MDMCK10/CollabVMAuthServer
1
0
Fork 0
forked from collabvm/CollabVMAuthServer
Code Pull requests Activity

Allow bots to use admin endpoints

Browse source
This commit is contained in:
Elijah R 2024-06-08 18:59:34 -04:00
parent c7f3cb3441
commit 1ab7dd0626
3 changed files with 58 additions and 29 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

48
CollabVMAuthServer/HTTP/AdminRoutes.cs
View file

@ -53,8 +53,8 @@ public static class AdminRoutes
}, Utilities.JsonSerializerOptions); }, Utilities.JsonSerializerOptions);
} }
// Check token // Check token
var session = await Program.Database.GetSession(payload.session); var user = await Utilities.GetStaffByToken(payload.session);
if (session == null || Utilities.IsSessionExpired(session)) if (user == null)
{ {
context.Response.StatusCode = 400; context.Response.StatusCode = 400;
return Results.Json(new IPBanResponse return Results.Json(new IPBanResponse
@ -64,8 +64,6 @@ public static class AdminRoutes
}, Utilities.JsonSerializerOptions); }, Utilities.JsonSerializerOptions);
} }
// Check rank // Check rank
var user = await Program.Database.GetUser(session.Username)
?? throw new Exception("Could not lookup user from session");
if (user.Rank != Rank.Admin && user.Rank != Rank.Moderator) if (user.Rank != Rank.Admin && user.Rank != Rank.Moderator)
{ {
context.Response.StatusCode = 403; context.Response.StatusCode = 403;
@ -127,23 +125,21 @@ public static class AdminRoutes
}, Utilities.JsonSerializerOptions); }, Utilities.JsonSerializerOptions);
} }
// Check token // Check token
var session = await Program.Database.GetSession(payload.token); var user = await Utilities.GetStaffByToken(payload.token);
if (session == null || Utilities.IsSessionExpired(session)) if (user == null)
{ {
context.Response.StatusCode = 400; context.Response.StatusCode = 400;
return Results.Json(new BanUserResponse return Results.Json(new IPBanResponse
{ {
success = false, success = false,
error = "Invalid session" error = "Invalid session"
}, Utilities.JsonSerializerOptions); }, Utilities.JsonSerializerOptions);
} }
// Check rank // Check rank
var user = await Program.Database.GetUser(session.Username)
?? throw new Exception("Could not lookup user from session");
if (user.Rank != Rank.Admin && user.Rank != Rank.Moderator) if (user.Rank != Rank.Admin && user.Rank != Rank.Moderator)
{ {
context.Response.StatusCode = 403; context.Response.StatusCode = 403;
return Results.Json(new BanUserResponse return Results.Json(new IPBanResponse
{ {
success = false, success = false,
error = "Insufficient permissions" error = "Insufficient permissions"
@ -205,23 +201,21 @@ public static class AdminRoutes
}, Utilities.JsonSerializerOptions); }, Utilities.JsonSerializerOptions);
} }
// Check token // Check token
var session = await Program.Database.GetSession(payload.token); var user = await Utilities.GetStaffByToken(payload.token);
if (session == null || Utilities.IsSessionExpired(session)) if (user == null)
{ {
context.Response.StatusCode = 400; context.Response.StatusCode = 400;
return Results.Json(new AdminUpdateBotResponse return Results.Json(new IPBanResponse
{ {
success = false, success = false,
error = "Invalid session" error = "Invalid session"
}, Utilities.JsonSerializerOptions); }, Utilities.JsonSerializerOptions);
} }
// Check rank // Check rank
var user = await Program.Database.GetUser(session.Username)
?? throw new Exception("Could not lookup user from session");
if (user.Rank != Rank.Admin && user.Rank != Rank.Moderator) if (user.Rank != Rank.Admin && user.Rank != Rank.Moderator)
{ {
context.Response.StatusCode = 403; context.Response.StatusCode = 403;
return Results.Json(new AdminUsersResponse return Results.Json(new IPBanResponse
