endpoints added
This commit is contained in:
parent
22c0b1f153
commit
f8144dd254
115
APIHandler.cs
115
APIHandler.cs
@ -8,6 +8,22 @@ public static partial class APIHandler
|
||||
public static void Handle(IApplicationBuilder App)
|
||||
{
|
||||
App
|
||||
//===========TEST ONLY============
|
||||
.Map("/hostcheck", host =>
|
||||
{
|
||||
host.Run(async runner =>
|
||||
{
|
||||
await runner.WriteJsonResponse(200, $"{runner.Request.Host} : {HttpOnly.Domain}");
|
||||
});
|
||||
})
|
||||
.Map("/numbertest", test =>
|
||||
{
|
||||
test.Run(async runner =>
|
||||
{
|
||||
Dictionary<string, JsonElement> ELE = (await runner.TryGetBodyJsonAsync(["num"], CTS.Token))!;
|
||||
await runner.WriteJsonResponse(200, $"{ELE["num"].GetByte()}");
|
||||
});
|
||||
})
|
||||
//============MISC=================
|
||||
.Map("/updatecache", cache =>
|
||||
{
|
||||
@ -17,6 +33,7 @@ public static partial class APIHandler
|
||||
await runner.WriteJsonResponse(StatusCodes.Status200OK, "Cache Updated.");
|
||||
});
|
||||
})
|
||||
// -------ADD-/sse-later--------
|
||||
//===========UNITS=================
|
||||
.Map("/getunits", units =>
|
||||
{
|
||||
@ -161,10 +178,12 @@ public static partial class APIHandler
|
||||
CreateAgent.Parameters.AddWithValue("@misi", Mission);
|
||||
CreateAgent.Parameters.AddWithValue("@poto", PhotoURL.Equals(string.Empty) ? DBNull.Value : PhotoURL);
|
||||
_ = await CreateAgent.ExecuteNonQueryAsync();
|
||||
Agents.Add(NewAgent);
|
||||
}
|
||||
if (CreateUser)
|
||||
{
|
||||
string HashedPass = Convert.ToHexString(SHA256.HashData(Encoding.UTF8.GetBytes(PlainPass)));
|
||||
string HashedPass = Convert.ToHexString(SHA256.HashData(Encoding.UTF8.GetBytes(PlainPass))).ToLowerInvariant();
|
||||
User NewUser = new(UName, AgentID, HashedPass, Level, true);
|
||||
using (SqlCommand CreateUser = Conn.CreateCommand())
|
||||
{
|
||||
CreateUser.Transaction = Trans;
|
||||
@ -175,6 +194,7 @@ public static partial class APIHandler
|
||||
CreateUser.Parameters.AddWithValue("@levl", Level);
|
||||
_ = await CreateUser.ExecuteNonQueryAsync();
|
||||
}
|
||||
UserAccounts.TryAdd(UName, NewUser);
|
||||
}
|
||||
}, CTS.Token
|
||||
);
|
||||
@ -221,11 +241,102 @@ public static partial class APIHandler
|
||||
a["mission"] == DBNull.Value ? null : (string)a["mission"],
|
||||
a["photourl"] == DBNull.Value ? null : (string)a["photourl"]
|
||||
), CTS.Token))[0];
|
||||
int AgentIdx = Agents.FindIndex(a => a.AgentID == UpAgent.AgentID);
|
||||
Agents[AgentIdx] = Agents[AgentIdx] with
|
||||
{
|
||||
Name = UpAgent.Name,
|
||||
Jabatan = UpAgent.Jabatan,
|
||||
DeplID = UpAgent.DeplID,
|
||||
SKAngkat = UpAgent.SKAngkat,
|
||||
TMT = UpAgent.TMT,
|
||||
SKPerb = UpAgent.SKPerb,
|
||||
TMUbah = UpAgent.TMUbah,
|
||||
Vision = UpAgent.Vision,
|
||||
Mission = UpAgent.Mission,
|
||||
PhotoURL = UpAgent.PhotoURL
|
||||
};
|
||||
await runner.WriteJsonResponse(StatusCodes.Status202Accepted, "Data updated.", UpAgent);
|
||||
}
|
||||
});
|
||||
})
|
||||
|
||||
.Map("/passwd", passwd =>
|
||||
{
|
||||
passwd.Run(async runner =>
|
||||
{
|
||||
if
|
||||
(
|
||||
!await runner.RequestValidated(0, "POST", true) //has to pass this before trying to get bodyjsonasync.
|
||||
//Let it be for now, move the json check login into trygetjson for later projects.
