Compare commits
4 Commits
22c0b1f153
...
ba741a3ab9
| Author | SHA1 | Date | |
|---|---|---|---|
| ba741a3ab9 | |||
| 68cfb26316 | |||
| c6c2dea10c | |||
| f8144dd254 |
117
APIHandler.cs
117
APIHandler.cs
@ -8,6 +8,22 @@ public static partial class APIHandler
|
||||
public static void Handle(IApplicationBuilder App)
|
||||
{
|
||||
App
|
||||
//===========TEST ONLY============
|
||||
.Map("/hostcheck", host =>
|
||||
{
|
||||
host.Run(async runner =>
|
||||
{
|
||||
await runner.WriteJsonResponse(200, $"{runner.Request.Host} : {HttpOnly.Domain}");
|
||||
});
|
||||
})
|
||||
.Map("/numbertest", test =>
|
||||
{
|
||||
test.Run(async runner =>
|
||||
{
|
||||
Dictionary<string, JsonElement> ELE = (await runner.TryGetBodyJsonAsync(["num"], CTS.Token))!;
|
||||
await runner.WriteJsonResponse(200, $"{ELE["num"].GetByte()}");
|
||||
});
|
||||
})
|
||||
//============MISC=================
|
||||
.Map("/updatecache", cache =>
|
||||
{
|
||||
@ -17,6 +33,7 @@ public static partial class APIHandler
|
||||
await runner.WriteJsonResponse(StatusCodes.Status200OK, "Cache Updated.");
|
||||
});
|
||||
})
|
||||
// -------ADD-/sse-later--------
|
||||
//===========UNITS=================
|
||||
.Map("/getunits", units =>
|
||||
{
|
||||
@ -161,10 +178,12 @@ public static partial class APIHandler
|
||||
CreateAgent.Parameters.AddWithValue("@misi", Mission);
|
||||
CreateAgent.Parameters.AddWithValue("@poto", PhotoURL.Equals(string.Empty) ? DBNull.Value : PhotoURL);
|
||||
_ = await CreateAgent.ExecuteNonQueryAsync();
|
||||
Agents.Add(NewAgent);
|
||||
}
|
||||
if (CreateUser)
|
||||
{
|
||||
string HashedPass = Convert.ToHexString(SHA256.HashData(Encoding.UTF8.GetBytes(PlainPass)));
|
||||
string HashedPass = Convert.ToHexString(SHA256.HashData(Encoding.UTF8.GetBytes(PlainPass))).ToLowerInvariant();
|
||||
User NewUser = new(UName, AgentID, HashedPass, Level, true);
|
||||
using (SqlCommand CreateUser = Conn.CreateCommand())
|
||||
{
|
||||
CreateUser.Transaction = Trans;
|
||||
@ -175,6 +194,7 @@ public static partial class APIHandler
|
||||
CreateUser.Parameters.AddWithValue("@levl", Level);
|
||||
_ = await CreateUser.ExecuteNonQueryAsync();
|
||||
}
|
||||
UserAccounts.TryAdd(UName, NewUser);
|
||||
}
|
||||
}, CTS.Token
|
||||
);
|
||||
@ -199,7 +219,7 @@ public static partial class APIHandler
|
||||
CommandBuilder.Append("UPDATE agents SET");
|
||||
foreach (JsonProperty Prop in UpdateFields.EnumerateObject())
|
||||
{
|
||||
Comm.Parameters.AddWithValue($"@p{Prop.Name}", Prop.Value.ValueKind == JsonValueKind.Null ? DBNull.Value : Prop.Value.ValueKind == JsonValueKind.String ? Prop.Value.GetString() : Prop.Value.GetInt16());
|
||||
Comm.Parameters.AddWithValue($"@p{Prop.Name}", Prop.Value.ValueKind == JsonValueKind.Null ? DBNull.Value : Prop.Value.ValueKind == JsonValueKind.String ? Prop.Value.GetString() : Prop.Value.GetInt16());
|
||||
CommandBuilder.Append($" [{Prop.Name}] = @p{Prop.Name},");
|
||||
}
|
||||
Comm.Parameters.AddWithValue("@pagentid", AgentID);
|
||||
@ -221,11 +241,102 @@ public static partial class APIHandler
|
||||
a["mission"] == DBNull.Value ? null : (string)a["mission"],
|
||||
a["photourl"] == DBNull.Value ? null : (string)a["photourl"]
|
||||
), CTS.Token))[0];
|
||||
int AgentIdx = Agents.FindIndex(a => a.AgentID == UpAgent.AgentID);
|
||||
Agents[AgentIdx] = Agents[AgentIdx] with
|
||||
{
|
||||
Name = UpAgent.Name,
|
||||
Jabatan = UpAgent.Jabatan,
|
||||
DeplID = UpAgent.DeplID,
|
||||
SKAngkat = UpAgent.SKAngkat,
|
||||
TMT = UpAgent.TMT,
|
||||
SKPerb = UpAgent.SKPerb,
|
||||
TMUbah = UpAgent.TMUbah,
|
||||
Vision = UpAgent.Vision,
|
||||
Mission = UpAgent.Mission,
|
||||
PhotoURL = UpAgent.PhotoURL
|
||||
};
|
||||
await runner.WriteJsonResponse(StatusCodes.Status202Accepted, "Data updated.", UpAgent);
|
||||
}
|
||||
});
|
||||
})
|
||||
|
||||
.Map("/passwd", passwd =>
|
||||
{
|
||||
passwd.Run(async runner =>
|
||||
{
|
||||
if
|
||||
(
|
||||
!await runner.RequestValidated(0, "POST", true) //has to pass this before trying to get bodyjsonasync.
