Add ability to approve an IP address

2025-08-09 05:18:47 +00:00 · 2021-12-13 15:59:33 -05:00 · 2021-12-13 15:59:33 -05:00 · 4a7a713cf9
commit 4a7a713cf9
parent d609291d8f
8 changed files with 230 additions and 14 deletions
--- a/ProjectLighthouse/Controllers/Website/ExternalAuth/AutoApprovalController.cs
+++ b/ProjectLighthouse/Controllers/Website/ExternalAuth/AutoApprovalController.cs
@ -0,0 +1,67 @@
+#nullable enable
+using System.Threading.Tasks;
+using LBPUnion.ProjectLighthouse.Types;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.EntityFrameworkCore;
+
+namespace LBPUnion.ProjectLighthouse.Controllers.Website.ExternalAuth
+{
+    [ApiController]
+    [Route("/authentication")]
+    public class AutoApprovalController : ControllerBase
+    {
+        private readonly Database database;
+
+        public AutoApprovalController(Database database)
+        {
+            this.database = database;
+        }
+
+        [HttpGet("autoApprove/{id:int}")]
+        public async Task<IActionResult> AutoApprove([FromRoute] int id)
+        {
+            User? user = this.database.UserFromWebRequest(this.Request);
+            if (user == null) return this.Redirect("/login");
+
+            AuthenticationAttempt? authAttempt = await this.database.AuthenticationAttempts.Include
+                    (a => a.GameToken)
+                .FirstOrDefaultAsync(a => a.AuthenticationAttemptId == id);
+
+            if (authAttempt == null) return this.BadRequest();
+            if (authAttempt.GameToken.UserId != user.UserId) return this.Redirect("/login");
+
+            authAttempt.GameToken.Approved = true;
+
+            UserApprovedIpAddress approvedIpAddress = new()
+            {
+                UserId = user.UserId,
+                User = user,
+                IpAddress = authAttempt.IPAddress,
+            };
+
+            this.database.UserApprovedIpAddresses.Add(approvedIpAddress);
+            this.database.AuthenticationAttempts.Remove(authAttempt);
+
+            await this.database.SaveChangesAsync();
+
+            return this.Redirect("/authentication");
+        }
+
+        [HttpGet("revokeAutoApproval/{id:int}")]
+        public async Task<IActionResult> RevokeAutoApproval([FromRoute] int id)
+        {
+            User? user = this.database.UserFromWebRequest(this.Request);
+            if (user == null) return this.Redirect("/login");
+
+            UserApprovedIpAddress? approvedIpAddress = await this.database.UserApprovedIpAddresses.FirstOrDefaultAsync(a => a.UserApprovedIpAddressId == id);
+            if (approvedIpAddress == null) return this.BadRequest();
+            if (approvedIpAddress.UserId != user.UserId) return this.Redirect("/login");
+
+            this.database.UserApprovedIpAddresses.Remove(approvedIpAddress);
+
+            await this.database.SaveChangesAsync();
+
+            return this.Redirect("/authentication/autoApprovals");
+        }
+    }
+}
--- a/ProjectLighthouse/Database.cs
+++ b/ProjectLighthouse/Database.cs
@ -34,6 +34,7 @@ namespace LBPUnion.ProjectLighthouse
        public DbSet<AuthenticationAttempt> AuthenticationAttempts { get; set; }
        public DbSet<Review> Reviews { get; set; }
        public DbSet<RatedReview> RatedReviews { get; set; }
+        public DbSet<UserApprovedIpAddress> UserApprovedIpAddresses { get; set; }

        protected override void OnConfiguring(DbContextOptionsBuilder options)
            => options.UseMySql(ServerSettings.Instance.DbConnectionString, MySqlServerVersion.LatestSupportedServerVersion);
@ -66,7 +67,6 @@ namespace LBPUnion.ProjectLighthouse
        #nullable enable
        public async Task<GameToken?> AuthenticateUser(LoginData loginData, string userLocation, string titleId = "")
        {
-            // TODO: don't use psn name to authenticate
            User? user = await this.Users.FirstOrDefaultAsync(u => u.Username == loginData.Username);
            if (user == null) return null;

