add create signup code
This commit is contained in:
parent
161dcf7cab
commit
fbc6f562e3
9 changed files with 105 additions and 2 deletions
|
|
@ -28,7 +28,7 @@ public class AuthController(IAuthModule authModule, IOptions<CookieSettings> coo
|
||||||
public async Task<ActionResult<RegisterResponse>> Register([FromBody] RegisterRequest request)
|
public async Task<ActionResult<RegisterResponse>> Register([FromBody] RegisterRequest request)
|
||||||
{
|
{
|
||||||
var result = await authModule.PostCommand(
|
var result = await authModule.PostCommand(
|
||||||
new RegisterCommand(request.Username, request.Password)
|
new RegisterCommand(request.Username, request.Password, request.SignupCode)
|
||||||
);
|
);
|
||||||
|
|
||||||
HttpContext.SetSession(result.Session, cookieSettings.Value);
|
HttpContext.SetSession(result.Session, cookieSettings.Value);
|
||||||
|
|
|
||||||
14
Femto.Database/Migrations/20250518163039_InitSignupCode.sql
Normal file
14
Femto.Database/Migrations/20250518163039_InitSignupCode.sql
Normal file
|
|
@ -0,0 +1,14 @@
|
||||||
|
-- Migration: InitSignupCode
|
||||||
|
-- Created at: 18/05/2025 16:30:39
|
||||||
|
|
||||||
|
CREATE TABLE authn.signup_code
|
||||||
|
(
|
||||||
|
code varchar(32) PRIMARY KEY,
|
||||||
|
recipient_email TEXT NOT NULL,
|
||||||
|
recipient_name TEXT NOT NULL,
|
||||||
|
created_at TIMESTAMPTZ NOT NULL DEFAULT now(),
|
||||||
|
expires_at TIMESTAMPTZ,
|
||||||
|
-- we don't make this a foreign key as we don't really need it for lookups,
|
||||||
|
-- and should the redeeming user delete be deleted, it's better that we keep the ID here
|
||||||
|
redeeming_user_id UUID
|
||||||
|
);
|
||||||
|
|
@ -0,0 +1,5 @@
|
||||||
|
using Femto.Common.Domain;
|
||||||
|
|
||||||
|
namespace Femto.Modules.Auth.Application.Commands.CreateSignupCode;
|
||||||
|
|
||||||
|
public record CreateSignupCodeCommand(string Code, string RecipientEmail, string RecipientName): ICommand;
|
||||||
|
|
@ -0,0 +1,15 @@
|
||||||
|
using Femto.Common.Domain;
|
||||||
|
using Femto.Modules.Auth.Data;
|
||||||
|
using Femto.Modules.Auth.Models;
|
||||||
|
|
||||||
|
namespace Femto.Modules.Auth.Application.Commands.CreateSignupCode;
|
||||||
|
|
||||||
|
internal class CreateSignupCodeCommandHandler(AuthContext context) : ICommandHandler<CreateSignupCodeCommand>
|
||||||
|
{
|
||||||
|
public async Task Handle(CreateSignupCodeCommand command, CancellationToken cancellationToken)
|
||||||
|
{
|
||||||
|
var code = new SignupCode(command.RecipientEmail, command.RecipientName, command.Code);
|
||||||
|
|
||||||
|
await context.SignupCodes.AddAsync(code, cancellationToken);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
@ -3,4 +3,4 @@ using Femto.Modules.Auth.Application.Dto;
|
||||||
|
|
||||||
namespace Femto.Modules.Auth.Application.Commands.Register;
|
namespace Femto.Modules.Auth.Application.Commands.Register;
|
||||||
|
|
||||||
public record RegisterCommand(string Username, string Password) : ICommand<RegisterResult>;
|
public record RegisterCommand(string Username, string Password, string SignupCode) : ICommand<RegisterResult>;
|
||||||
|
|
@ -2,6 +2,7 @@ using Femto.Common.Domain;
|
||||||
using Femto.Modules.Auth.Application.Dto;
|
using Femto.Modules.Auth.Application.Dto;
|
||||||
using Femto.Modules.Auth.Data;
|
using Femto.Modules.Auth.Data;
|
||||||
using Femto.Modules.Auth.Models;
|
using Femto.Modules.Auth.Models;
|
||||||
|
using Microsoft.EntityFrameworkCore;
|
||||||
|
|
||||||
namespace Femto.Modules.Auth.Application.Commands.Register;
|
namespace Femto.Modules.Auth.Application.Commands.Register;
|
||||||
|
|
||||||
|
|
@ -9,6 +10,16 @@ internal class RegisterCommandHandler(AuthContext context) : ICommandHandler<Reg
|
||||||
{
|
{
|
||||||
public async Task<RegisterResult> Handle(RegisterCommand request, CancellationToken cancellationToken)
|
public async Task<RegisterResult> Handle(RegisterCommand request, CancellationToken cancellationToken)
|
||||||
{
|
{
|
||||||
|
var now = DateTimeOffset.UtcNow;
|
||||||
|
var code = await context.SignupCodes
|