|
||||
//Let it be for now, move the json check login into trygetjson for later projects.
|
||||
|| await runner.TryGetBodyJsonAsync(["username", "password"], CTS.Token) is not Dictionary<string, JsonElement> InElement
|
||||
|| !(await runner.RequestValidated(InElement["username"].GetString() ?? string.Empty, "POST") || await runner.RequestValidated(0, "POST"))
|
||||
) return;
|
||||
if (InElement["password"].GetString() is not string PlainPass || PlainPass.Equals(string.Empty) || InElement["username"].GetString() is not string Username || Username.Equals(string.Empty))
|
||||
{
|
||||
await runner.WriteJsonResponse(StatusCodes.Status400BadRequest, "Username and/or Password can't be empty");
|
||||
return;
|
||||
}
|
||||
string HashedPass = Convert.ToHexString(SHA256.HashData(Encoding.UTF8.GetBytes(PlainPass))).ToLowerInvariant();
|
||||
_ = await RunNonQueryAsync(CS, "UPDATE useraccounts SET [pass] = @hp WHERE [uname] = @un", Act =>
|
||||
{
|
||||
Act.Parameters.AddWithValue("@un", Username);
|
||||
Act.Parameters.AddWithValue("@hp", HashedPass);
|
||||
}, CTS.Token);
|
||||
UserAccounts[Username] = UserAccounts[Username] with { Password = HashedPass };
|
||||
await runner.WriteJsonResponse(StatusCodes.Status202Accepted, "Password Updated.");
|
||||
});
|
||||
})
|
||||
.Map("/adduser", user =>
|
||||
{
|
||||
user.Run(async runner =>
|
||||
{
|
||||
if (!await runner.RequestValidated(ValidMethod: "POST", CheckJson: true) || await runner.TryGetBodyJsonAsync(["username", "password", "agentid", "level"], CTS.Token) is not Dictionary<string, JsonElement> InElement) return;
|
||||
if (
|
||||
InElement["username"].GetString() is not string Username ||
|
||||
InElement["password"].GetString() is not string PlainPass ||
|
||||
InElement["agentid"].GetString() is not string AgentID ||
|
||||
InElement["level"].GetByte() is byte Level && Level == 0 //REMEMBER TO FLIT THIS to prevent superuser creation
|
||||
)
|
||||
{
|
||||
await runner.WriteJsonResponse(StatusCodes.Status400BadRequest, "String fields should not be empty and level should not be zero or less.");
|
||||
return;
|
||||
}
|
||||
string HashedPass = Convert.ToHexString(SHA256.HashData(Encoding.UTF8.GetBytes(PlainPass))).ToLowerInvariant();
|
||||
await RunNonQueryAsync(CS, "INSERT INTO useraccounts VALUES(@un, @pw, @ai, @lv, 1)", Conf =>
|
||||
{
|
||||
Conf.Parameters.AddWithValue("@un", Username);
|
||||
Conf.Parameters.AddWithValue("@pw", HashedPass);
|
||||
Conf.Parameters.AddWithValue("@ai", AgentID);
|
||||
Conf.Parameters.AddWithValue("@lv", Level);
|
||||
}, CTS.Token);
|
||||
UserAccounts.TryAdd(Username, new(Username, AgentID, HashedPass, Level, true));
|
||||
await runner.WriteJsonResponse(StatusCodes.Status201Created, $"New user account created for Agent ID {AgentID}. Check data for created username", Username);
|
||||
});
|
||||
})
|
||||
.Map("/toggleuser", userstate =>
|
||||
{
|
||||
userstate.Run(async runner=>
|
||||
{
|
||||
if
|
||||
(
|
||||
!await runner.RequestValidated(0, "POST", true) //has to pass this before trying to get bodyjsonasync.
|
||||
//Let it be for now, move the json check login into trygetjson for later projects.
