POC oidc login

2025-05-24 13:57:06 +02:00 · 2025-05-24 13:57:06 +02:00 · df9d970a42
commit df9d970a42
parent 6288d89651
48 changed files with 5009 additions and 96 deletions
--- a/API/Controllers/AccountController.cs
+++ b/API/Controllers/AccountController.cs
@ -74,6 +74,18 @@ public class AccountController : BaseApiController
        _localizationService = localizationService;
    }

+    [HttpGet]
+    public async Task<ActionResult<UserDto>> GetCurrentUserAsync()
+    {
+        var user = await _unitOfWork.UserRepository.GetUserByIdAsync(User.GetUserId(), AppUserIncludes.UserPreferences);
+        if (user == null) throw new UnauthorizedAccessException();
+
+        var roles = await _userManager.GetRolesAsync(user);
+        if (!roles.Contains(PolicyConstants.LoginRole)) return Unauthorized(await _localizationService.Translate(user.Id, "disabled-account"));
+
+        return Ok(await ConstructUserDto(user));
+    }
+
    /// <summary>
    /// Update a user's password
    /// </summary>
@ -245,6 +257,11 @@ public class AccountController : BaseApiController
            }
        }

+        return Ok(await ConstructUserDto(user));
+    }
+
+    private async Task<UserDto> ConstructUserDto(AppUser user)
+    {
        // Update LastActive on account
        user.UpdateLastActive();

@ -265,12 +282,11 @@ public class AccountController : BaseApiController
        dto.KavitaVersion = (await _unitOfWork.SettingsRepository.GetSettingAsync(ServerSettingKey.InstallVersion))
            .Value;
        var pref = await _unitOfWork.UserRepository.GetPreferencesAsync(user.UserName!);
-        if (pref == null) return Ok(dto);
+        if (pref == null) return dto;

        pref.Theme ??= await _unitOfWork.SiteThemeRepository.GetDefaultTheme();
        dto.Preferences = _mapper.Map<UserPreferencesDto>(pref);
-
-        return Ok(dto);
+        return dto;
    }

    /// <summary>
--- a/API/Controllers/OidcControlller.cs
+++ b/API/Controllers/OidcControlller.cs
@ -0,0 +1,23 @@
+using System.Threading.Tasks;
+using API.Data;
+using API.DTOs.Settings;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.Extensions.Logging;
+
+namespace API.Controllers;
+
+[AllowAnonymous]
+public class OidcController(ILogger<OidcController> logger, IUnitOfWork unitOfWork): BaseApiController
+{
+
+    // TODO: Decide what we want to expose here, not really anything useful in it. But the discussion is needed
+    //      Public endpoint
+    [HttpGet("config")]
+    public async Task<ActionResult<OidcConfigDto>> GetOidcConfig()
+    {
+        var settings = await unitOfWork.SettingsRepository.GetSettingsDtoAsync();
+        return Ok(settings.OidcConfig);
+    }
+
+}