Class AuthController
- Namespace
- GastroSky.Controllers.V1
- Assembly
- GastroSky.dll
Authentication and user account related endpoints.
[ApiController]
[Authorize]
[Route("api/v1/auth")]
[Produces("application/json", new string[] { })]
public class AuthController : GastroSkyControllerBase- Inheritance
-
AuthController
- Inherited Members
Constructors
AuthController(IConfiguration, GastroSkyDatabaseContext, IPasswordHashing, IAuthTokenService, IUserAgentService, ITotpValidator, ILogger<AuthController>, IOptionsMonitor<JwtSettings>, IEmailValidator, ISlugGenerator, IEmailTotpService, ITotpSecretGenerator, IKeyValuePairCache, IMapper)
Authentication and user account related endpoints.
public AuthController(IConfiguration configuration, GastroSkyDatabaseContext db, IPasswordHashing passwordHashing, IAuthTokenService authTokenService, IUserAgentService userAgentService, ITotpValidator totpValidator, ILogger<AuthController> logger, IOptionsMonitor<JwtSettings> jwtSettings, IEmailValidator emailValidator, ISlugGenerator slugGenerator, IEmailTotpService emailTotpService, ITotpSecretGenerator totpSecretGenerator, IKeyValuePairCache keyValuePairCache, IMapper mapper)Parameters
configurationIConfigurationdbGastroSkyDatabaseContextpasswordHashingIPasswordHashingauthTokenServiceIAuthTokenServiceuserAgentServiceIUserAgentServicetotpValidatorITotpValidatorloggerILogger<AuthController>jwtSettingsIOptionsMonitor<JwtSettings>emailValidatorIEmailValidatorslugGeneratorISlugGeneratoremailTotpServiceIEmailTotpServicetotpSecretGeneratorITotpSecretGeneratorkeyValuePairCacheIKeyValuePairCachemapperIMapper
Methods
CompleteResetPassword(CompleteResetPasswordRequestDto)
Password reset endpoint. Step 2/2
[HttpPost]
[AllowAnonymous]
[Route("complete-reset-password")]
[ProducesResponseType(400)]
[ProducesResponseType(403)]
[ProducesResponseType(500)]
[ProducesResponseType<ResponseBodyDto<UserResponseDto>>(200)]
public Task<IActionResult> CompleteResetPassword(CompleteResetPasswordRequestDto dto)Parameters
dtoCompleteResetPasswordRequestDtoDTO containing the email address of the user account whose password needs to be reset, the TOTP that the requesting user has received via email and the new password as a hex-encoded, all-lowercase SHA-256 hash (exactly 64 characters long).
Returns
Remarks
Sample request:
POST /api/v1/auth/complete-reset-password
{
"email": "user@example.org",
"totp": "42069",
"newPasswordHashSHA256": "37c7b874677dd522303335599fc9efa5f2664594af38c8a86037b9319fbdfe8f"
}
ConfirmEnableUser2FA(UserEnableTwoFactorAuthRequestDto)
Two-factor authentication activation endpoint. Step 2/2
[HttpPut]
[Authorize]
[Route("2fa/enable/confirm")]
[ProducesResponseType(200)]
[ProducesResponseType(403)]
[ProducesResponseType(500)]
public Task<IActionResult> ConfirmEnableUser2FA(UserEnableTwoFactorAuthRequestDto dto)Parameters
dtoUserEnableTwoFactorAuthRequestDtoRequest DTO containing a 2FA token valid against the TOTP secret returned in step 1.
Returns
Remarks
Sample request:
PUT /api/v1/auth/2fa/enable/confirm
{
"totp": "133769"
}
ConfirmVerifyEmail(ConfirmVerifyEmailRequestDto)
Email verification endpoint for user registration flow. Step 2/2
[HttpPost]
[AllowAnonymous]
[ProducesResponseType(200)]
[ProducesResponseType(400)]
[Route("confirm-verify-email")]
public Task<IActionResult> ConfirmVerifyEmail(ConfirmVerifyEmailRequestDto dto)Parameters
dtoConfirmVerifyEmailRequestDtoRequest DTO containing the email address to verify and the TOTP to verify against.
Returns
Remarks
Sample request:
POST /api/v1/auth/confirm-verify-email
{
"email": user@example.org,
"totp": "133769"
}
DisableUser2FA(UserDisableTwoFactorAuthRequestDto)
Two-factor authentication deactivation endpoint.
[HttpPut]
[Route("2fa/disable")]
[ProducesResponseType(200)]
[ProducesResponseType(403)]
[ProducesResponseType(500)]
public Task<IActionResult> DisableUser2FA(UserDisableTwoFactorAuthRequestDto dto)Parameters
dtoUserDisableTwoFactorAuthRequestDtoRequest DTO containing a valid 2FA token.
