Merge branch 'features/start-backend' into 'unstable'

Features/start backend

See merge request internship-2025/survey-webapp/survey-webapp!4

SurveyBackend/SurveyBackend.API/Controllers/AuthController.cs

@@ -0,0 +1,15 @@
+using Microsoft.AspNetCore.Mvc;
+using SurveyBackend.DTOs;
+
+namespace SurveyBackend.Controllers;
+
+[ApiController]
+[Route("auth")]
+public class AuthController : ControllerBase
+{
+    [HttpPost("login")]
+    public async Task<IActionResult> GetToken([FromBody] UserLoginDto loginData)
+    {
+        return Ok();
+    }
+}

SurveyBackend/SurveyBackend.API/DTOs/UserLoginDto.cs

@@ -0,0 +1,7 @@
+namespace SurveyBackend.DTOs;
+
+public record UserLoginDto
+{
+    public required string Email { get; set; }
+    public required string Password { get; set; }
+}

SurveyBackend/SurveyBackend.API/DTOs/UserRegistrationDto.cs

@@ -0,0 +1,10 @@
+namespace SurveyBackend.DTOs;
+
+public record UserRegistrationDto
+{
+    public string Email { get; set; }
+    public string Username { get; set; }
+    public string FirstName { get; set; }
+    public string LastName { get; set; }
+    public string Password { get; set; }
+}

SurveyBackend/SurveyBackend.API/Program.cs

@@ -1,3 +1,10 @@
+using System.Text;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Microsoft.EntityFrameworkCore;
+using Microsoft.IdentityModel.Tokens;
+using SurveyBackend.Infrastructure;
+using SurveyBackend.Infrastructure.Data;
+
 namespace SurveyBackend;
 
 public class Program
@@ -6,26 +13,48 @@ public class Program
     {
         var builder = WebApplication.CreateBuilder(args);
 
-        // Add services to the container.
+        AuthOptions.MakeOptions(builder.Configuration, Environment.GetEnvironmentVariable("JWT_SECRET_KEY"));
+
         builder.Services.AddAuthorization();
 
-        // Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle
+        builder.Services.AddDbContext<ApplicationDbContext>(options =>
+        {
+            options.UseSqlite(builder.Configuration.GetConnectionString("DefaultConnection"));
+        });
+
+        builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
+            .AddJwtBearer(options =>
+            {
+                options.TokenValidationParameters = new TokenValidationParameters
+                {
+                    ValidateIssuer = true,
+                    ValidateAudience = true,
+                    ValidateLifetime = true,
+                    ValidateIssuerSigningKey = true,
+                    ValidIssuer = AuthOptions.Issuer,
+                    ValidAudience = AuthOptions.Audience,
+                    IssuerSigningKey = AuthOptions.SymmetricSecurityKey
+                };
+            });
+
+        builder.Services.AddControllers();
+
         builder.Services.AddEndpointsApiExplorer();
         builder.Services.AddSwaggerGen();
 
         var app = builder.Build();
 
-        // Configure the HTTP request pipeline.
         if (app.Environment.IsDevelopment())
         {
             app.UseSwagger();
             app.UseSwaggerUI();
         }
 
-        app.UseHttpsRedirection();
+        app.UseAuthentication();
-
         app.UseAuthorization();
 
+        app.MapControllers();
+
         app.Run();
     }
 }

SurveyBackend/SurveyBackend.API/SurveyBackend.API.csproj

@@ -8,8 +8,15 @@
     </PropertyGroup>
 
     <ItemGroup>
+        <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.0.14" />
         <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="8.0.2"/>
+        <PackageReference Include="Microsoft.EntityFrameworkCore.Sqlite" Version="9.0.3" />
         <PackageReference Include="Swashbuckle.AspNetCore" Version="6.4.0"/>
     </ItemGroup>
 
+    <ItemGroup>
+      <ProjectReference Include="..\SurveyBackend.Core\SurveyBackend.Core.csproj" />
+      <ProjectReference Include="..\SurveyBackend.Infrastructure\SurveyBackend.Infrastructure.csproj" />
+    </ItemGroup>
+
 </Project>

SurveyBackend/SurveyBackend.API/appsettings.Development.json

@@ -4,5 +4,14 @@
       "Default": "Information",
       "Microsoft.AspNetCore": "Warning"
     }
+  },
+  "ConnectionStrings": {
+    "DefaultConnection": "Data Source=Application.db"
+  },
+  "JwtSettings": {
+    "SecretKey": "sigma_super_secret_key_for_jwt_tokens_yo",
+    "Issuer": "SurveyBackend",
+    "Audience": "SurveyClient",
+    "ExpiresInMinutes": 600
   }
 }

SurveyBackend/SurveyBackend.API/appsettings.json

@@ -5,5 +5,14 @@
       "Microsoft.AspNetCore": "Warning"
     }
   },
-  "AllowedHosts": "*"
+  "AllowedHosts": "*",
+  "ConnectionStrings": {
+    "DefaultConnection": "Data Source=Application.db"
+  },
+  "JwtSettings": {
+    "SecretKey": "sigma_super_secret_key_for_jwt_tokens_yo_that_should_be_stored_in_ENV",
+    "Issuer": "SurveyBackend",
+    "Audience": "SurveyClient",
+    "ExpiresInMinutes": 600
+  }
 }

