Initial

2025-08-22 11:55:35 +01:00
commit b21d2a685e
312 changed files with 31174 additions and 0 deletions
--- a/MareSynchronosServer/MareSynchronosShared/RequirementHandlers/UserRequirement.cs
+++ b/MareSynchronosServer/MareSynchronosShared/RequirementHandlers/UserRequirement.cs
@@ -0,0 +1,13 @@
+using Microsoft.AspNetCore.Authorization;
+
+namespace MareSynchronosShared.RequirementHandlers;
+
+public class UserRequirement : IAuthorizationRequirement
+{
+    public UserRequirement(UserRequirements requirements)
+    {
+        Requirements = requirements;
+    }
+
+    public UserRequirements Requirements { get; }
+}
--- a/MareSynchronosServer/MareSynchronosShared/RequirementHandlers/UserRequirementHandler.cs
+++ b/MareSynchronosServer/MareSynchronosShared/RequirementHandlers/UserRequirementHandler.cs
@@ -0,0 +1,55 @@
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.SignalR;
+using MareSynchronosShared.Data;
+using Microsoft.EntityFrameworkCore;
+using MareSynchronosShared.Utils;
+using StackExchange.Redis;
+using StackExchange.Redis.Extensions.Core.Abstractions;
+using Microsoft.Extensions.Logging;
+
+namespace MareSynchronosShared.RequirementHandlers;
+
+public class UserRequirementHandler : AuthorizationHandler<UserRequirement, HubInvocationContext>
+{
+    private readonly IDbContextFactory<MareDbContext> _dbContextFactory;
+    private readonly ILogger<UserRequirementHandler> _logger;
+    private readonly IRedisDatabase _redis;
+
+    public UserRequirementHandler(IDbContextFactory<MareDbContext> dbContextFactory, ILogger<UserRequirementHandler> logger, IRedisDatabase redisDb)
+    {
+        _dbContextFactory = dbContextFactory;
+        _logger = logger;
+        _redis = redisDb;
+    }
+
+    protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, UserRequirement requirement, HubInvocationContext resource)
+    {
+        var uid = context.User.Claims.SingleOrDefault(g => string.Equals(g.Type, MareClaimTypes.Uid, StringComparison.Ordinal))?.Value;
+
+        if (uid == null) context.Fail();
+
+        if ((requirement.Requirements & UserRequirements.Identified) is UserRequirements.Identified)
+        {
+            var ident = await _redis.GetAsync<string>("UID:" + uid).ConfigureAwait(false);
+            if (ident == RedisValue.EmptyString) context.Fail();
+        }
+
+        if ((requirement.Requirements & UserRequirements.Administrator) is UserRequirements.Administrator)
+        {
+            using var dbContext = await _dbContextFactory.CreateDbContextAsync().ConfigureAwait(false);
+            var user = await dbContext.Users.AsNoTracking().SingleOrDefaultAsync(b => b.UID == uid).ConfigureAwait(false);
+            if (user == null || !user.IsAdmin) context.Fail();
+            _logger.LogInformation("Admin {uid} authenticated", uid);
+        }
+
+        if ((requirement.Requirements & UserRequirements.Moderator) is UserRequirements.Moderator)
+        {
+            using var dbContext = await _dbContextFactory.CreateDbContextAsync().ConfigureAwait(false);
+            var user = await dbContext.Users.AsNoTracking().SingleOrDefaultAsync(b => b.UID == uid).ConfigureAwait(false);
+            if (user == null || !user.IsAdmin && !user.IsModerator) context.Fail();
+            _logger.LogInformation("Admin/Moderator {uid} authenticated", uid);
+        }
+
+        context.Succeed(requirement);
+    }
+}
--- a/MareSynchronosServer/MareSynchronosShared/RequirementHandlers/UserRequirements.cs
+++ b/MareSynchronosServer/MareSynchronosShared/RequirementHandlers/UserRequirements.cs
@@ -0,0 +1,8 @@
+namespace MareSynchronosShared.RequirementHandlers;
+
+public enum UserRequirements
+{
+    Identified = 0b00000001,
+    Moderator = 0b00000010,
+    Administrator = 0b00000100,
+}