
+    }
+
+    public async Task AddSignupCode(
+        string code,
+        string recipientName,
+        CancellationToken cancellationToken
+    )
+    {
+        await context.SignupCodes.AddAsync(
+            new SignupCode("", recipientName, code),
+            cancellationToken
+        );
+
+        await context.SaveChangesAsync(cancellationToken);
+    }
+
+    public async Task<ICollection<SignupCodeDto>> GetSignupCodes(
+        CancellationToken cancellationToken = default
+    )
+    {
+        using var conn = connectionFactory.GetConnection();
+
+        // lang=sql
+        const string sql = """
+            SELECT 
+                sc.code as Code,
+                sc.recipient_email as Email,
+                sc.recipient_name as Name,
+                sc.redeeming_user_id as RedeemedByUserId,
+                u.username as RedeemedByUsername,
+                sc.expires_at as ExpiresOn
+            FROM authn.signup_code sc
+            LEFT JOIN authn.user_identity u ON u.id = sc.redeeming_user_id
+            ORDER BY sc.created_at DESC
+            """;
+
+        var result = await conn.QueryAsync<GetSignupCodesQueryResultRow>(sql, cancellationToken);
+
+        return result
+            .Select(row => new SignupCodeDto(
+                row.Code,
+                row.Email,
+                row.Name,
+                row.RedeemedByUserId,
+                row.RedeemedByUsername,
+                row.ExpiresOn
+            ))
+            .ToList();
+    }
+
    public async Task<LongTermSession> CreateLongTermSession(Guid userId, bool isStrong)
    {
        throw new NotImplementedException();
@ -83,4 +187,14 @@ internal class AuthService(AuthContext context, SessionStorage storage) : IAuthS
    {
        throw new NotImplementedException();
    }
+
+    private class GetSignupCodesQueryResultRow
+    {
+        public string Code { get; set; }
+        public string Email { get; set; }
+        public string Name { get; set; }
+        public Guid? RedeemedByUserId { get; set; }
+        public string? RedeemedByUsername { get; set; }
+        public DateTimeOffset? ExpiresOn { get; set; }
+    }
 }