-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
ed29e68
commit 1caf1e1
Showing
12 changed files
with
278 additions
and
5 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
using System.Security.Claims; | ||
|
||
namespace MBS_COMMAND.Application.Abstractions; | ||
|
||
public interface IJwtTokenService | ||
{ | ||
string GenerateAccessToken(IEnumerable<Claim> claims); | ||
string GenerateRefreshToken(); | ||
(ClaimsPrincipal, bool) GetPrincipalFromExpiredToken(string token); | ||
} |
88 changes: 88 additions & 0 deletions
88
MBS_COMMAND.Application/UserCases/Commands/Schedules/CreateScheduleCommandHandler.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,88 @@ | ||
using MBS_COMMAND.Contract.Abstractions.Messages; | ||
using MBS_COMMAND.Contract.Abstractions.Shared; | ||
using MBS_COMMAND.Contract.Services.Schedule; | ||
using MBS_COMMAND.Domain.Abstractions.Repositories; | ||
using MBS_COMMAND.Domain.Entities; | ||
|
||
namespace MBS_COMMAND.Application.UserCases.Commands.Schedules; | ||
|
||
public class CreateScheduleCommandHandler : ICommandHandler<Command.CreateScheduleCommand> | ||
{ | ||
private readonly IRepositoryBase<User, Guid> _userRepository; | ||
private readonly IRepositoryBase<Group, Guid> _groupRepository; | ||
private readonly IRepositoryBase<Slot, Guid> _slotRepository; | ||
private readonly IRepositoryBase<Subject, Guid> _subjectRepository; | ||
private readonly IRepositoryBase<Schedule, Guid> _scheduleRepository; | ||
|
||
public CreateScheduleCommandHandler(IRepositoryBase<User, Guid> userRepository, IRepositoryBase<Group, Guid> groupRepository, IRepositoryBase<Slot, Guid> slotRepository, IRepositoryBase<Subject, Guid> subjectRepository, IRepositoryBase<Schedule, Guid> scheduleRepository) | ||
{ | ||
_userRepository = userRepository; | ||
_groupRepository = groupRepository; | ||
_slotRepository = slotRepository; | ||
_subjectRepository = subjectRepository; | ||
_scheduleRepository = scheduleRepository; | ||
} | ||
|
||
public async Task<Result> Handle(Command.CreateScheduleCommand request, CancellationToken cancellationToken) | ||
{ | ||
var user = await _userRepository.FindByIdAsync(request.UserId, cancellationToken); | ||
|
||
if (user == null || user.IsDeleted) | ||
{ | ||
return Result.Failure(new Error("400", "User is not exist !")); | ||
} | ||
|
||
var group = await _groupRepository.FindSingleAsync(x => x.LeaderId.Equals(user.Id), cancellationToken); | ||
|
||
if (group == null || group.IsDeleted) | ||
{ | ||
return Result.Failure(new Error("403", "Must own a group !")); | ||
} | ||
|
||
var slot = await _slotRepository.FindByIdAsync(request.SlotId, cancellationToken); | ||
|
||
if (slot == null || group.IsDeleted) | ||
{ | ||
return Result.Failure(new Error("400", "Slot is not exist !")); | ||
} | ||
|
||
if (slot.IsBook) | ||
{ | ||
return Result.Failure(new Error("403", "Slot is booked !")); | ||
} | ||
|
||
var subject = await _subjectRepository.FindByIdAsync(request.SubjectId, cancellationToken); | ||
|
||
if (subject == null || subject.IsDeleted) | ||
{ | ||
return Result.Failure(new Error("400", "Subject is not exist !")); | ||
} | ||
|
||
var start = TimeOnly.Parse(request.StartTime); | ||
var end = TimeOnly.Parse(request.EndTime); | ||
|
||
if (start.CompareTo(slot.StartTime) < 0 || | ||
end.CompareTo(slot.EndTime) > 0) | ||
{ | ||
return Result.Failure(new Error("500", "Invalid booking time !")); | ||
