StopShopping/StopShopping.AdminApi/Routes/Admin.cs

using Microsoft.Extensions.Options;
using Microsoft.Net.Http.Headers;
using StopShopping.Services;
using StopShopping.Services.Extensions;
using StopShopping.Services.Models.Req;
using StopShopping.Services.Models.Resp;

namespace StopShopping.AdminApi.Routes;

public static class Admin
{
    public static RouteGroupBuilder MapAdmin(this RouteGroupBuilder routes)
    {
        routes.MapPost("/admin/signin", SignInAsync)
            .WithTags(OpenApiTags.管理员.ToString());

        routes.MapPost("/admin/refreshtoken", RefreshTokenAsync)
            .Produces<ApiResponse<AccessToken>>()
            .WithTags(OpenApiTags.管理员.ToString());

        routes.MapPost("/admin/signout", SignOutAsync)
            .WithTags(OpenApiTags.管理员.ToString());

        return routes;
    }

    private static async Task<ApiResponse<SignInAdmin>> SignInAsync(
            SignInParams model,
            IUserService userService,
            HttpContext httpContext,
            IWebHostEnvironment env,
            IOptions<AppOptions> options)
    {
        var result = await userService.SignInAdminAsync(model);
        var resp = new ApiResponse<SignInAdmin>
        {
            IsSucced = result.IsSucced,
            Data = result.User,
            Message = result.Message
        };
        if (result.IsSucced)
        {
            httpContext.Response.Cookies.AppendRefreshToken(
                env,
                options.Value,
                TimeSpan.FromSeconds(result.RefreshToken!.ExpiresIn),
                result.RefreshToken.Token!
            );
        }
        return resp;
    }

    private static async Task<IResult> RefreshTokenAsync(
        HttpContext httpContext,
        IAccessTokenService accessTokenService)
    {
        var refreshToken = httpContext.Request.Cookies[HttpExtensions.REFRESH_TOKEN_COOKIE_KEY];
        if (string.IsNullOrWhiteSpace(refreshToken))
            return Results.Unauthorized();

        var accessToken = await accessTokenService.GenerateAccessTokenAsync(refreshToken);
        if (null == accessToken)
            return Results.Unauthorized();

        return Results.Ok(new ApiResponse<AccessToken>(accessToken));
    }

    public static async Task<ApiResponse> SignOutAsync(
            HttpContext httpContext,
            IAccessTokenService accessTokenService)
    {
        var accessTokenHeader = httpContext.Request.Headers[HeaderNames.Authorization];
        if (accessTokenHeader.Count != 0)
        {
            var accessToken = accessTokenHeader.First()!.Split(" ").Last();
            if (!string.IsNullOrWhiteSpace(accessToken))
                await accessTokenService.AddAccessTokenBlacklistAsync(accessToken);
        }

        var refreshToken = httpContext.Request.Cookies[HttpExtensions.REFRESH_TOKEN_COOKIE_KEY];
        if (!string.IsNullOrWhiteSpace(refreshToken))
        {
            await accessTokenService.RevokeRefreshTokenAsync(refreshToken);
            httpContext.Response.Cookies.Delete(HttpExtensions.REFRESH_TOKEN_COOKIE_KEY);
        }

        return ApiResponse.Succed();
    }
}