LoginWithGoogle feature now working.

2024-09-24 01:37:53 -04:00
parent e482a0726f
commit 1aa940fa05
9 changed files with 680 additions and 149 deletions
--- a/src/Web/Controllers/FacebookController.cs
+++ b/src/Web/Controllers/FacebookController.cs
@@ -49,7 +49,7 @@ public class FacebookController(IIdentityService identityService) : Controller
        }

        await identityService.CreateUserAsync(email, givenName, givenName, familyName,
-            RandomGenerator.RandomString(24));
+            PasswordGenerator.GeneratePassword(8, 10));
        await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme,
            new ClaimsPrincipal(claimsIdentity));
        return Redirect("/");
--- a/src/Web/Controllers/GoogleController.cs
+++ b/src/Web/Controllers/GoogleController.cs
@@ -1,89 +0,0 @@
-using System.Security.Claims;
-using Hutopy.Application.Common.Interfaces;
-using Hutopy.Infrastructure.Identity;
-using Hutopy.Infrastructure.Utils;
-using Microsoft.AspNetCore.Authentication;
-using Microsoft.AspNetCore.Authentication.Cookies;
-using Microsoft.AspNetCore.Mvc;
-using Microsoft.Extensions.Options;
-using Newtonsoft.Json.Linq;
-
-namespace Hutopy.Web.Controllers;
-
-public class GoogleController(
-    IIdentityService identityService,
-    IHttpClientFactory httpClientFactory,
-    IOptionsSnapshot<JwtOptions> jwtOptions) 
-    : Controller
-{
-    [Microsoft.AspNetCore.Mvc.HttpPost("/api/google/sign-in")]
-    public async Task<IActionResult> SignIn([Microsoft.AspNetCore.Mvc.FromBody] GoogleSignInRequest request)
-    {
-        using var httpClient = httpClientFactory.CreateClient();
-        
-        // Verify the token with Google
-        var response = await httpClient.GetAsync($"https://www.googleapis.com/oauth2/v1/userinfo?access_token={request.AccessToken}");
-        if (!response.IsSuccessStatusCode)
-        {
-            return BadRequest("Invalid Google token.");
-        }
-
-        var userInfo = JObject.Parse(await response.Content.ReadAsStringAsync());
-        var email = userInfo["email"]?.ToString() ?? "";
-        var name = userInfo["name"]?.ToString() ?? "";
-        var givenName = userInfo["given_name"]?.ToString() ?? "";
-        var familyName = userInfo["family_name"]?.ToString() ?? "";
-
-        if (string.IsNullOrEmpty(email))
-        {
-            return BadRequest("Google token did not contain an email.");
-        }
-
-        // Check if user exists or create a new one
-        var user = await identityService.FindUserByEmailAsync(email);
-        if (user == null)
-        {
-            await identityService.CreateUserAsync(email, email, givenName, familyName, RandomGenerator.RandomString(24));
-            user = await identityService.FindUserByEmailAsync(email);
-        }
-        
-        if (user?.Id is null)
-        {
-            return BadRequest("Unable to find or create the user.");
-        }
-
-        // Sign in the user
-        var claimsIdentity = new ClaimsIdentity(
-            new List<Claim>
-            {
-                new(ClaimTypes.Name, name),
-                new(ClaimTypes.Email, email),
-                new(ClaimTypes.GivenName, givenName),
-                new(ClaimTypes.Surname, familyName)
-            },
-            CookieAuthenticationDefaults.AuthenticationScheme);
-        
-        await HttpContext.SignInAsync(
-            CookieAuthenticationDefaults.AuthenticationScheme,
-            new ClaimsPrincipal(claimsIdentity));
-    
-        var token = JwtTokenHelper.GenerateJwtToken(
-            jwtOptions.Value.Lifetime,
-            jwtOptions.Value.Issuer,
-            jwtOptions.Value.Audience,
-            jwtOptions.Value.Key,
-            user.Id.ToString(),
-            user.Email,
-            user.Alias,
-            user.Firstname,
-            user.Lastname,
-            user.PortraitUrl);
-        
-        return Ok(new { accessToken = token, email });
-    }
-    
-    public class GoogleSignInRequest
-    {
-        public required string AccessToken { get; set; }
-    }
-}
--- a/src/Web/Features/Users/Handlers/LoginWithGoogle.cs
+++ b/src/Web/Features/Users/Handlers/LoginWithGoogle.cs
@@ -0,0 +1,140 @@
+using System.Text.Json;
+using System.Text.Json.Serialization;
+using Hutopy.Infrastructure.Identity;
+using Hutopy.Infrastructure.Utils;
+using Microsoft.AspNetCore.Identity;
+using Microsoft.Extensions.Options;
+
+namespace Hutopy.Web.Features.Users.Handlers;
+
+class GoogleToken
+{
+    [JsonPropertyName("access_token")] public required string AccessToken { get; init; }
+    [JsonPropertyName("token_type")] public required string TokenType { get; init; }