|
||||
|| await runner.TryGetBodyJsonAsync(["username", "password"], CTS.Token) is not Dictionary<string, JsonElement> InElement
|
||||
|| !(await runner.RequestValidated(InElement["username"].GetString() ?? string.Empty, "POST") || await runner.RequestValidated(0, "POST"))
|
||||
) return;
|
||||
if (InElement["password"].GetString() is not string PlainPass || PlainPass.Equals(string.Empty) || InElement["username"].GetString() is not string Username || Username.Equals(string.Empty))
|
||||
{
|
||||
await runner.WriteJsonResponse(StatusCodes.Status400BadRequest, "Username and/or Password can't be empty");
|
||||
return;
|
||||
}
|
||||
string HashedPass = Convert.ToHexString(SHA256.HashData(Encoding.UTF8.GetBytes(PlainPass))).ToLowerInvariant();
|
||||
_ = await RunNonQueryAsync(CS, "UPDATE useraccounts SET [pass] = @hp WHERE [uname] = @un", Act =>
|
||||
{
|
||||
Act.Parameters.AddWithValue("@un", Username);
|
||||
Act.Parameters.AddWithValue("@hp", HashedPass);
|
||||
}, CTS.Token);
|
||||
UserAccounts[Username] = UserAccounts[Username] with { Password = HashedPass };
|
||||
await runner.WriteJsonResponse(StatusCodes.Status202Accepted, "Password Updated.");
|
||||
});
|
||||
})
|
||||
.Map("/adduser", user =>
|
||||
{
|
||||
user.Run(async runner =>
|
||||
{
|
||||
if (!await runner.RequestValidated(ValidMethod: "POST", CheckJson: true) || await runner.TryGetBodyJsonAsync(["username", "password", "agentid", "level"], CTS.Token) is not Dictionary<string, JsonElement> InElement) return;
|
||||
if (
|
||||
InElement["username"].GetString() is not string Username ||
|
||||
InElement["password"].GetString() is not string PlainPass ||
|
||||
InElement["agentid"].GetString() is not string AgentID ||
|
||||
InElement["level"].GetByte() is byte Level && Level == 0 //REMEMBER TO FLIT THIS to prevent superuser creation
|
||||
)
|
||||
{
|
||||
await runner.WriteJsonResponse(StatusCodes.Status400BadRequest, "String fields should not be empty and level should not be zero or less.");
|
||||
return;
|
||||
}
|
||||
string HashedPass = Convert.ToHexString(SHA256.HashData(Encoding.UTF8.GetBytes(PlainPass))).ToLowerInvariant();
|
||||
await RunNonQueryAsync(CS, "INSERT INTO useraccounts VALUES(@un, @pw, @ai, @lv, 1)", Conf =>
|
||||
{
|
||||
Conf.Parameters.AddWithValue("@un", Username);
|
||||
Conf.Parameters.AddWithValue("@pw", HashedPass);
|
||||
Conf.Parameters.AddWithValue("@ai", AgentID);
|
||||
Conf.Parameters.AddWithValue("@lv", Level);
|
||||
}, CTS.Token);
|
||||
UserAccounts.TryAdd(Username, new(Username, AgentID, HashedPass, Level, true));
|
||||
await runner.WriteJsonResponse(StatusCodes.Status201Created, $"New user account created for Agent ID {AgentID}. Check data for created username", Username);
|
||||
});
|
||||
})
|
||||
.Map("/toggleuser", userstate =>
|
||||
{
|
||||
userstate.Run(async runner=>
|
||||
{
|
||||
if
|
||||
(
|
||||
!await runner.RequestValidated(0, "POST", true) //has to pass this before trying to get bodyjsonasync.
|
||||
//Let it be for now, move the json check login into trygetjson for later projects.
|
||||
|| await runner.TryGetBodyJsonAsync(["username"], CTS.Token) is not Dictionary<string, JsonElement> InElement
|
||||
|| InElement["username"].GetString() is not string Username
|
||||
) return;
|
||||
if (UserAccounts[Username] is not User FoundUser)
|
||||
{
|
||||
await runner.WriteJsonResponse(StatusCodes.Status404NotFound, "Username not found.", Username);
|
||||
return;
|
||||
}
|
||||
await RunNonQueryAsync(CS, "UPDATE useraccounts SET [active] = @ac WHERE [uname]=@un", Conf =>
|
||||
{
|
||||
Conf.Parameters.AddWithValue("@un", Username);
|
||||
Conf.Parameters.AddWithValue("@ac", !FoundUser.Active);
|
||||
}, CTS.Token);
|
||||
UserAccounts[Username] = UserAccounts[Username] with { Active = !FoundUser.Active };
|
||||
await runner.WriteJsonResponse(StatusCodes.Status202Accepted, "User account active state updated. See data for current active state", !FoundUser.Active);
|
||||
});
|
||||
})
|
||||
//=========ACTIVITIES=============
|
||||
;
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user