--- a/ProjectLighthouse/Migrations/20211213195540_AddUserApprovedIpAddresses.cs
+++ b/ProjectLighthouse/Migrations/20211213195540_AddUserApprovedIpAddresses.cs
@ -0,0 +1,50 @@
+using LBPUnion.ProjectLighthouse;
+using Microsoft.EntityFrameworkCore.Infrastructure;
+using Microsoft.EntityFrameworkCore.Metadata;
+using Microsoft.EntityFrameworkCore.Migrations;
+
+#nullable disable
+
+namespace ProjectLighthouse.Migrations
+{
+    [DbContext(typeof(Database))]
+    [Migration("20211213195540_AddUserApprovedIpAddresses")]
+    public partial class AddUserApprovedIpAddresses : Migration
+    {
+        protected override void Up(MigrationBuilder migrationBuilder)
+        {
+            migrationBuilder.CreateTable(
+                name: "UserApprovedIpAddresses",
+                columns: table => new
+                {
+                    UserApprovedIpAddressId = table.Column<int>(type: "int", nullable: false)
+                        .Annotation("MySql:ValueGenerationStrategy", MySqlValueGenerationStrategy.IdentityColumn),
+                    UserId = table.Column<int>(type: "int", nullable: false),
+                    IpAddress = table.Column<string>(type: "longtext", nullable: true)
+                        .Annotation("MySql:CharSet", "utf8mb4")
+                },
+                constraints: table =>
+                {
+                    table.PrimaryKey("PK_UserApprovedIpAddresses", x => x.UserApprovedIpAddressId);
+                    table.ForeignKey(
+                        name: "FK_UserApprovedIpAddresses_Users_UserId",
+                        column: x => x.UserId,
+                        principalTable: "Users",
+                        principalColumn: "UserId",
+                        onDelete: ReferentialAction.Cascade);
+                })
+                .Annotation("MySql:CharSet", "utf8mb4");
+
+            migrationBuilder.CreateIndex(
+                name: "IX_UserApprovedIpAddresses_UserId",
+                table: "UserApprovedIpAddresses",
+                column: "UserId");
+        }
+
+        protected override void Down(MigrationBuilder migrationBuilder)
+        {
+            migrationBuilder.DropTable(
+                name: "UserApprovedIpAddresses");
+        }
+    }
+}
--- a/ProjectLighthouse/Migrations/DatabaseModelSnapshot.cs
+++ b/ProjectLighthouse/Migrations/DatabaseModelSnapshot.cs
@ -587,6 +587,25 @@ namespace ProjectLighthouse.Migrations
                    b.ToTable("Users");
                });

+            modelBuilder.Entity("LBPUnion.ProjectLighthouse.Types.UserApprovedIpAddress", b =>
+                {
+                    b.Property<int>("UserApprovedIpAddressId")
+                        .ValueGeneratedOnAdd()
+                        .HasColumnType("int");
+
+                    b.Property<string>("IpAddress")
+                        .HasColumnType("longtext");
+
+                    b.Property<int>("UserId")
+                        .HasColumnType("int");
+
+                    b.HasKey("UserApprovedIpAddressId");
+
+                    b.HasIndex("UserId");
+
+                    b.ToTable("UserApprovedIpAddresses");
+                });
+
            modelBuilder.Entity("LBPUnion.ProjectLighthouse.Types.WebToken", b =>
                {
                    b.Property<int>("TokenId")
@ -829,6 +848,17 @@ namespace ProjectLighthouse.Migrations

                    b.Navigation("Location");
                });
+
+            modelBuilder.Entity("LBPUnion.ProjectLighthouse.Types.UserApprovedIpAddress", b =>
+                {
+                    b.HasOne("LBPUnion.ProjectLighthouse.Types.User", "User")
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade)
+                        .IsRequired();
+
+                    b.Navigation("User");
+                });
 #pragma warning restore 612, 618
        }
    }
--- a/ProjectLighthouse/Pages/ExternalAuth/AuthenticationPage.cshtml
+++ b/ProjectLighthouse/Pages/ExternalAuth/AuthenticationPage.cshtml
@ -18,20 +18,20 @@ else
    {
        <p>This device's IP address is <b>@(Model.IpAddress.ToString())</b>. If this matches with an authentication attempt below, then it's safe to assume the authentication attempt came from the same network as this device.</p>
    }
+}

