✨

StopShopping.Api/Routes/Common.cs

@@ -0,0 +1,87 @@
+using Microsoft.AspNetCore.Antiforgery;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.Net.Http.Headers;
+using StopShopping.Services;
+using StopShopping.Services.Models.Req;
+using StopShopping.Services.Models.Resp;
+
+namespace StopShopping.Api.Routes;
+
+public static class Common
+{
+    public static RouteGroupBuilder MapCommon(this RouteGroupBuilder routes)
+    {
+        routes.MapPost("/common/upload", UploadAsync)
+            .WithTags(OpenApiTags.公用.ToString());
+
+        routes.MapPost("/common/refreshtoken", RefreshTokenAsync)
+            .AllowAnonymous()
+            .Produces<ApiResponse<AccessToken>>()
+            .WithTags(OpenApiTags.公用.ToString());
+
+        routes.MapPost("/common/signout", SignOutAsync)
+            .AllowAnonymous().WithTags(OpenApiTags.公用.ToString());
+
+        routes.MapPost("/common/antiforgery-token", AntiForgeryToken)
+            .WithTags(OpenApiTags.公用.ToString());
+
+        return routes;
+    }
+
+    private static async Task<ApiResponse<FileUpload>> UploadAsync(
+            [FromForm] UploadParams payload,
+            IFileService fileService,
+            HttpContext httpContext)
+    {
+        return await fileService.UploadFileAsync(payload);
+    }
+
+    private static ApiResponse<AntiForgeryToken> AntiForgeryToken(
+            HttpContext httpContext,
+            IAntiforgery antiforgery)
+    {
+        var antiforgeryToken = antiforgery.GetAndStoreTokens(httpContext);
+
+        return new ApiResponse<AntiForgeryToken>(new AntiForgeryToken
+        {
+            Token = antiforgeryToken.RequestToken,
+            HeaderName = antiforgeryToken.HeaderName
+        });
+    }
+    private static async Task<IResult> RefreshTokenAsync(
+        HttpContext httpContext,
+        IAccessTokenService accessTokenService)
+    {
+        var refreshToken = httpContext.Request.Cookies[HttpExtensions.REFRESH_TOKEN_COOKIE_KEY];
+        if (string.IsNullOrWhiteSpace(refreshToken))
+            return Results.Unauthorized();
+
+        var accessToken = await accessTokenService.GenerateAccessTokenAsync(refreshToken);
+        if (null == accessToken)
+            return Results.Unauthorized();
+
+        return Results.Ok(new ApiResponse<AccessToken>(accessToken));
+    }
+
+    public static async Task<ApiResponse> SignOutAsync(
+            HttpContext httpContext,
+            IAccessTokenService accessTokenService)
+    {
+        var accessTokenHeader = httpContext.Request.Headers[HeaderNames.Authorization];
+        if (accessTokenHeader.Count != 0)
+        {
+            var accessToken = accessTokenHeader.First()!.Split(" ").Last();
+            if (!string.IsNullOrWhiteSpace(accessToken))
+                await accessTokenService.AddAccessTokenBlacklistAsync(accessToken);
+        }
+
+        var refreshToken = httpContext.Request.Cookies[HttpExtensions.REFRESH_TOKEN_COOKIE_KEY];
+        if (!string.IsNullOrWhiteSpace(refreshToken))
+        {
+            await accessTokenService.RevokeRefreshTokenAsync(refreshToken);
+            httpContext.Response.Cookies.Delete(HttpExtensions.REFRESH_TOKEN_COOKIE_KEY);
+        }
+
+        return ApiResponse.Succed();
+    }
+}