+    [JsonPropertyName("expires_in")] public required int ExpiresIn { get; init; }
+    [JsonPropertyName("scope")] public required string Scope { get; init; }
+    [JsonPropertyName("authuser")] public required string AuthUser { get; init; }
+    [JsonPropertyName("prompt")] public required string Prompt { get; init; }
+}
+
+public class GoogleUserInfo
+{
+    [JsonPropertyName("id")] public required string Id { get; init; }
+    [JsonPropertyName("email")] public required string Email { get; init; }
+    [JsonPropertyName("verified_email")] public required bool VerifiedEmail { get; init; }
+    [JsonPropertyName("name")] public required string Name { get; init; }
+    [JsonPropertyName("given_name")] public required string GivenName { get; init; }
+    [JsonPropertyName("family_name")] public required string FamilyName { get; init; }
+    [JsonPropertyName("picture")] public required string Picture { get; init; }
+}
+
+[PublicAPI]
+public record LoginWithGoogleRequest(
+    string Token)
+    : IRequest<LoginWithGoogleResponse>;
+
+public record LoginWithGoogleResponse(
+    string AccessToken,
+    string RefreshToken);
+
+[PublicAPI]
+public class LoginWithGoogleHandler(
+    IHttpClientFactory httpClientFactory,
+    ApplicationUserManager userManager,
+    SignInManager<ApplicationUser> signInManager,
+    IOptionsSnapshot<JwtOptions> jwtOptions)
+    : Endpoint<LoginWithGoogleRequest, LoginWithGoogleResponse>
+{
+    public override void Configure()
+    {
+        AllowAnonymous();
+        Post("/api/users/login-with-google");
+        Options(o => o.WithTags("Users"));
+    }
+
+    public override async Task HandleAsync(
+        LoginWithGoogleRequest request,
+        CancellationToken ct)
+    {
+        var googleToken = JsonSerializer.Deserialize<GoogleToken>(request.Token)!;
+
+        // Verify the token with Google
+        using var httpClient = httpClientFactory.CreateClient();
+        var response = await httpClient.GetAsync(
+            $"https://www.googleapis.com/oauth2/v1/userinfo?access_token={googleToken.AccessToken}",
+            ct);
+        if (!response.IsSuccessStatusCode)
+        {
+            await SendStringAsync(
+                "The token is not valid",
+                400,
+                cancellation: ct);
+            return;
+        }
+
+        // Extract the user info (email, name, etc.).
+        var content = await response.Content.ReadAsStringAsync(ct);
+        var userInfo = JsonSerializer.Deserialize<GoogleUserInfo>(content);
+        if (userInfo is null
+            || !userInfo.VerifiedEmail
+            || string.IsNullOrEmpty(userInfo.Email))
+        {
+            await SendStringAsync(
+                "The token does not contain an email",
+                400,
+                cancellation: ct);
+            return;
+        }
+
+        // Check if user exists or create a new one
+        var user = await userManager.FindByEmailAsync(userInfo.Email);
+        
+        if (user is null)
+        {
+            var generatedPassword = PasswordGenerator.GeneratePassword(8, 10);
+            var generatedUser = new ApplicationUser
+            {
+                UserName = userInfo.Email,
+                Email = userInfo.Email,
+                Firstname = userInfo.GivenName,
+                Lastname = userInfo.FamilyName,
+                Alias = userInfo.Name,
+                PortraitUrl = userInfo.Picture,
+                GoogleId = userInfo.Id,
+            };
+            
+            var result = await userManager.CreateAsync(
+                generatedUser,
+                generatedPassword);
+            
+            if (!result.Succeeded)
+            {
+                await SendStringAsync(
+                    result.Errors.First().Description,
+                    400,
+                    cancellation: ct);
+                return;
+            }
+
+            user = generatedUser;
+        }
+
+        await signInManager.SignInAsync(user, isPersistent: false);
+
+        var accessToken = JwtTokenHelper.GenerateJwtToken(
+            expiresIn: jwtOptions.Value.Lifetime,
+            issuer: jwtOptions.Value.Issuer,
+            audience: jwtOptions.Value.Audience,
+            key: jwtOptions.Value.Key,
+            userId: user.Id.ToString(),
+            email: user.Email,
+            alias: user.Alias,
+            firstname: user.Firstname,
+            lastname: user.Lastname,
+            portraitUrl: user.PortraitUrl);
+
+        await SendOkAsync(
+            new LoginWithGoogleResponse(accessToken, string.Empty),
+            cancellation: ct);
+    }
+}