Returns
Remarks
Sample request:
PUT /api/v1/auth/2fa/disable
{
"totp": "133769"
}
EnableUser2FA(UserEnableTwoFactorAuthRequestDto)
Two-factor authentication activation endpoint. Step 1/2
[HttpPut]
[Authorize]
[Route("2fa/enable")]
[ProducesResponseType(200)]
[ProducesResponseType(403)]
public Task<IActionResult> EnableUser2FA(UserEnableTwoFactorAuthRequestDto dto)Parameters
dtoUserEnableTwoFactorAuthRequestDtoRequest DTO not necessary in step 1.
Returns
Login(LoginRequestDto)
Login endpoint. If the passed credentials are valid, this endpoint returns a valid auth token and the current GastroSky server broadcast message.
[HttpPost]
[AllowAnonymous]
[Route("login")]
[ProducesResponseType(302)]
[ProducesResponseType(401)]
[ProducesResponseType(404)]
[ProducesResponseType(429)]
[ProducesResponseType<ResponseBodyDto<LoginResponseDto>>(200)]
public Task<IActionResult> Login(LoginRequestDto dto)Parameters
dtoLoginRequestDtoDTO containing login credentials, including 2FA token (if underlying user has 2FA enabled on their account).
Returns
Remarks
Sample request:
POST /api/v1/auth/login
{
"email": "user@example.org",
"passwordHashSHA256": "90bffe1884b84d5e255f12ff0ecbd70f2edfc877b68d612dc6fb50638b3ac17c",
"totp": "123456"
}
Logout()
Logout endpoint. This invalidates the user's session + auth token explicitly.
[HttpPost]
[Route("logout")]
[ProducesResponseType(204)]
[ProducesResponseType(500)]
public Task<IActionResult> Logout()Returns
Register(RegisterRequestDto)
New user registration endpoint.
[HttpPost]
[AllowAnonymous]
[ProducesResponseType(200)]
[ProducesResponseType(400)]
[Route("register")]
public Task<IActionResult> Register(RegisterRequestDto dto)Parameters
dtoRegisterRequestDtoRequest DTO containing the email address to use for the new user account, SHA-256 hash of the user's desired password, hex-encoded into a 64-character all-lowercase string and the TOTP that the user must have received via email.
Returns
Remarks
Sample request:
POST /api/v1/auth/register
{
"email": "user@example.org",
"passwordHashSHA256": "90bffe1884b84d5e255f12ff0ecbd70f2edfc877b68d612dc6fb50638b3ac17c",
"totp": "133769"
}
ResetPassword(ResetPasswordRequestDto)
Password reset endpoint. Step 1/2
[HttpPost]
[AllowAnonymous]
[Route("request-reset-password")]
[ProducesResponseType(200)]
[ProducesResponseType(400)]
[ProducesResponseType(500)]
public Task<IActionResult> ResetPassword(ResetPasswordRequestDto dto)Parameters
dtoResetPasswordRequestDtoDTO containing the email address of the user account whose password needs to be reset.
Returns
Remarks
Sample request:
POST /api/v1/auth/request-reset-password
{
"email": "user@example.org"
}
Revive(ReviveRequestDto)
[HttpPost]
[AllowAnonymous]
[Route("revive")]
public Task<IActionResult> Revive(ReviveRequestDto dto)Parameters
dtoReviveRequestDto
Returns
SetPassword(SetPasswordRequestDto)
Password modification endpoint.
[HttpPut]
[Route("set-password")]
[ProducesResponseType(400)]
[ProducesResponseType(403)]
[ProducesResponseType(500)]
[ProducesResponseType<ResponseBodyDto<UserResponseDto>>(200)]
public Task<IActionResult> SetPassword(SetPasswordRequestDto dto)Parameters
dtoSetPasswordRequestDtoDTO containing the email address of the user account whose password needs to be reset, the current user's password and the new password as hex-encoded, all-lowercase SHA-256 hash strings (exactly 64 characters long).
Returns
Remarks
Sample request:
PUT /api/v1/auth/set-password
{
"email": "user@example.org",
"oldPasswordHashSHA256": "90bffe1884b84d5e255f12ff0ecbd70f2edfc877b68d612dc6fb50638b3ac17c",
"newPasswordHashSHA256": "37c7b874677dd522303335599fc9efa5f2664594af38c8a86037b9319fbdfe8f"
}
VerifyEmail(VerifyEmailRequestDto)
Email verification endpoint for user registration flow. Step 1/2
[HttpPost]
[AllowAnonymous]
[Route("verify-email")]
[ProducesResponseType(200)]
[ProducesResponseType(400)]
[ProducesResponseType(500)]
public Task<IActionResult> VerifyEmail(VerifyEmailRequestDto dto)Parameters
dtoVerifyEmailRequestDtoRequest DTO containing the email address to verify and the desired language parameter.
Returns
Remarks
Sample request:
POST /api/v1/auth/verify-email
{
"email": user@example.org,
"language": 0
}