diff --git a/.idea/.idea.Abyss/.idea/workspace.xml b/.idea/.idea.Abyss/.idea/workspace.xml
index ff3edf4..47ee787 100644
--- a/.idea/.idea.Abyss/.idea/workspace.xml
+++ b/.idea/.idea.Abyss/.idea/workspace.xml
@@ -10,19 +10,10 @@
+
-
-
-
-
-
-
-
-
-
-
@@ -47,7 +38,14 @@
+
+
+
+
+
+
+
@@ -226,7 +224,7 @@
-
+
diff --git a/Abyss/Components/Controllers/Media/VideoController.cs b/Abyss/Components/Controllers/Media/VideoController.cs
index 68c1f75..d5848a7 100644
--- a/Abyss/Components/Controllers/Media/VideoController.cs
+++ b/Abyss/Components/Controllers/Media/VideoController.cs
@@ -1,4 +1,4 @@
-using System.Diagnostics;
+
using Abyss.Components.Services;
using Abyss.Components.Static;
using Abyss.Components.Tools;
@@ -15,7 +15,6 @@ using Task = System.Threading.Tasks.Task;
public class VideoController(ILogger logger, ResourceService rs, ConfigureService config) : BaseController
{
private ILogger _logger = logger;
-
public readonly string VideoFolder = Path.Combine(config.MediaRoot, "Videos");
[HttpPost("init")]
@@ -78,8 +77,6 @@ public class VideoController(ILogger logger, ResourceService rs
[HttpPost("{klass}/bulkquery")]
public async Task QueryBulk([FromQuery] string token, [FromBody] string[] id, [FromRoute] string klass)
{
- List result = new List();
-
var db = id.Select(x => Helpers.SafePathCombine(VideoFolder, [klass, x, "summary.json"])).ToArray();
if(db.Any(x => x == null))
return BadRequest();
diff --git a/Abyss/Components/Controllers/Middleware/BadRequestExceptionMiddleware.cs b/Abyss/Components/Controllers/Middleware/BadRequestExceptionMiddleware.cs
new file mode 100644
index 0000000..cbde8b0
--- /dev/null
+++ b/Abyss/Components/Controllers/Middleware/BadRequestExceptionMiddleware.cs
@@ -0,0 +1,18 @@
+namespace Abyss.Components.Controllers.Middleware;
+
+public class BadRequestExceptionMiddleware(RequestDelegate next, ILogger logger)
+{
+ public async System.Threading.Tasks.Task Invoke(HttpContext context)
+ {
+ try
+ {
+ await next(context);
+ }
+ catch (Exception ex)
+ {
+ logger.LogError(ex.Message);
+ context.Response.StatusCode = StatusCodes.Status400BadRequest;
+ await context.Response.WriteAsync("Bad Request");
+ }
+ }
+}
diff --git a/Abyss/Components/Controllers/Security/UserController.cs b/Abyss/Components/Controllers/Security/UserController.cs
index adeae87..2900161 100644
--- a/Abyss/Components/Controllers/Security/UserController.cs
+++ b/Abyss/Components/Controllers/Security/UserController.cs
@@ -1,4 +1,3 @@
-
// UserController.cs
using System.Text.RegularExpressions;
@@ -13,53 +12,52 @@ namespace Abyss.Components.Controllers.Security;
[ApiController]
[Route("api/[controller]")]
[EnableRateLimiting("Fixed")]
-public class UserController(UserService user, ILogger logger) : BaseController
+public class UserController(UserService userService, ILogger logger) : BaseController
{
private readonly ILogger _logger = logger;
- private readonly UserService _user = user;
+ private readonly UserService _userService = userService;
[HttpGet("{user}")]
public async Task Challenge(string user)
{
- var c = await _user.Challenge(user);
- if(c == null)
+ var c = await _userService.Challenge(user);
+ if (c == null)
return StatusCode(403, new { message = "Access forbidden" });
-
+
return Ok(c);
}
[HttpPost("{user}")]
public async Task Challenge(string user, [FromBody] ChallengeResponse response)
{
- var r = await _user.Verify(user, response.Response, Ip);
- if(r == null)
+ var r = await _userService.Verify(user, response.Response, Ip);
+ if (r == null)
return StatusCode(403, new { message = "Access forbidden" });
-
return Ok(r);
}
[HttpPost("validate")]
public IActionResult Validate(string token)
{
- var u = _user.Validate(token, Ip);
+ var u = _userService.Validate(token, Ip);
if (u == -1)
{
return StatusCode(401, new { message = "Invalid" });
}
-
+
return Ok(u);
}
[HttpPost("destroy")]
public IActionResult Destroy(string token)
{
- var u = _user.Validate(token, Ip);
+ var u = _userService.Validate(token, Ip);
if (u == -1)
{
return StatusCode(401, new { message = "Invalid" });
}
-
- _user.Destroy(token);
+
+ _userService.Destroy(token);
return Ok("Success");
}
@@ -67,46 +65,46 @@ public class UserController(UserService user, ILogger logger) :
public async Task Create(string user, [FromBody] UserCreating creating)
{
// Valid token
- var r = await _user.Verify(user, creating.Response, Ip);
- if(r == null)
+ var r = await _userService.Verify(user, creating.Response, Ip);
+ if (r == null)
return StatusCode(403, new { message = "Denied" });
-
+
// User exists ?
