finnow/finnow-api/source/auth/api.d

/// API endpoints for authentication-related functions, like registration and login.
module auth.api;

import handy_httpd;
import handy_httpd.components.optional;
import slf4d;

import auth.model;
import auth.data;
import auth.service;
import auth.data_impl_fs;
import util.json;

void postLogin(ref HttpRequestContext ctx) {
    LoginCredentials loginCredentials = readJsonPayload!LoginCredentials(ctx);
    if (!validateUsername(loginCredentials.username)) {
        ctx.response.status = HttpStatus.UNAUTHORIZED;
        return;
    }
    UserRepository userRepo = new FileSystemUserRepository();
    Optional!User optionalUser = userRepo.findByUsername(loginCredentials.username);
    if (optionalUser.isNull) {
        ctx.response.status = HttpStatus.UNAUTHORIZED;
        return;
    }
    import botan.passhash.bcrypt : checkBcrypt;

    if (!checkBcrypt(loginCredentials.password, optionalUser.value.passwordHash)) {
        ctx.response.status = HttpStatus.UNAUTHORIZED;
        return;
    }
    string token = generateAccessToken(optionalUser.value);
    writeJsonBody(ctx, TokenResponse(token));
}

void getUsernameAvailability(ref HttpRequestContext ctx) {
    Optional!string username = ctx.request.queryParams.getFirst("username");
    if (username.isNull) {
        ctx.response.status = HttpStatus.BAD_REQUEST;
        ctx.response.writeBodyString("Missing username parameter.");
        return;
    }
    UserRepository userRepo = new FileSystemUserRepository();
    bool available = userRepo.findByUsername(username.value).isNull;
    writeJsonBody(ctx, UsernameAvailabilityResponse(available));
}

void postRegister(ref HttpRequestContext ctx) {
    RegistrationData registrationData = readJsonPayload!RegistrationData(ctx);
    if (!validateUsername(registrationData.username)) {
        ctx.response.status = HttpStatus.BAD_REQUEST;
        ctx.response.writeBodyString("Invalid username.");
        return;
    }
    if (!validatePassword(registrationData.password)) {
        ctx.response.status = HttpStatus.BAD_REQUEST;
        ctx.response.writeBodyString("Invalid password.");
        return;
    }
    UserRepository userRepo = new FileSystemUserRepository();
    if (!userRepo.findByUsername(registrationData.username).isNull) {
        ctx.response.status = HttpStatus.BAD_REQUEST;
        ctx.response.writeBodyString("Username is taken.");
        return;
    }

    import botan.passhash.bcrypt : generateBcrypt;
    import botan.rng.auto_rng;

    RandomNumberGenerator rng = new AutoSeededRNG();
    string passwordHash = generateBcrypt(registrationData.password, rng, 12);
    User user = userRepo.createUser(registrationData.username, passwordHash);
    infoF!"Created user: %s"(registrationData.username);
    string token = generateAccessToken(user);
    writeJsonBody(ctx, TokenResponse(token));
}

void getMyUser(ref HttpRequestContext ctx) {
    AuthContext auth = getAuthContext(ctx);
    ctx.response.writeBodyString(auth.user.username);
}
Added basic auth system, profiles, and start of models and data. 2024-07-31 17:20:17 +00:00			`/// API endpoints for authentication-related functions, like registration and login.`
			`module auth.api;`

			`import handy_httpd;`
			`import handy_httpd.components.optional;`
			`import slf4d;`

