2024-07-03 19:03:52 +02:00
|
|
|
using System.Data;
|
2024-07-15 19:46:02 +02:00
|
|
|
using System.Text;
|
2024-07-03 19:03:52 +02:00
|
|
|
using Microsoft.AspNetCore.Authorization;
|
|
|
|
|
using Microsoft.AspNetCore.Mvc;
|
|
|
|
|
using Microsoft.Data.SqlClient;
|
|
|
|
|
using WebAPI.Models;
|
|
|
|
|
|
|
|
|
|
namespace WebAPI.Controllers;
|
|
|
|
|
|
|
|
|
|
[ApiController]
|
|
|
|
|
[Route("api/[controller]")]
|
|
|
|
|
public class DataInboxController : Controller
|
|
|
|
|
{
|
2024-07-03 22:05:04 +02:00
|
|
|
private readonly AppDbContext _db;
|
2024-07-03 19:03:52 +02:00
|
|
|
private readonly IConfiguration _configuration;
|
|
|
|
|
private readonly LogsController _logsController;
|
|
|
|
|
|
|
|
|
|
public DataInboxController(
|
2024-07-03 22:05:04 +02:00
|
|
|
AppDbContext db,
|
2024-07-03 19:03:52 +02:00
|
|
|
GoogleSheetsHelper googleSheetsHelper,
|
|
|
|
|
IConfiguration configuration)
|
|
|
|
|
{
|
2024-07-03 22:05:04 +02:00
|
|
|
_db = db;
|
2024-07-03 19:03:52 +02:00
|
|
|
_configuration = configuration;
|
|
|
|
|
_logsController = new LogsController(googleSheetsHelper, _configuration);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
[HttpPut]
|
|
|
|
|
[Route("Add/{apiKey}")]
|
|
|
|
|
[AllowAnonymous]
|
2024-07-03 22:05:04 +02:00
|
|
|
public IActionResult Add(string apiKey, [FromBody] DataInbox dataInbox)
|
2024-07-03 19:03:52 +02:00
|
|
|
{
|
|
|
|
|
if (apiKey != _configuration["apiKey"])
|
|
|
|
|
{
|
|
|
|
|
_logsController.AddEntry(new LogEntry
|
|
|
|
|
{
|
|
|
|
|
Title = $"Unauthorized request - wrong apiKey ({dataInbox.Source})",
|
|
|
|
|
Type = LogEntryType.Warning,
|
|
|
|
|
LogType = LogType.DataInbox,
|
|
|
|
|
CreatedAt = DateTime.UtcNow
|
|
|
|
|
});
|
|
|
|
|
return Unauthorized();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
try
|
|
|
|
|
{
|
2024-07-15 19:46:02 +02:00
|
|
|
if (
|
|
|
|
|
!Request.Headers.TryGetValue("Authorization", out var authHeader))
|
|
|
|
|
{
|
|
|
|
|
_logsController.AddEntry(new LogEntry
|
|
|
|
|
{
|
|
|
|
|
Title = $"Unauthorized request - no authorization header ({dataInbox.Source})",
|
|
|
|
|
Type = LogEntryType.Warning,
|
|
|
|
|
LogType = LogType.DataInbox,
|
|
|
|
|
CreatedAt = DateTime.UtcNow
|
|
|
|
|
});
|
|
|
|
|
return Unauthorized();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var credentialsArr = authHeader.ToString().Split(" ");
|
|
|
|
|
if (credentialsArr.Length != 2)
|
|
|
|
|
{
|
|
|
|
|
_logsController.AddEntry(new LogEntry
|
|
|
|
|
{
|
|
|
|
|
Title = $"Unauthorized request - wrong auth header format ({dataInbox.Source})",
|
|
|
|
|
Type = LogEntryType.Warning,
|
|
|
|
|
LogType = LogType.DataInbox,
|
|
|
|
|
CreatedAt = DateTime.UtcNow
|
|
|
|
|
});
|
|
|
|
|
return Unauthorized();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var authValue = Encoding.UTF8.GetString(Convert.FromBase64String(credentialsArr[1]));
|
|
|
|
|
var username = authValue.Split(':')[0];
|
|
|
|
|
var password = authValue.Split(':')[1];
|
|
|
|
|