} | ||
|
||
var schedule = new Schedule() | ||
{ | ||
Id = Guid.NewGuid(), | ||
StartTime = start, | ||
EndTime = end, | ||
Date = slot.Date, | ||
MentorId = slot.MentorId ?? new Guid(), | ||
SubjectId = request.SubjectId, | ||
GroupId = group.Id, | ||
IsBooked = true, | ||
}; | ||
|
||
slot.IsBook = true; | ||
|
||
_scheduleRepository.Add(schedule); | ||
|
||
return Result.Success("Booking Schedule Successfully !"); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
using System.ComponentModel; | ||
using MBS_COMMAND.Contract.Abstractions.Messages; | ||
using Swashbuckle.AspNetCore.Annotations; | ||
|
||
namespace MBS_COMMAND.Contract.Services.Schedule; | ||
|
||
public class Command | ||
{ | ||
public record CreateScheduleCommand : ICommand | ||
{ | ||
[SwaggerSchema(ReadOnly = true)] | ||
[DefaultValue("e824c924-e441-4367-a03b-8dd13223f76f")] | ||
public Guid UserId { get; set; } | ||
|
||
public Guid SlotId { get; set; } | ||
public Guid SubjectId { get; set; } | ||
public string StartTime { get; set; } | ||
public string EndTime { get; set; } | ||
} | ||
} |
14 changes: 14 additions & 0 deletions
14
MBS_COMMAND.Contract/Services/Schedule/Validators/CreateScheduleValidators.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
using FluentValidation; | ||
|
||
namespace MBS_COMMAND.Contract.Services.Schedule.Validators; | ||
|
||
public class CreateScheduleValidators : AbstractValidator<Command.CreateScheduleCommand> | ||
{ | ||
public CreateScheduleValidators() | ||
{ | ||
RuleFor(x => x.StartTime).NotEmpty().LessThan(x => x.EndTime); | ||
RuleFor(x => x.EndTime).NotEmpty().GreaterThan(x => x.StartTime); | ||
RuleFor(x => x.SlotId).NotEmpty(); | ||
RuleFor(x => x.SubjectId).NotEmpty(); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
97 changes: 97 additions & 0 deletions
97
MBS_COMMAND.Infrastucture/Authentication/JwtTokenService.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,97 @@ | ||
using System.IdentityModel.Tokens.Jwt; | ||
using System.Security.Claims; | ||
using System.Security.Cryptography; | ||
using System.Text; | ||
using MBS_COMMAND.Application.Abstractions; | ||
using MBS_COMMAND.Infrastucture.DependencyInjection.Options; | ||
using Microsoft.Extensions.Configuration; | ||
using Microsoft.IdentityModel.Tokens; | ||
|
||
namespace MBS_COMMAND.Infrastucture.Authentication; | ||
|
||
public class JwtTokenService : IJwtTokenService | ||
{ | ||
private readonly JwtOption jwtOption = new JwtOption(); | ||
|
||
public JwtTokenService(IConfiguration configuration) | ||
{ | ||
configuration.GetSection(nameof(JwtOption)).Bind(jwtOption); | ||
} | ||
|
||
public string GenerateAccessToken(IEnumerable<Claim> claims) | ||
{ | ||
var secretKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtOption.SecretKey)); | ||
var signinCredentials = new SigningCredentials(secretKey, SecurityAlgorithms.HmacSha256); | ||
|
||
var tokeOptions = new JwtSecurityToken( | ||
issuer: jwtOption.Issuer, | ||
audience: jwtOption.Audience, | ||
claims: claims, | ||
expires: DateTime.Now.AddMinutes(jwtOption.ExpireMin), | ||
signingCredentials: signinCredentials | ||
); | ||
|
||
var tokenString = new JwtSecurityTokenHandler().WriteToken(tokeOptions); | ||
return tokenString; | ||
} | ||
|
||
public string GenerateRefreshToken() | ||
{ | ||
var randomNumber = new byte[32]; | ||