{ {
success = false, success = false,
error = "Insufficient permissions" error = "Insufficient permissions"
@ -323,23 +317,21 @@ public static class AdminRoutes
}, Utilities.JsonSerializerOptions); }, Utilities.JsonSerializerOptions);
} }
// Check token // Check token
var session = await Program.Database.GetSession(payload.token); var user = await Utilities.GetStaffByToken(payload.token);
if (session == null || Utilities.IsSessionExpired(session)) if (user == null)
{ {
context.Response.StatusCode = 400; context.Response.StatusCode = 400;
return Results.Json(new AdminUpdateUserResponse return Results.Json(new IPBanResponse
{ {
success = false, success = false,
error = "Invalid session" error = "Invalid session"
}, Utilities.JsonSerializerOptions); }, Utilities.JsonSerializerOptions);
} }
// Check rank // Check rank
var user = await Program.Database.GetUser(session.Username) if (user.Rank != Rank.Admin && user.Rank != Rank.Moderator)
?? throw new Exception("Could not lookup user from session");
if (user.Rank != Rank.Admin)
{ {
context.Response.StatusCode = 403; context.Response.StatusCode = 403;
return Results.Json(new AdminUsersResponse return Results.Json(new IPBanResponse
{ {
success = false, success = false,
error = "Insufficient permissions" error = "Insufficient permissions"
@ -428,23 +420,21 @@ public static class AdminRoutes
}, Utilities.JsonSerializerOptions); }, Utilities.JsonSerializerOptions);
} }
// Check token // Check token
var session = await Program.Database.GetSession(payload.token); var user = await Utilities.GetStaffByToken(payload.token);
if (session == null || Utilities.IsSessionExpired(session)) if (user == null)
{ {
context.Response.StatusCode = 400; context.Response.StatusCode = 400;
return Results.Json(new AdminUsersResponse return Results.Json(new IPBanResponse
{ {
success = false, success = false,
error = "Invalid session" error = "Invalid session"
}, Utilities.JsonSerializerOptions); }, Utilities.JsonSerializerOptions);
} }
// Check rank // Check rank
var user = await Program.Database.GetUser(session.Username)
?? throw new Exception("Could not lookup user from session");
if (user.Rank != Rank.Admin && user.Rank != Rank.Moderator) if (user.Rank != Rank.Admin && user.Rank != Rank.Moderator)
{ {
context.Response.StatusCode = 403; context.Response.StatusCode = 403;
return Results.Json(new AdminUsersResponse return Results.Json(new IPBanResponse
{ {
success = false, success = false,
error = "Insufficient permissions" error = "Insufficient permissions"

7
CollabVMAuthServer/StaffMember.cs Normal file
View file

@ -0,0 +1,7 @@
namespace Computernewb.CollabVMAuthServer;
public class StaffMember
{
public string Username { get; set; }
public Rank Rank { get; set; }
}

32
CollabVMAuthServer/Utilities.cs
View file

@ -125,4 +125,36 @@ public static class Utilities
{ {
return DateTime.Now > session.LastUsed.AddDays(Program.Config.Accounts.SessionExpiryDays); return DateTime.Now > session.LastUsed.AddDays(Program.Config.Accounts.SessionExpiryDays);
} }
public static async Task<StaffMember?> GetStaffByToken(string token)
{
if (token.Length == 32)
{
// User
var session = await Program.Database.GetSession(token);
if (session == null || Utilities.IsSessionExpired(session)) return null;
var user = await Program.Database.GetUser(session.Username);
if (user == null) return null;
return new StaffMember
{
Username = user.Username,
Rank = user.Rank
};
}
else if (token.Length == 64)
{
// Bot
var bot = await Program.Database.GetBot(token: token);
if (bot == null) return null;
return new StaffMember
{
Username = bot.Username,
Rank = bot.Rank
};
}
else
{
return null;
}
}
} }