- var cu = await _user.QueryUser(creating.Name);
- if(cu != null)
+ var cu = await _userService.QueryUser(creating.Name);
+ if (cu != null)
return StatusCode(403, new { message = "Denied" });
-
+
// Valid username string
- if(!IsAlphanumeric(creating.Name))
+ if (!IsAlphanumeric(creating.Name))
return StatusCode(403, new { message = "Denied" });
-
+
// Valid parent && Privilege
- var ou = await _user.QueryUser(_user.Validate(r, Ip));
- if(creating.Privilege > ou?.Privilege || ou == null)
+ var ou = await _userService.QueryUser(_userService.Validate(r, Ip));
+ if (creating.Privilege > ou?.Privilege || ou == null)
return StatusCode(403, new { message = "Denied" });
-
- await _user.CreateUser(new User
+
+ await _userService.CreateUser(new User
{
Username = creating.Name,
ParentId = ou.Uuid,
Privilege = creating.Privilege,
PublicKey = creating.PublicKey,
- } );
-
- _user.Destroy(r);
+ });
+
+ _userService.Destroy(r);
return Ok("Success");
}
-
+
[HttpGet("{user}/open")]
public async Task Open(string user, [FromQuery] string token, [FromQuery] string? bindIp = null)
{
- var caller = _user.Validate(token, Ip);
+ var caller = _userService.Validate(token, Ip);
if (caller != 1)
{
return StatusCode(403, new { message = "Access forbidden" });
}
- var target = await _user.QueryUser(user);
+ var target = await _userService.QueryUser(user);
if (target == null)
{
return StatusCode(404, new { message = "User not found" });
@@ -114,12 +112,13 @@ public class UserController(UserService user, ILogger logger) :
var ipToBind = string.IsNullOrWhiteSpace(bindIp) ? Ip : bindIp;
- var t = _user.CreateToken(target.Uuid, ipToBind, TimeSpan.FromHours(1));
+ var t = _userService.CreateToken(target.Uuid, ipToBind, TimeSpan.FromHours(1));
- _logger.LogInformation("Root created 1h token for {User}, bound to {BindIp}, request from {ReqIp}", user, ipToBind, Ip);
+ _logger.LogInformation("Root created 1h token for {User}, bound to {BindIp}, request from {ReqIp}", user,
+ ipToBind, Ip);
return Ok(new { token = t, user, boundIp = ipToBind });
}
-
+
public static bool IsAlphanumeric(string input)
{
if (string.IsNullOrEmpty(input))
diff --git a/Abyss/Program.cs b/Abyss/Program.cs
index 7b79509..5ce0599 100644
--- a/Abyss/Program.cs
+++ b/Abyss/Program.cs
@@ -1,4 +1,5 @@
using System.Threading.RateLimiting;
+using Abyss.Components.Controllers.Middleware;
using Abyss.Components.Controllers.Task;
using Abyss.Components.Services;
using Microsoft.AspNetCore.RateLimiting;
@@ -41,6 +42,7 @@ public class Program
var app = builder.Build();
// app.UseHttpsRedirection();
+ app.UseMiddleware();
app.UseAuthorization();
app.MapControllers();