Recreated solution with web app template. Improved theme. Switched to ShadcnBlazor library

2025-12-25 19:16:53 +01:00
parent 0cc35300f1
commit a2d4edc0e5
272 changed files with 2441 additions and 14449 deletions
--- a/Moonlight.Api/Services/UserAuthService.cs
+++ b/Moonlight.Api/Services/UserAuthService.cs
@@ -0,0 +1,99 @@
+using System.Security.Claims;
+using Microsoft.EntityFrameworkCore;
+using Microsoft.Extensions.Logging;
+using Moonlight.Api.Database;
+using Moonlight.Api.Database.Entities;
+
+namespace Moonlight.Api.Services;
+
+public class UserAuthService
+{
+    private readonly DatabaseRepository<User> UserRepository;
+    private readonly ILogger<UserAuthService> Logger;
+
+    private const string UserIdClaim = "UserId";
+    private const string IssuedAtClaim = "IssuedAt";
+
+    public UserAuthService(DatabaseRepository<User> userRepository, ILogger<UserAuthService> logger)
+    {
+        UserRepository = userRepository;
+        Logger = logger;
+    }
+
+    public async Task<bool> SyncAsync(ClaimsPrincipal? principal)
+    {
+        if (principal is null)
+            return false;
+
+        var username = principal.FindFirstValue(ClaimTypes.Name);
+        var email = principal.FindFirstValue(ClaimTypes.Email);
+
+        if (string.IsNullOrWhiteSpace(username) || string.IsNullOrWhiteSpace(email))
+        {
+            Logger.LogWarning("Unable to sync user to database as name and/or email claims are missing");
+            return false;
+        }
+
+        // We use email as the primary identifier here
+        var user = await UserRepository
+            .Query()
+            .AsNoTracking()
+            .FirstOrDefaultAsync(user => user.Email == email);
+
+        if (user == null) // Sync user if not already existing in the database
+        {
+            user = await UserRepository.AddAsync(new User()
+            {
+                Username = username,
+                Email = email,
+                InvalidateTimestamp = DateTimeOffset.UtcNow.AddMinutes(-1)
+            });
+        }
+        else // Update properties of existing user
+        {
+            user.Username = username;
+
+            await UserRepository.UpdateAsync(user);
+        }
+
+        principal.Identities.First().AddClaims([
+            new Claim(UserIdClaim, user.Id.ToString()),
+            new Claim(IssuedAtClaim, DateTimeOffset.UtcNow.ToUnixTimeSeconds().ToString())
+        ]);
+
+        return true;
+    }
+
+    public async Task<bool> ValidateAsync(ClaimsPrincipal? principal)
+    {
+        // Ignore malformed claims principal
+        if (principal is not { Identity.IsAuthenticated: true })
+            return false;
+
+        var userIdString = principal.FindFirstValue(UserIdClaim);
+
+        if (!int.TryParse(userIdString, out var userId))
+            return false;
+
+        var user = await UserRepository
+            .Query()
+            .AsNoTracking()
+            .FirstOrDefaultAsync(user => user.Id == userId);
+
+        if (user == null)
+            return false;
+
+        var issuedAtString = principal.FindFirstValue(IssuedAtClaim);
+
+        if (!long.TryParse(issuedAtString, out var issuedAtUnix))
+            return false;
+
+        var issuedAt = DateTimeOffset.FromUnixTimeSeconds(issuedAtUnix).ToUniversalTime();
+
+        // If the issued at timestamp is greater than the token validation timestamp
+        // everything is fine. If not it means that the token should be invalidated
+        // as it is too old
+
+        return issuedAt > user.InvalidateTimestamp;
+    }
+}