-    <a href="/authentication/autoApprovals">
+<a href="/authentication/autoApprovals">
    <button class="ui small blue button">
        <i class="cog icon"></i>
        <span>Manage automatically approved IP addresses</span>
    </button>
-    </a>
-    <a href="/authentication/denyAll">
+</a>
+<a href="/authentication/denyAll">
    <button class="ui small red button">
        <i class="x icon"></i>
        <span>Deny all</span>
    </button>
-    </a>
-}
+</a>

@foreach (AuthenticationAttempt authAttempt in Model.AuthenticationAttempts)
 {
--- a/ProjectLighthouse/Pages/ExternalAuth/ManageUserApprovedIpAddressesPage.cshtml
+++ b/ProjectLighthouse/Pages/ExternalAuth/ManageUserApprovedIpAddressesPage.cshtml
@ -0,0 +1,22 @@
+@page "/authentication/autoApprovals"
+@using LBPUnion.ProjectLighthouse.Types
+@model LBPUnion.ProjectLighthouse.Pages.ExternalAuth.ManageUserApprovedIpAddressesPage
+
+@{
+    Layout = "Layouts/BaseLayout";
+    Model.Title = "Automatically approved IP addresses";
+}
+
+
+@foreach (UserApprovedIpAddress approvedIpAddress in Model.ApprovedIpAddresses)
+{
+    <div class="ui blue segment">
+        <p>@approvedIpAddress.IpAddress</p>
+        <a href="/authentication/revokeAutoApproval/@approvedIpAddress.UserApprovedIpAddressId">
+            <button class="ui red button">
+                <i class="trash icon"></i>
+                <span>Revoke</span>
+            </button>
+        </a>
+    </div>
+}
--- a/ProjectLighthouse/Pages/ExternalAuth/ManageUserApprovedIpAddressesPage.cshtml.cs
+++ b/ProjectLighthouse/Pages/ExternalAuth/ManageUserApprovedIpAddressesPage.cshtml.cs
@ -0,0 +1,29 @@
+#nullable enable
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+using LBPUnion.ProjectLighthouse.Pages.Layouts;
+using LBPUnion.ProjectLighthouse.Types;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.EntityFrameworkCore;
+
+namespace LBPUnion.ProjectLighthouse.Pages.ExternalAuth
+{
+    public class ManageUserApprovedIpAddressesPage : BaseLayout
+    {
+        public ManageUserApprovedIpAddressesPage(Database database) : base(database)
+        {}
+
+        public List<UserApprovedIpAddress> ApprovedIpAddresses;
+
+        public async Task<IActionResult> OnGet()
+        {
+            User? user = this.Database.UserFromWebRequest(this.Request);
+            if (user == null) return this.Redirect("/login");
+
+            this.ApprovedIpAddresses = await this.Database.UserApprovedIpAddresses.Where(a => a.UserId == user.UserId).ToListAsync();
+
+            return this.Page();
+        }
+    }
+}
--- a/ProjectLighthouse/Types/UserApprovedIpAddress.cs
+++ b/ProjectLighthouse/Types/UserApprovedIpAddress.cs
@ -0,0 +1,18 @@
+using System.ComponentModel.DataAnnotations;
+using System.ComponentModel.DataAnnotations.Schema;
+
+namespace LBPUnion.ProjectLighthouse.Types
+{
+    public class UserApprovedIpAddress
+    {
+        [Key]
+        public int UserApprovedIpAddressId { get; set; }
+
+        public int UserId { get; set; }
+
+        [ForeignKey(nameof(UserId))]
+        public User User { get; set; }
+
+        public string IpAddress { get; set; }
+    }
+}