Added user invite system (#351)

* Added user invite system * Added user invite system * Revert recent migrations and try again * stopped implicitly assigning token variables * Added correct context to migrations * Apply suggestions from code review Some grammar changes, etc. Co-authored-by: Jayden <jvyden@jvyden.xyz> * Updated the API key page * Removed enabled field from APIKey * Removed reference to APIKey.Enabled * Add creation guide text * Fix this.Forbid() usage Causes an exception on my machine for some reason, always has. * Fix more forbid usages * Return 404 if trying to generate token when private registration is disabled * Capture authentication schema more cleanly Co-authored-by: Jayden <jvyden@jvyden.xyz>
2025-09-11 03:56:39 +00:00 · 2022-07-24 03:43:00 +01:00 · 2022-07-24 03:43:00 +01:00 · ce0fe9edee
commit ce0fe9edee
parent c231af0936
15 changed files with 408 additions and 19 deletions
--- a/ProjectLighthouse.Servers.Website/Pages/Admin/AdminAPIKeyPage.cshtml
+++ b/ProjectLighthouse.Servers.Website/Pages/Admin/AdminAPIKeyPage.cshtml
@ -0,0 +1,56 @@
+@page "/admin/keys"
+
+@using LBPUnion.ProjectLighthouse.PlayerData
+@model LBPUnion.ProjectLighthouse.Servers.Website.Pages.Admin.AdminAPIKeyPageModel
+@{
+    Layout = "Layouts/BaseLayout";
+    Model.Title = "API Keys";
+}
+
+@inject Microsoft.AspNetCore.Antiforgery.IAntiforgery Antiforgery
+@{
+    var token = Antiforgery.GetAndStoreTokens(HttpContext).RequestToken;
+}
+
+<script>function deleteKey(keyID) {
+        document.getElementById("trashbutton-".concat(keyID)).classList.add('loading');
+        fetch("@Url.RouteUrl(ViewContext.RouteData.Values)", {
+            method: 'post',
+            headers: {
+                "Content-type": "application/x-www-form-urlencoded; charset=UTF-8"
+            },
+            credentials: 'same-origin',
+            body: 'keyID='.concat(keyID).concat("&__RequestVerificationToken=@token")
+        })
+            .then(function (data) {
+                document.getElementById("keyitem-".concat(keyID)).remove();
+                window.location.reload(true);
+            })
+            .catch(function (error) {
+                console.log('Request failed', error);
+            });
+
+    }</script>
+
+<p>There are <b>@Model.KeyCount</b> API keys registered.</p>
+@if (Model.KeyCount == 0)
+{
+    <p>To create one, you can use the "Create API key" command in the admin panel.</p>
+}
+
+<div class="ui four column grid">
+    @foreach (APIKey key in Model.APIKeys)
+    {
+        <div id="keyitem-@key.Id" class="five wide column">
+            <div class="ui blue segment">
+                <div class="ui tiny bottom left attached label">
+                    Created at: @key.Created.ToString()
+                </div>
+                <button id="trashbutton-@key.Id" class="right floated circular ui icon button" onclick="deleteKey(@key.Id);">
+                    <i class="trash can icon"></i>
+                </button>
+                <h2>@key.Description</h2>
+            </div>
+        </div>
+    }
+</div>
--- a/ProjectLighthouse.Servers.Website/Pages/Admin/AdminAPIKeyPage.cshtml.cs
+++ b/ProjectLighthouse.Servers.Website/Pages/Admin/AdminAPIKeyPage.cshtml.cs
@ -0,0 +1,43 @@
+using LBPUnion.ProjectLighthouse.Servers.Website.Pages.Layouts;
+using LBPUnion.ProjectLighthouse.PlayerData;
+using LBPUnion.ProjectLighthouse.PlayerData.Profiles;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.EntityFrameworkCore;
+
+namespace LBPUnion.ProjectLighthouse.Servers.Website.Pages.Admin
+{
+    public class AdminAPIKeyPageModel : BaseLayout
+    {
+        public List<APIKey> APIKeys = new();
+        public int KeyCount;
+
+        public AdminAPIKeyPageModel(Database database) : base(database)
+        { }
+
+        public async Task<IActionResult> OnGet()
+        {
+            User? user = this.Database.UserFromWebRequest(this.Request);
+            if (user == null) return this.Redirect("~/login");
+            if (!user.IsAdmin) return this.NotFound();
+
+            this.APIKeys = await this.Database.APIKeys.OrderByDescending(k => k.Id).ToListAsync();
+            this.KeyCount = this.APIKeys.Count;
+
+            return this.Page();
+        }
+
+        public async Task<IActionResult> OnPost(string keyID)
+        {
+            User? user = this.Database.UserFromWebRequest(this.Request);
+            if (user == null || !user.IsAdmin) return this.NotFound();
+
+            APIKey? apiKey = await this.Database.APIKeys.FirstOrDefaultAsync(k => k.Id == int.Parse(keyID));
+            if (apiKey == null) return this.NotFound();
+            this.Database.APIKeys.Remove(apiKey);
+            await this.Database.SaveChangesAsync();
+
+            return this.Page();
+        }
+
+    }
+}
--- a/ProjectLighthouse.Servers.Website/Pages/Admin/AdminPanelPage.cshtml.cs
+++ b/ProjectLighthouse.Servers.Website/Pages/Admin/AdminPanelPage.cshtml.cs
@ -15,7 +15,7 @@ public class AdminPanelPage : BaseLayout
 {
    public List<ICommand> Commands = MaintenanceHelper.Commands;
    public AdminPanelPage(Database database) : base(database)
-    {}
+    { }

    public List<AdminPanelStatistic> Statistics = new();

@ -31,6 +31,7 @@ public class AdminPanelPage : BaseLayout
        this.Statistics.Add(new AdminPanelStatistic("Slots", await StatisticsHelper.SlotCount()));
        this.Statistics.Add(new AdminPanelStatistic("Photos", await StatisticsHelper.PhotoCount()));
        this.Statistics.Add(new AdminPanelStatistic("Reports", await StatisticsHelper.ReportCount(), "reports/0"));
+        this.Statistics.Add(new AdminPanelStatistic("API Keys", await StatisticsHelper.APIKeyCount(), "keys"));

        if (!string.IsNullOrEmpty(command))
        {