using (var rng = RandomNumberGenerator.Create()) | ||
{ | ||
rng.GetBytes(randomNumber); | ||
return Convert.ToBase64String(randomNumber); | ||
} | ||
} | ||
|
||
public (ClaimsPrincipal, bool) GetPrincipalFromExpiredToken(string token) | ||
{ | ||
var Key = Encoding.UTF8.GetBytes(jwtOption.SecretKey); | ||
|
||
var tokenValidationParameters = new TokenValidationParameters | ||
{ | ||
ValidateAudience = false, | ||
ValidateIssuer = false, | ||
ValidateIssuerSigningKey = true, | ||
IssuerSigningKey = new SymmetricSecurityKey(Key), | ||
ClockSkew = TimeSpan.Zero | ||
}; | ||
|
||
var tokenHandler = new JwtSecurityTokenHandler(); | ||
|
||
try | ||
{ | ||
// First, try to validate the token with lifetime validation | ||
tokenValidationParameters.ValidateLifetime = true; | ||
var principal = tokenHandler.ValidateToken(token, tokenValidationParameters, out SecurityToken securityToken); | ||
|
||
if (!(securityToken is JwtSecurityToken jwtSecurityToken) || | ||
!jwtSecurityToken.Header.Alg.Equals(SecurityAlgorithms.HmacSha256, StringComparison.InvariantCultureIgnoreCase)) | ||
{ | ||
throw new SecurityTokenException("Invalid token"); | ||
} | ||
|
||
return (principal, false); // Token is valid and not expired | ||
} | ||
catch (SecurityTokenExpiredException) | ||
{ | ||
// Token is expired, validate without lifetime check | ||
tokenValidationParameters.ValidateLifetime = false; | ||
var principal = tokenHandler.ValidateToken(token, tokenValidationParameters, out SecurityToken securityToken); | ||
|
||
if (!(securityToken is JwtSecurityToken jwtSecurityToken) || | ||
!jwtSecurityToken.Header.Alg.Equals(SecurityAlgorithms.HmacSha256, StringComparison.InvariantCultureIgnoreCase)) | ||
{ | ||
throw new SecurityTokenException("Invalid token"); | ||
} | ||
|
||
return (principal, true); // Token is valid but expired | ||
} | ||
catch (Exception) | ||
{ | ||
// Any other exception means the token is invalid | ||
throw new SecurityTokenException("Invalid token"); | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
using MBS_COMMAND.Application.Abstractions; | ||
using MBS_COMMAND.Contract.Services.Schedule; | ||
using MBS_COMMAND.Presentation.Abstractions; | ||
using MBS_COMMAND.Presentation.Constrants; | ||
using Microsoft.AspNetCore.Authentication; | ||
|
||
namespace MBS_COMMAND.Presentation.APIs.Schedules; | ||
|
||
public class SchedulesApi : ApiEndpoint, ICarterModule | ||
{ | ||
private const string BaseUrl = "/api/v{version:apiVersion}/schedules"; | ||
|
||
public void AddRoutes(IEndpointRouteBuilder app) | ||
{ | ||
var gr1 = app.NewVersionedApi("Schedules") | ||
.MapGroup(BaseUrl).HasApiVersion(1); | ||
|
||
gr1.MapPost("", CreateSchedules).RequireAuthorization(RoleNames.Student); | ||
} | ||
|
||
public static async Task<IResult> CreateSchedules(ISender sender, HttpContext context, IJwtTokenService jwtTokenService, | ||
[FromBody] Command.CreateScheduleCommand command) | ||
{ | ||
var accessToken = await context.GetTokenAsync("access_token"); | ||
var (claimPrincipal, _) = jwtTokenService.GetPrincipalFromExpiredToken(accessToken!); | ||
var userId = claimPrincipal.Claims.FirstOrDefault(c => c.Type == "UserId")!.Value; | ||
|
||
command.UserId = new Guid(userId); | ||
|
||
var result = await sender.Send(command); | ||
|
||
if (result.IsFailure) | ||
return HandlerFailure(result); | ||
|
||
return Results.Ok(result); | ||
} | ||
} |