if (username != _configuration["morska-user"] || password != _configuration["morska-pass"])
|
|
|
|
|
{
|
|
|
|
|
_logsController.AddEntry(new LogEntry
|
|
|
|
|
{
|
|
|
|
|
Title = $"Unauthorized request - bad credentials ({dataInbox.Source})",
|
|
|
|
|
Type = LogEntryType.Warning,
|
2024-07-15 19:54:41 +02:00
|
|
|
LogType = LogType.DataInbox,
|
2024-07-15 19:46:02 +02:00
|
|
|
CreatedAt = DateTime.UtcNow
|
|
|
|
|
});
|
|
|
|
|
return Unauthorized();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// check if datainbox.data is base64 encoded value
|
|
|
|
|
if (!string.IsNullOrEmpty(dataInbox.Data) && !IsBase64String(dataInbox.Data))
|
|
|
|
|
{
|
|
|
|
|
_logsController.AddEntry(new LogEntry
|
|
|
|
|
{
|
|
|
|
|
Title = $"Invalid data format - not base64 encoded ({dataInbox.Source})",
|
|
|
|
|
Type = LogEntryType.Warning,
|
|
|
|
|
LogType = LogType.DataInbox,
|
|
|
|
|
CreatedAt = DateTime.UtcNow
|
|
|
|
|
});
|
|
|
|
|
return BadRequest("Invalid data format - not base64 encoded");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2024-07-03 22:05:04 +02:00
|
|
|
dataInbox.Id = Guid.NewGuid();
|
|
|
|
|
dataInbox.CreatedAt = DateTime.UtcNow;
|
|
|
|
|
_db.DataInbox.Add(dataInbox);
|
|
|
|
|
_db.SaveChanges();
|
|
|
|
|
|
2024-07-03 19:03:52 +02:00
|
|
|
_logsController.AddEntry(new LogEntry
|
|
|
|
|
{
|
|
|
|
|
Title = $"Insert success: {dataInbox.Source}, {dataInbox.Name}",
|
|
|
|
|
Type = LogEntryType.Info,
|
|
|
|
|
LogType = LogType.DataInbox,
|
|
|
|
|
CreatedAt = DateTime.UtcNow
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
return Ok();
|
|
|
|
|
}
|
|
|
|
|
catch (Exception e)
|
|
|
|
|
{
|
|
|
|
|
_logsController.AddEntry(new LogEntry
|
|
|
|
|
{
|
|
|
|
|
Title = $"Insert error: {dataInbox.Source}, {dataInbox.Name}",
|
|
|
|
|
Type = LogEntryType.Error,
|
|
|
|
|
LogType = LogType.DataInbox,
|
|
|
|
|
Message = e.ToString(),
|
|
|
|
|
CreatedAt = DateTime.UtcNow
|
|
|
|
|
});
|
|
|
|
|
return BadRequest(e.ToString());
|
|
|
|
|
}
|
|
|
|
|
}
|
2024-07-03 22:05:04 +02:00
|
|
|
|
|
|
|
|
[HttpGet]
|
|
|
|
|
public IActionResult GetAll()
|
|
|
|
|
{
|
|
|
|
|
return Ok(_db.DataInbox);
|
|
|
|
|
}
|
2024-07-15 19:46:02 +02:00
|
|
|
|
|
|
|
|
// helpers
|
|
|
|
|
private bool IsBase64String(string data)
|
|
|
|
|
{
|
2024-07-16 13:23:49 +02:00
|
|
|
if (string.IsNullOrEmpty(data))
|
|
|
|
|
{
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
try
|
|
|
|
|
{
|
|
|
|
|
var base64Bytes = Convert.FromBase64String(data);
|
|
|
|
|
|
|
|
|
|
var utf8String = Encoding.UTF8.GetString(base64Bytes);
|
|
|
|
|
|
|
|
|
|
var reEncoded = Convert.ToBase64String(Encoding.UTF8.GetBytes(utf8String));
|
|
|
|
|
return data.TrimEnd('=') == reEncoded.TrimEnd('=');
|
|
|
|
|
}
|
|
|
|
|
catch (FormatException)
|
|
|
|
|
{
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
catch (DecoderFallbackException)
|
|
|
|
|
{
|
|
|
|
|
return false;
|
|
|
|
|
}
|
2024-07-15 19:46:02 +02:00
|
|
|
}
|
2024-07-03 19:03:52 +02:00
|
|
|
}
|
