Get user id from token

miles-no · Oct 3, 2023 · 2287b02 · 2287b02
1 parent e0b6fda
commit 2287b02
Show file tree

Hide file tree

Showing 6 changed files with 47 additions and 10 deletions.
diff --git a/kabinizer-back-end/kabinizer-api/Controllers/BookingRequestController.cs b/kabinizer-back-end/kabinizer-api/Controllers/BookingRequestController.cs
@@ -1,5 +1,6 @@
 using kabinizer_api.Dtos.BookingRequest;
 using kabinizer_api.Model;
+using kabinizer_api.Services;
 using kabinizer_data;
 using kabinizer_data.Entities;
 using Microsoft.AspNetCore.Mvc;
@@ -12,16 +13,19 @@ namespace kabinizer_api.Controllers;
 public class BookingRequestController : ControllerBase
 {
     private readonly EntityContext _entityContext;
+    private readonly ITokenService _tokenService;
 
-    public BookingRequestController(EntityContext entityContext)
+    public BookingRequestController(EntityContext entityContext, ITokenService tokenService)
     {
         _entityContext = entityContext;
+        _tokenService = tokenService;
     }
 
     [HttpGet]
     public IEnumerable<BookingRequest> GetBookingRequests()
     {
-        return _entityContext.BookingRequests.Select(BookingRequest.FromEntity);
+        var currentUserId = _tokenService.GetUserId();
+        return _entityContext.BookingRequests.Where(b => b.UserId == currentUserId).Select(BookingRequest.FromModel);
     }
 
     [HttpGet]
@@ -31,16 +35,16 @@ public IEnumerable<BookingRequest> GetBookingRequestsByUserId(Guid userId)
         return _entityContext.BookingRequests
             .Where(e => e.UserId == userId)
             .ToList()
-            .Select(BookingRequest.FromEntity);
+            .Select(BookingRequest.FromModel);
     }
 
 
     [HttpPost]
     public void AddBookingRequests([Required] IEnumerable<CreateBookingRequestDto> r)
     {
-        // TODO: Use authenticated user
+        var currentUserId = _tokenService.GetUserId();
         IEnumerable<BookingRequestEntity> bookingRequestEntities =
-            r.Select(e => new BookingRequestEntity(e.UserId, e.FromDate, e.ToDate));
+            r.Select(e => new BookingRequestEntity(currentUserId, e.FromDate, e.ToDate));
 
         _entityContext.BookingRequests.AddRange(bookingRequestEntities);
         _entityContext.SaveChanges();
@@ -49,7 +53,15 @@ public void AddBookingRequests([Required] IEnumerable<CreateBookingRequestDto> r
     [HttpDelete]
     public bool DeleteBookingRequest([Required] Guid bookingRequestId)
     {
+        var currentUserId = _tokenService.GetUserId();
+
         BookingRequestEntity entityToRemove = _entityContext.BookingRequests.Single(br => br.Id == bookingRequestId);
+
+        if (entityToRemove.UserId != currentUserId)
+        {
+            throw new Exception("You cannot remove a booking request for another user");
+        }
+
         _entityContext.BookingRequests.Remove(entityToRemove);
         _entityContext.SaveChanges();
         return true;

diff --git a/kabinizer-back-end/kabinizer-api/Dtos/BookingRequest/CreateBookingRequestDto.cs b/kabinizer-back-end/kabinizer-api/Dtos/BookingRequest/CreateBookingRequestDto.cs
@@ -1,3 +1,3 @@
 namespace kabinizer_api.Dtos.BookingRequest;
 
-public record CreateBookingRequestDto(Guid UserId, DateOnly FromDate, DateOnly ToDate);
+public record CreateBookingRequestDto(DateOnly FromDate, DateOnly ToDate);
diff --git a/kabinizer-back-end/kabinizer-api/Model/BookingRequest.cs b/kabinizer-back-end/kabinizer-api/Model/BookingRequest.cs
@@ -4,7 +4,7 @@ namespace kabinizer_api.Model;
 
 public record BookingRequest(Guid Id, Guid UserId, DateOnly FromDate, DateOnly ToDate)
 {
-    public static BookingRequest FromEntity(BookingRequestEntity e)
+    public static BookingRequest FromModel(BookingRequestEntity e)
     {
         return new BookingRequest(e.Id, e.UserId, DateOnly.FromDateTime(e.FromDate), DateOnly.FromDateTime(e.ToDate));
     }

diff --git a/kabinizer-back-end/kabinizer-api/Program.cs b/kabinizer-back-end/kabinizer-api/Program.cs
@@ -1,3 +1,4 @@
+using kabinizer_api.Services;
 using kabinizer_data;
 using Microsoft.AspNetCore.Authentication.JwtBearer;
 using Microsoft.EntityFrameworkCore;
@@ -6,15 +7,16 @@
 var builder = WebApplication.CreateBuilder(args);
 
 // Add services to the container.
-
 builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
     .AddMicrosoftIdentityWebApi(builder.Configuration.GetSection("EntraID"));
 
-builder.Services.AddControllers();
-
 builder.Services.AddDbContext<EntityContext>(o =>
     o.UseSqlServer(builder.Configuration.GetConnectionString("KabinizerConnection")));
 
+builder.Services.AddScoped<ITokenService, TokenService>();
+
+builder.Services.AddControllers();
+
 builder.Services.AddEndpointsApiExplorer();
 builder.Services.AddSwaggerGen();
 

diff --git a/kabinizer-back-end/kabinizer-api/Services/ITokenService.cs b/kabinizer-back-end/kabinizer-api/Services/ITokenService.cs
@@ -0,0 +1,6 @@
+namespace kabinizer_api.Services;
+
+public interface ITokenService
+{
+    Guid GetUserId();
+}
diff --git a/kabinizer-back-end/kabinizer-api/Services/TokenService.cs b/kabinizer-back-end/kabinizer-api/Services/TokenService.cs
@@ -0,0 +1,17 @@
+namespace kabinizer_api.Services;
+
+public class TokenService : ITokenService
+{
+    private readonly IHttpContextAccessor _httpContextAccessor;
+
+    public TokenService(IHttpContextAccessor httpContextAccessor)
+    {
+        _httpContextAccessor = httpContextAccessor;
+    }
+
+    public Guid GetUserId()
+    {
+        var guid = _httpContextAccessor.HttpContext.User.Claims.First(c => c.Type == "http://schemas.microsoft.com/identity/claims/objectidentifier").Value;
+        return new Guid(guid);
+    }
+}