|
||||
|| await runner.TryGetBodyJsonAsync(["username"], CTS.Token) is not Dictionary<string, JsonElement> InElement
|
||||
|| InElement["username"].GetString() is not string Username
|
||||
) return;
|
||||
if (UserAccounts[Username] is not User FoundUser)
|
||||
{
|
||||
await runner.WriteJsonResponse(StatusCodes.Status404NotFound, "Username not found.", Username);
|
||||
return;
|
||||
}
|
||||
await RunNonQueryAsync(CS, "UPDATE useraccounts SET [active] = @ac WHERE [uname]=@un", Conf =>
|
||||
{
|
||||
Conf.Parameters.AddWithValue("@un", Username);
|
||||
Conf.Parameters.AddWithValue("@ac", !FoundUser.Active);
|
||||
}, CTS.Token);
|
||||
UserAccounts[Username] = UserAccounts[Username] with { Active = !FoundUser.Active };
|
||||
await runner.WriteJsonResponse(StatusCodes.Status202Accepted, "User account active state updated. See data for current active state", !FoundUser.Active);
|
||||
});
|
||||
})
|
||||
//=========ACTIVITIES=============
|
||||
;
|
||||
}
|
||||
|
||||
@ -139,12 +139,13 @@ internal static class Commons
|
||||
Console.Write(" Caching User Accounts... ");
|
||||
await using SqlConnection FConn = new(CS);
|
||||
await FConn.OpenAsync().ConfigureAwait(false);
|
||||
using SqlCommand FComm = new("SELECT * FROM users",FConn);
|
||||
using SqlCommand FComm = new("SELECT * FROM useraccounts",FConn);
|
||||
await using (SqlDataReader URead = await FComm.ExecuteReaderAsync(CTS.Token).ConfigureAwait(false))
|
||||
{
|
||||
while(await URead.ReadAsync(CTS.Token).ConfigureAwait(false))
|
||||
UserAccounts.Clear();
|
||||
while (await URead.ReadAsync(CTS.Token).ConfigureAwait(false))
|
||||
{
|
||||
_ = UserAccounts.TryAdd((string)URead["uname"], new User((string)URead["uname"],(string)URead["name"],(string)URead["pass"],(byte)URead["level"],(bool)URead["active"]));
|
||||
_ = UserAccounts.TryAdd((string)URead["uname"], new User((string)URead["uname"], (string)URead["agentid"], (string)URead["pass"], (byte)URead["level"], (bool)URead["active"]));
|
||||
}
|
||||
}
|
||||
Console.WriteLine("Done.");
|
||||
|
||||
@ -12,11 +12,11 @@ internal partial record PasswdUser(string Username, string PlainPassword);
|
||||
internal partial record SafeUser(string Username, string AgentID, byte Level, bool Active) {
|
||||
internal static SafeUser FromUser(User Source)
|
||||
{
|
||||
return new(Source.Username, Source.Name, Source.Level, Source.Active);
|
||||
return new(Source.Username, Source.AgentID, Source.Level, Source.Active);
|
||||
}
|
||||
};
|
||||
internal partial record SimpleApiResponse(int Status, string Message);
|
||||
internal partial record User(string Username, string Name, string Password, byte Level, bool Active);
|
||||
internal partial record User(string Username, string AgentID, string Password, byte Level, bool Active);
|
||||
[JsonSerializable(typeof(Agent))]
|
||||
[JsonSerializable(typeof(ApiResponse))]
|
||||
[JsonSerializable(typeof(Deployment))]
|
||||
@ -29,6 +29,7 @@ internal partial record User(string Username, string Name, string Password, byte
|
||||
[JsonSerializable(typeof(User))]
|
||||
//////////----------DICTIONARIES----------//////////
|
||||
[JsonSerializable(typeof(Dictionary<string, JsonElement>))]
|
||||
// [JsonSerializable(typeof(ConcurrentDictionary<string, User>))]
|
||||
//////////-------------LISTS--------------//////////
|
||||
[JsonSerializable(typeof(List<Agent>))]
|
||||
[JsonSerializable(typeof(List<Deployment>))]
|
||||
|
||||
@ -37,13 +37,6 @@ try
|
||||
options.Limits.MaxRequestBodySize = 104857600;
|
||||
})
|
||||
.UseContentRoot(AppContext.BaseDirectory)
|
||||
// .ConfigureServices(r=>{
|
||||
// r.AddResponseCompression(o=>{
|
||||
// o.EnableForHttps = true;
|
||||
// o.Providers.Add<Microsoft.AspNetCore.ResponseCompression.BrotliCompressionProvider>();
|
||||
// o.Providers.Add<Microsoft.AspNetCore.ResponseCompression.GzipCompressionProvider>();
|
||||
// });
|
||||
// })
|
||||
.Configure(app=>{
|
||||
app
|
||||
.UseMiddleware<ErrorHandling>()
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user