From d33670060bc7741231ba431f7b4326c56ad1527b Mon Sep 17 00:00:00 2001
From: jvyden <jvyden@jvyden.xyz>
Date: Sun, 21 Nov 2021 20:41:30 -0500
Subject: [PATCH] Add ability to approve & deny authentication attempts

---
 .../ExternalAuth/AuthenticationController.cs  | 62 +++++++++++++++++++
 .../ExternalAuth/AuthenticationPage.cshtml    |  4 +-
 .../Pages/Layouts/BaseLayout.cshtml           |  2 +-
 ProjectLighthouse/StaticFiles/css/styles.css  |  8 ---
 4 files changed, 65 insertions(+), 11 deletions(-)
 create mode 100644 ProjectLighthouse/Controllers/ExternalAuth/AuthenticationController.cs

diff --git a/ProjectLighthouse/Controllers/ExternalAuth/AuthenticationController.cs b/ProjectLighthouse/Controllers/ExternalAuth/AuthenticationController.cs
new file mode 100644
index 00000000..b1c5dd53
--- /dev/null
+++ b/ProjectLighthouse/Controllers/ExternalAuth/AuthenticationController.cs
@@ -0,0 +1,62 @@
+#nullable enable
+using System.Threading.Tasks;
+using LBPUnion.ProjectLighthouse.Types;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.EntityFrameworkCore;
+
+namespace LBPUnion.ProjectLighthouse.Controllers.ExternalAuth
+{
+    [ApiController]
+    [Route("/authentication")]
+    public class AuthenticationController : ControllerBase
+    {
+        private readonly Database database;
+
+        public AuthenticationController(Database database)
+        {
+            this.database = database;
+        }
+
+        [HttpGet("approve/{id:int}")]
+        public async Task<IActionResult> Approve(int id)
+        {
+            User? user = this.database.UserFromWebRequest(this.Request);
+            if (user == null) return this.Redirect("/login");
+
+            AuthenticationAttempt? authAttempt = await this.database.AuthenticationAttempts.Include
+                    (a => a.GameToken)
+                .FirstOrDefaultAsync(a => a.AuthenticationAttemptId == id);
+            if (authAttempt == null) return this.NotFound();
+
+            if (authAttempt.GameToken.UserId != user.UserId) return this.StatusCode(403, "");
+
+            authAttempt.GameToken.Approved = true;
+            this.database.AuthenticationAttempts.Remove(authAttempt);
+
+            await this.database.SaveChangesAsync();
+
+            return this.Redirect("~/authentication");
+        }
+
+        [HttpGet("deny/{id:int}")]
+        public async Task<IActionResult> Deny(int id)
+        {
+            User? user = this.database.UserFromWebRequest(this.Request);
+            if (user == null) return this.Redirect("/login");
+
+            AuthenticationAttempt? authAttempt = await this.database.AuthenticationAttempts.Include
+                    (a => a.GameToken)
+                .FirstOrDefaultAsync(a => a.AuthenticationAttemptId == id);
+            if (authAttempt == null) return this.NotFound();
+
+            if (authAttempt.GameToken.UserId != user.UserId) return this.StatusCode(403, "");
+
+            this.database.GameTokens.Remove(authAttempt.GameToken);
+            this.database.AuthenticationAttempts.Remove(authAttempt);
+
+            await this.database.SaveChangesAsync();
+
+            return this.Redirect("~/authentication");
+        }
+    }
+}
\ No newline at end of file
diff --git a/ProjectLighthouse/Pages/ExternalAuth/AuthenticationPage.cshtml b/ProjectLighthouse/Pages/ExternalAuth/AuthenticationPage.cshtml
index 189e664a..9c80b815 100644
--- a/ProjectLighthouse/Pages/ExternalAuth/AuthenticationPage.cshtml
+++ b/ProjectLighthouse/Pages/ExternalAuth/AuthenticationPage.cshtml
@@ -22,10 +22,10 @@ else
     <div class="ui red segment">
         <p>A <b>@authAttempt.Platform</b> authentication request was logged at <b>@timestamp.ToString("MM/dd/yyyy @ h:mm tt") UTC</b> from the IP address <b>@authAttempt.IPAddress</b>.</p>
         <div>
-            <a href="/authentication/approve/@authAttempt.GameTokenId">
+            <a href="/authentication/approve/@authAttempt.AuthenticationAttemptId">
                 <button class="ui tiny green button">Approve</button>
             </a>
-            <a href="/authentication/deny/@authAttempt.GameTokenId">
+            <a href="/authentication/deny/@authAttempt.AuthenticationAttemptId">
                 <button class="ui tiny red button">Deny</button>
             </a>
         </div>
diff --git a/ProjectLighthouse/Pages/Layouts/BaseLayout.cshtml b/ProjectLighthouse/Pages/Layouts/BaseLayout.cshtml
index 363ef3f5..04df071d 100644
--- a/ProjectLighthouse/Pages/Layouts/BaseLayout.cshtml
+++ b/ProjectLighthouse/Pages/Layouts/BaseLayout.cshtml
@@ -23,7 +23,7 @@
     <link rel="stylesheet" type="text/css" href="~/css/styles.css">
     <link rel="stylesheet" type="text/css" href="https://cdn.jsdelivr.net/npm/fomantic-ui@2.8.8/dist/semantic.min.css">
 </head>
-<header>
+<header class="lighthouse-header">
     <div class="ui attached menu">
         <div class="ui container">
             @foreach (PageNavigationItem navigationItem in Model!.NavigationItems)
diff --git a/ProjectLighthouse/StaticFiles/css/styles.css b/ProjectLighthouse/StaticFiles/css/styles.css
index 2f0cbdc2..2b1738bf 100644
--- a/ProjectLighthouse/StaticFiles/css/styles.css
+++ b/ProjectLighthouse/StaticFiles/css/styles.css
@@ -3,11 +3,3 @@ footer.lighthouse-footer {
     bottom: 0;
     position: fixed;
 }
-
-div.authentication-attempt {
-    background-color: lightgray;
-    display: flex;
-    flex-direction: column;
-    vertical-align: center;
-    padding: 3px;
-}
\ No newline at end of file