			`import auth.model;`
Another major refactor, into modular monolith style application. 2024-08-01 17:01:50 +00:00			`import auth.data;`
Added basic auth system, profiles, and start of models and data. 2024-07-31 17:20:17 +00:00			`import auth.service;`
Another major refactor, into modular monolith style application. 2024-08-01 17:01:50 +00:00			`import auth.data_impl_fs;`
Added registration page to app, username availability checking. 2024-09-11 20:15:53 +00:00			`import util.json;`
Added basic auth system, profiles, and start of models and data. 2024-07-31 17:20:17 +00:00
			`void postLogin(ref HttpRequestContext ctx) {`
Added registration page to app, username availability checking. 2024-09-11 20:15:53 +00:00			`LoginCredentials loginCredentials = readJsonPayload!LoginCredentials(ctx);`
Added basic auth system, profiles, and start of models and data. 2024-07-31 17:20:17 +00:00			`if (!validateUsername(loginCredentials.username)) {`
			`ctx.response.status = HttpStatus.UNAUTHORIZED;`
			`return;`
			`}`
			`UserRepository userRepo = new FileSystemUserRepository();`
			`Optional!User optionalUser = userRepo.findByUsername(loginCredentials.username);`
			`if (optionalUser.isNull) {`
			`ctx.response.status = HttpStatus.UNAUTHORIZED;`
Added registration page to app, username availability checking. 2024-09-11 20:15:53 +00:00			`return;`
Added basic auth system, profiles, and start of models and data. 2024-07-31 17:20:17 +00:00			`}`
			`import botan.passhash.bcrypt : checkBcrypt;`
Added registration page to app, username availability checking. 2024-09-11 20:15:53 +00:00
Added basic auth system, profiles, and start of models and data. 2024-07-31 17:20:17 +00:00			`if (!checkBcrypt(loginCredentials.password, optionalUser.value.passwordHash)) {`
			`ctx.response.status = HttpStatus.UNAUTHORIZED;`
			`return;`
			`}`
			`string token = generateAccessToken(optionalUser.value);`
Added registration page to app, username availability checking. 2024-09-11 20:15:53 +00:00			`writeJsonBody(ctx, TokenResponse(token));`
Added basic auth system, profiles, and start of models and data. 2024-07-31 17:20:17 +00:00			`}`

Added registration page to app, username availability checking. 2024-09-11 20:15:53 +00:00			`void getUsernameAvailability(ref HttpRequestContext ctx) {`
			`Optional!string username = ctx.request.queryParams.getFirst("username");`
			`if (username.isNull) {`
Added basic auth system, profiles, and start of models and data. 2024-07-31 17:20:17 +00:00			`ctx.response.status = HttpStatus.BAD_REQUEST;`
Added registration page to app, username availability checking. 2024-09-11 20:15:53 +00:00			`ctx.response.writeBodyString("Missing username parameter.");`
Added basic auth system, profiles, and start of models and data. 2024-07-31 17:20:17 +00:00			`return;`
			`}`
Added registration page to app, username availability checking. 2024-09-11 20:15:53 +00:00			`UserRepository userRepo = new FileSystemUserRepository();`
			`bool available = userRepo.findByUsername(username.value).isNull;`
			`writeJsonBody(ctx, UsernameAvailabilityResponse(available));`
			`}`

			`void postRegister(ref HttpRequestContext ctx) {`
			`RegistrationData registrationData = readJsonPayload!RegistrationData(ctx);`
Added basic auth system, profiles, and start of models and data. 2024-07-31 17:20:17 +00:00			`if (!validateUsername(registrationData.username)) {`
			`ctx.response.status = HttpStatus.BAD_REQUEST;`
			`ctx.response.writeBodyString("Invalid username.");`
			`return;`
			`}`
			`if (!validatePassword(registrationData.password)) {`
			`ctx.response.status = HttpStatus.BAD_REQUEST;`
			`ctx.response.writeBodyString("Invalid password.");`
			`return;`
			`}`
			`UserRepository userRepo = new FileSystemUserRepository();`
			`if (!userRepo.findByUsername(registrationData.username).isNull) {`
			`ctx.response.status = HttpStatus.BAD_REQUEST;`
			`ctx.response.writeBodyString("Username is taken.");`
			`return;`
			`}`

			`import botan.passhash.bcrypt : generateBcrypt;`
			`import botan.rng.auto_rng;`
Added registration page to app, username availability checking. 2024-09-11 20:15:53 +00:00
Added basic auth system, profiles, and start of models and data. 2024-07-31 17:20:17 +00:00			`RandomNumberGenerator rng = new AutoSeededRNG();`
			`string passwordHash = generateBcrypt(registrationData.password, rng, 12);`
Added registration page to app, username availability checking. 2024-09-11 20:15:53 +00:00			`User user = userRepo.createUser(registrationData.username, passwordHash);`
Added basic auth system, profiles, and start of models and data. 2024-07-31 17:20:17 +00:00			`infoF!"Created user: %s"(registrationData.username);`
Added registration page to app, username availability checking. 2024-09-11 20:15:53 +00:00			`string token = generateAccessToken(user);`
			`writeJsonBody(ctx, TokenResponse(token));`
Added basic auth system, profiles, and start of models and data. 2024-07-31 17:20:17 +00:00			`}`

			`void getMyUser(ref HttpRequestContext ctx) {`
			`AuthContext auth = getAuthContext(ctx);`
			`ctx.response.writeBodyString(auth.user.username);`
			`}`