||||||
|
.Where(c => c.Code == request.SignupCode)
|
||||||
|
.Where(c => c.ExpiresAt == null || c.ExpiresAt > now)
|
||||||
|
.Where(c => c.RedeemingUserId == null)
|
||||||
|
.SingleOrDefaultAsync(cancellationToken);
|
||||||
|
|
||||||
|
if (code is null)
|
||||||
|
throw new DomainError("invalid signup code");
|
||||||
|
|
||||||
var user = new UserIdentity(request.Username);
|
var user = new UserIdentity(request.Username);
|
||||||
|
|
||||||
user.SetPassword(request.Password);
|
user.SetPassword(request.Password);
|
||||||
|
|
@ -17,6 +28,8 @@ internal class RegisterCommandHandler(AuthContext context) : ICommandHandler<Reg
|
||||||
|
|
||||||
await context.AddAsync(user, cancellationToken);
|
await context.AddAsync(user, cancellationToken);
|
||||||
|
|
||||||
|
code.Redeem(user.Id);
|
||||||
|
|
||||||
return new(new Session(session.Id, session.Expires), user.Id, user.Username);
|
return new(new Session(session.Id, session.Expires), user.Id, user.Username);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -7,6 +7,7 @@ namespace Femto.Modules.Auth.Data;
|
||||||
internal class AuthContext(DbContextOptions<AuthContext> options) : DbContext(options), IOutboxContext
|
internal class AuthContext(DbContextOptions<AuthContext> options) : DbContext(options), IOutboxContext
|
||||||
{
|
{
|
||||||
public virtual DbSet<UserIdentity> Users { get; set; }
|
public virtual DbSet<UserIdentity> Users { get; set; }
|
||||||
|
public virtual DbSet<SignupCode> SignupCodes { get; set; }
|
||||||
public virtual DbSet<OutboxEntry> Outbox { get; set; }
|
public virtual DbSet<OutboxEntry> Outbox { get; set; }
|
||||||
|
|
||||||
protected override void OnModelCreating(ModelBuilder builder)
|
protected override void OnModelCreating(ModelBuilder builder)
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,14 @@
|
||||||
|
using Femto.Modules.Auth.Models;
|
||||||
|
using Microsoft.EntityFrameworkCore;
|
||||||
|
using Microsoft.EntityFrameworkCore.Metadata.Builders;
|
||||||
|
|
||||||
|
namespace Femto.Modules.Auth.Data.Configurations;
|
||||||
|
|
||||||
|
internal class SignupCodeConfiguration : IEntityTypeConfiguration<SignupCode>
|
||||||
|
{
|
||||||
|
public void Configure(EntityTypeBuilder<SignupCode> builder)
|
||||||
|
{
|
||||||
|
builder.ToTable("signup_code");
|
||||||
|
builder.HasKey(t => t.Code);
|
||||||
|
}
|
||||||
|
}
|
||||||
41
Femto.Modules.Auth/Models/SignupCode.cs
Normal file
41
Femto.Modules.Auth/Models/SignupCode.cs
Normal file
|
|
@ -0,0 +1,41 @@
|
||||||
|
using Femto.Common.Domain;
|
||||||
|
|
||||||
|
namespace Femto.Modules.Auth.Models;
|
||||||
|
|
||||||
|
public class SignupCode
|
||||||
|
{
|
||||||
|
private static readonly TimeSpan ExpiryTime = TimeSpan.FromDays(14);
|
||||||
|
public string Code { get; private set; }
|
||||||
|
|
||||||
|
/// <summary>
|
||||||
|
/// The email of the intended recipient
|
||||||
|
/// </summary>
|
||||||
|
public string RecipientEmail { get; private set; }
|
||||||
|
|
||||||
|
/// <summary>
|
||||||
|
/// The name of the intended recipient
|
||||||
|
/// </summary>
|
||||||
|
public string RecipientName { get; private set; }
|
||||||
|
public DateTimeOffset CreatedAt { get; private set; }
|
||||||
|
public DateTimeOffset? ExpiresAt { get; private set; }
|
||||||
|
public Guid? RedeemingUserId { get; private set; }
|
||||||
|
|
||||||
|
private SignupCode() { }
|
||||||
|
|
||||||
|
public SignupCode(string recipientEmail, string recipientName, string code)
|
||||||
|
{
|
||||||
|
this.Code = code;
|
||||||
|
this.RecipientEmail = recipientEmail;
|
||||||
|
this.RecipientName = recipientName;
|
||||||
|
this.CreatedAt = DateTimeOffset.UtcNow;
|
||||||
|
this.ExpiresAt = this.CreatedAt + ExpiryTime;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void Redeem(Guid userGuid)
|
||||||
|
{
|
||||||
|
if (this.RedeemingUserId is not null)
|
||||||
|
throw new DomainError("invalid signup code");
|
||||||
|
|
||||||
|
this.RedeemingUserId = userGuid;
|
||||||
|
}
|
||||||
|
}
|
||||||
Loading…
Add table
Add a link
Reference in a new issue