source: ChapterX.API/Controllers/CommentsController.cs@ b373fea

main
Last change on this file since b373fea was b373fea, checked in by kikisrbinoska <srbinoskakristina07@…>, 12 days ago

Fixes for authentication and auhtorization\

  • Property mode set to 100644
File size: 3.4 KB
Line 
1using ChapterX.Application.Comment.Commands;
2using ChapterX.Application.Comment.Queries;
3using ChapterX.Domain.Repositories;
4using MediatR;
5using Microsoft.AspNetCore.Authorization;
6using Microsoft.AspNetCore.Mvc;
7using Microsoft.Extensions.Logging;
8using System.IdentityModel.Tokens.Jwt;
9using System.Security.Claims;
10
11namespace ChapterX.API.Controllers
12{
13 [Route("api/[controller]")]
14 [ApiController]
15 public class CommentsController : ControllerBase
16 {
17 private readonly IMediator _mediator;
18 private readonly ICommentRepository _commentRepository;
19 private readonly ILogger<CommentsController> _logger;
20
21 public CommentsController(IMediator mediator, ICommentRepository commentRepository, ILogger<CommentsController> logger)
22 {
23 _mediator = mediator;
24 _commentRepository = commentRepository;
25 _logger = logger;
26 }
27
28 [HttpGet("story/{storyId:int}")]
29 [AllowAnonymous]
30 public async Task<ActionResult> GetByStory(int storyId)
31 {
32 var comments = await _commentRepository.GetByStoryIdAsync(storyId);
33 var result = comments.Select(c => new
34 {
35 id = c.Id,
36 content = c.Content,
37 userId = c.UserId,
38 storyId = c.StoryId,
39 username = c.User?.Username ?? "",
40 createdAt = c.CreatedAt,
41 });
42 return Ok(result);
43 }
44
45 [HttpGet]
46 [AllowAnonymous]
47 public async Task<ActionResult> GetAll()
48 {
49 _logger.LogInformation("Fetching all comments");
50 var response = await _mediator.Send(new GetAllRequest());
51 return Ok(response);
52 }
53
54 [HttpGet("{id:int}")]
55 [AllowAnonymous]
56 public async Task<ActionResult> GetById(int id)
57 {
58 _logger.LogInformation("Fetching comment with ID: {CommentId}", id);
59 var response = await _mediator.Send(new GetRequest(id));
60 return Ok(response);
61 }
62
63 [HttpPost]
64 [Authorize]
65 public async Task<ActionResult> Add([FromBody] AddRequest request)
66 {
67 var callerId = int.Parse(User.FindFirstValue(JwtRegisteredClaimNames.Sub)!);
68 _logger.LogInformation("Adding a new comment");
69 var response = await _mediator.Send(request with { UserId = callerId });
70 return Ok(response);
71 }
72
73 [HttpPut("{id:int}")]
74 [Authorize]
75 public async Task<ActionResult> Update(int id, [FromBody] UpdateRequest request)
76 {
77 _logger.LogInformation("Updating comment with ID: {CommentId}", id);
78 if (id != request.Id)
79 {
80 return BadRequest("Route ID and body ID must match.");
81 }
82
83 var callerId = int.Parse(User.FindFirstValue(JwtRegisteredClaimNames.Sub)!);
84 var response = await _mediator.Send(request with { CallerId = callerId });
85 return Ok(response);
86 }
87
88 [HttpDelete("{id:int}")]
89 [Authorize]
90 public async Task<ActionResult> Delete(int id)
91 {
92 _logger.LogInformation("Deleting comment with ID: {CommentId}", id);
93 var callerId = int.Parse(User.FindFirstValue(JwtRegisteredClaimNames.Sub)!);
94 var response = await _mediator.Send(new DeleteRequest(id, callerId));
95 return Ok(response);
96 }
97 }
98}
99
Note: See TracBrowser for help on using the repository browser.