mirror of
https://github.com/aaronpo97/the-biergarten-app.git
synced 2026-07-16 17:47:22 +00:00
code style cleanup
This commit is contained in:
@@ -1,3 +1,4 @@
|
||||
using Domain.Entities;
|
||||
using Domain.Exceptions;
|
||||
using Features.Auth.Dtos;
|
||||
using Features.Auth.Repository;
|
||||
@@ -8,10 +9,13 @@ using MediatR;
|
||||
namespace Features.Auth.Queries.Login;
|
||||
|
||||
/// <summary>
|
||||
/// Handles <see cref="LoginQuery"/> by verifying credentials and issuing access/refresh tokens.
|
||||
/// Handles <see cref="LoginQuery" /> by verifying credentials and issuing access/refresh tokens.
|
||||
/// </summary>
|
||||
/// <param name="authRepo">Repository used to look up the user account and its active credential.</param>
|
||||
/// <param name="passwordInfrastructure">Infrastructure component used to verify a plain-text password against a stored hash.</param>
|
||||
/// <param name="passwordInfrastructure">
|
||||
/// Infrastructure component used to verify a plain-text password against a stored
|
||||
/// hash.
|
||||
/// </param>
|
||||
/// <param name="tokenService">Service used to generate access and refresh tokens for the authenticated user.</param>
|
||||
public class LoginHandler(
|
||||
IAuthRepository authRepo,
|
||||
@@ -20,26 +24,26 @@ public class LoginHandler(
|
||||
) : IRequestHandler<LoginQuery, LoginPayload>
|
||||
{
|
||||
/// <exception cref="UnauthorizedException">
|
||||
/// Thrown when the username does not match any account, the account has no active credential,
|
||||
/// or the supplied password does not match the stored hash.
|
||||
/// Thrown when the username does not match any account, the account has no active credential,
|
||||
/// or the supplied password does not match the stored hash.
|
||||
/// </exception>
|
||||
public async Task<LoginPayload> Handle(LoginQuery request, CancellationToken cancellationToken)
|
||||
{
|
||||
var user =
|
||||
UserAccount user =
|
||||
await authRepo.GetUserByUsernameAsync(request.Username)
|
||||
?? throw new UnauthorizedException("Invalid username or password.");
|
||||
|
||||
// @todo handle expired passwords
|
||||
var activeCred =
|
||||
UserCredential activeCred =
|
||||
await authRepo.GetActiveCredentialByUserAccountIdAsync(user.UserAccountId)
|
||||
?? throw new UnauthorizedException("Invalid username or password.");
|
||||
|
||||
if (!passwordInfrastructure.Verify(request.Password, activeCred.Hash))
|
||||
throw new UnauthorizedException("Invalid username or password.");
|
||||
|
||||
var accessToken = tokenService.GenerateAccessToken(user);
|
||||
var refreshToken = tokenService.GenerateRefreshToken(user);
|
||||
string accessToken = tokenService.GenerateAccessToken(user);
|
||||
string refreshToken = tokenService.GenerateRefreshToken(user);
|
||||
|
||||
return new LoginPayload(user.UserAccountId, user.Username, refreshToken, accessToken);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -4,7 +4,7 @@ using MediatR;
|
||||
namespace Features.Auth.Queries.Login;
|
||||
|
||||
/// <summary>
|
||||
/// Authenticates a user using their username and password and issues new tokens. Bound directly
|
||||
/// from the request body of <c>POST /api/auth/login</c>.
|
||||
/// Authenticates a user using their username and password and issues new tokens. Bound directly
|
||||
/// from the request body of <c>POST /api/auth/login</c>.
|
||||
/// </summary>
|
||||
public record LoginQuery(string Username, string Password) : IRequest<LoginPayload>;
|
||||
public record LoginQuery(string Username, string Password) : IRequest<LoginPayload>;
|
||||
@@ -3,13 +3,13 @@ using FluentValidation;
|
||||
namespace Features.Auth.Queries.Login;
|
||||
|
||||
/// <summary>
|
||||
/// Validates <see cref="LoginQuery"/> instances before they are processed.
|
||||
/// Validates <see cref="LoginQuery" /> instances before they are processed.
|
||||
/// </summary>
|
||||
public class LoginValidator : AbstractValidator<LoginQuery>
|
||||
{
|
||||
/// <summary>
|
||||
/// Configures validation rules requiring both <see cref="LoginQuery.Username"/> and
|
||||
/// <see cref="LoginQuery.Password"/> to be non-empty.
|
||||
/// Configures validation rules requiring both <see cref="LoginQuery.Username" /> and
|
||||
/// <see cref="LoginQuery.Password" /> to be non-empty.
|
||||
/// </summary>
|
||||
public LoginValidator()
|
||||
{
|
||||
@@ -17,4 +17,4 @@ public class LoginValidator : AbstractValidator<LoginQuery>
|
||||
|
||||
RuleFor(x => x.Password).NotEmpty().WithMessage("Password is required");
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user