add create signup code

2025-05-18 19:11:43 +02:00 · 2025-05-18 19:11:43 +02:00 · fbc6f562e3
commit fbc6f562e3
parent 161dcf7cab
9 changed files with 105 additions and 2 deletions
--- a/Femto.Modules.Auth/Application/Commands/CreateSignupCode/CreateSignupCodeCommand.cs
+++ b/Femto.Modules.Auth/Application/Commands/CreateSignupCode/CreateSignupCodeCommand.cs
@ -0,0 +1,5 @@
+using Femto.Common.Domain;
+
+namespace Femto.Modules.Auth.Application.Commands.CreateSignupCode;
+
+public record CreateSignupCodeCommand(string Code, string RecipientEmail, string RecipientName): ICommand;
--- a/Femto.Modules.Auth/Application/Commands/CreateSignupCode/CreateSignupCodeCommandHandler.cs
+++ b/Femto.Modules.Auth/Application/Commands/CreateSignupCode/CreateSignupCodeCommandHandler.cs
@ -0,0 +1,15 @@
+using Femto.Common.Domain;
+using Femto.Modules.Auth.Data;
+using Femto.Modules.Auth.Models;
+
+namespace Femto.Modules.Auth.Application.Commands.CreateSignupCode;
+
+internal class CreateSignupCodeCommandHandler(AuthContext context) : ICommandHandler<CreateSignupCodeCommand>
+{
+    public async Task Handle(CreateSignupCodeCommand command, CancellationToken cancellationToken)
+    {
+        var code = new SignupCode(command.RecipientEmail, command.RecipientName, command.Code);
+        
+        await context.SignupCodes.AddAsync(code, cancellationToken);
+    }
+}
--- a/Femto.Modules.Auth/Application/Commands/Register/RegisterCommand.cs
+++ b/Femto.Modules.Auth/Application/Commands/Register/RegisterCommand.cs
@ -3,4 +3,4 @@ using Femto.Modules.Auth.Application.Dto;

 namespace Femto.Modules.Auth.Application.Commands.Register;

-public record RegisterCommand(string Username, string Password) : ICommand<RegisterResult>;
+public record RegisterCommand(string Username, string Password, string SignupCode) : ICommand<RegisterResult>;
--- a/Femto.Modules.Auth/Application/Commands/Register/RegisterCommandHandler.cs
+++ b/Femto.Modules.Auth/Application/Commands/Register/RegisterCommandHandler.cs
@ -2,6 +2,7 @@ using Femto.Common.Domain;
 using Femto.Modules.Auth.Application.Dto;
 using Femto.Modules.Auth.Data;
 using Femto.Modules.Auth.Models;
+using Microsoft.EntityFrameworkCore;

 namespace Femto.Modules.Auth.Application.Commands.Register;

@ -9,6 +10,16 @@ internal class RegisterCommandHandler(AuthContext context) : ICommandHandler<Reg
 {
    public async Task<RegisterResult> Handle(RegisterCommand request, CancellationToken cancellationToken)
    {
+        var now = DateTimeOffset.UtcNow;
+        var code = await context.SignupCodes
+            .Where(c => c.Code == request.SignupCode)
+            .Where(c => c.ExpiresAt == null || c.ExpiresAt > now)
+            .Where(c => c.RedeemingUserId == null)
+            .SingleOrDefaultAsync(cancellationToken);
+
+        if (code is null)
+            throw new DomainError("invalid signup code");
+        
        var user = new UserIdentity(request.Username);
        
        user.SetPassword(request.Password);
@ -17,6 +28,8 @@ internal class RegisterCommandHandler(AuthContext context) : ICommandHandler<Reg
        
        await context.AddAsync(user, cancellationToken);
        
+        code.Redeem(user.Id);
+        
        return new(new Session(session.Id, session.Expires), user.Id, user.Username);    
    }
 }
--- a/Femto.Modules.Auth/Data/AuthContext.cs
+++ b/Femto.Modules.Auth/Data/AuthContext.cs
@ -7,6 +7,7 @@ namespace Femto.Modules.Auth.Data;
 internal class AuthContext(DbContextOptions<AuthContext> options) : DbContext(options), IOutboxContext
 {
    public virtual DbSet<UserIdentity> Users { get; set; }
+    public virtual DbSet<SignupCode> SignupCodes { get; set; }
    public virtual DbSet<OutboxEntry> Outbox { get; set; }

    protected override void OnModelCreating(ModelBuilder builder)
--- a/Femto.Modules.Auth/Data/Configurations/SignupCodeConfiguration.cs
+++ b/Femto.Modules.Auth/Data/Configurations/SignupCodeConfiguration.cs
@ -0,0 +1,14 @@
+using Femto.Modules.Auth.Models;
+using Microsoft.EntityFrameworkCore;
+using Microsoft.EntityFrameworkCore.Metadata.Builders;
+
+namespace Femto.Modules.Auth.Data.Configurations;
+
+internal class SignupCodeConfiguration : IEntityTypeConfiguration<SignupCode>
+{
+    public void Configure(EntityTypeBuilder<SignupCode> builder)
+    {
+        builder.ToTable("signup_code");
+        builder.HasKey(t => t.Code);
+    }
+}
--- a/Femto.Modules.Auth/Models/SignupCode.cs
+++ b/Femto.Modules.Auth/Models/SignupCode.cs
@ -0,0 +1,41 @@
+using Femto.Common.Domain;
+
+namespace Femto.Modules.Auth.Models;
+
+public class SignupCode
+{
+    private static readonly TimeSpan ExpiryTime = TimeSpan.FromDays(14);
+    public string Code { get; private set; }
+    
+    /// <summary>
+    /// The email of the intended recipient
+    /// </summary>
+    public string RecipientEmail { get; private set; }
+    
+    /// <summary>
+    /// The name of the intended recipient
+    /// </summary>
+    public string RecipientName { get; private set; }
+    public DateTimeOffset CreatedAt { get; private set; }
+    public DateTimeOffset? ExpiresAt { get; private set; }
+    public Guid? RedeemingUserId { get; private set; }
+
+    private SignupCode() { }
+    
+    public SignupCode(string recipientEmail, string recipientName, string code)
+    {
+        this.Code = code;
+        this.RecipientEmail = recipientEmail;
+        this.RecipientName = recipientName;
+        this.CreatedAt = DateTimeOffset.UtcNow;
+        this.ExpiresAt = this.CreatedAt + ExpiryTime;
+    }
+
+    public void Redeem(Guid userGuid)
+    {
+        if (this.RedeemingUserId is not null) 
+            throw new DomainError("invalid signup code");
+        
+        this.RedeemingUserId = userGuid;
+    }
+}