SurveyBackend/SurveyBackend.Core/Models/Group.cs

@@ -0,0 +1,9 @@
+namespace SurveyBackend.Core.Models;
+
+public class Group
+{
+    public int Id { get; set; }
+    public string Label { get; set; }
+
+    public ICollection<User> Users { get; set; }
+}

SurveyBackend/SurveyBackend.Core/Models/User.cs

@@ -1,11 +1,15 @@
+using Microsoft.AspNetCore.Identity;
+
 namespace SurveyBackend.Core.Models;
 
 public class User
 {
-    public int Id { get; set; }
+    public string Id { get; set; }
-    public string Username { get; set; }
     public string Email { get; set; }
+    public string FirstName { get; set; }
+    public string LastName { get; set; }
 
-    public byte[] PasswordHash { get; set; }
+    public string Password { get; set; }
-    public byte[] PasswordSalt { get; set; }
+
+    public ICollection<Group> Groups { get; set; }
 }

SurveyBackend/SurveyBackend.Core/Repositories/IGenericRepository.cs

@@ -0,0 +1,10 @@
+namespace SurveyBackend.Core.Repositories;
+
+public interface IGenericRepository<T> where T : class
+{
+    Task<T?> GetByIdAsync(int id);
+    Task<IEnumerable<T>> GetAllAsync();
+    Task AddAsync(T entity);
+    Task UpdateAsync(T entity);
+    Task DeleteAsync(T entity);
+}

SurveyBackend/SurveyBackend.Core/Repositories/IUserRepository.cs

@@ -0,0 +1,7 @@
+using SurveyBackend.Core.Models;
+
+namespace SurveyBackend.Core.Repositories;
+
+public interface IUserRepository : IGenericRepository<User>
+{
+}

SurveyBackend/SurveyBackend.Core/Services/IUserService.cs

@@ -0,0 +1,6 @@
+namespace SurveyBackend.Core.Services;
+
+public interface IUserService
+{
+    
+}

SurveyBackend/SurveyBackend.Core/SurveyBackend.Core.csproj

@@ -6,4 +6,8 @@
         <Nullable>enable</Nullable>
     </PropertyGroup>
 
+    <ItemGroup>
+      <PackageReference Include="Microsoft.AspNetCore.Identity.EntityFrameworkCore" Version="8.0.14" />
+    </ItemGroup>
+
 </Project>

SurveyBackend/SurveyBackend.Infrastructure/AuthOptions.cs

@@ -0,0 +1,32 @@
+using System.Text;
+using Microsoft.Extensions.Configuration;
+using Microsoft.IdentityModel.Tokens;
+
+namespace SurveyBackend.Infrastructure;
+
+public static class AuthOptions
+{
+    public static string Issuer;
+    public static string Audience;
+    public static TimeSpan TokenLifetime;
+    private static string? SecurityKey { get; set; }
+
+    public static SymmetricSecurityKey SymmetricSecurityKey
+    {
+        get
+        {
+            ArgumentNullException.ThrowIfNull(SecurityKey);
+
+            return new SymmetricSecurityKey(Encoding.UTF8.GetBytes(SecurityKey));
+        }
+    }
+
+    public static void MakeOptions(IConfigurationManager configurationManager, string? securityKey = null)
+    {
+        var jwtSettings = configurationManager.GetSection("JwtSettings");
+        Issuer = jwtSettings["Issuer"] ?? "DefaultIssuer";
+        Audience = jwtSettings["Audience"] ?? "DefaultAudience";
+        TokenLifetime = TimeSpan.FromMinutes(int.Parse(jwtSettings["TokenLifetime"] ?? "60"));
+        SecurityKey = securityKey ?? jwtSettings["SecretKey"];
+    }
+}

SurveyBackend/SurveyBackend.Infrastructure/Data/ApplicationDbContext.cs

@@ -0,0 +1,16 @@
+using Microsoft.AspNetCore.Identity;
+using Microsoft.AspNetCore.Identity.EntityFrameworkCore;
+using Microsoft.EntityFrameworkCore;
+using SurveyBackend.Core.Models;
+
+namespace SurveyBackend.Infrastructure.Data;
+
+public class ApplicationDbContext : DbContext
+{
+    public DbSet<User> Users { get; set; }
+    public DbSet<Group> Groups { get; set; }
+
+    public ApplicationDbContext(DbContextOptions<ApplicationDbContext> options) : base(options)
+    {
+    }
+}

SurveyBackend/SurveyBackend.Infrastructure/Helpers/TokenHelper.cs

@@ -0,0 +1,31 @@
+using System.IdentityModel.Tokens.Jwt;
+using System.Security.Claims;
+using Microsoft.IdentityModel.Tokens;
+using SurveyBackend.Core.Models;
+
+namespace SurveyBackend.Infrastructure.Helpers;
+
+public class TokenHelper
+{
+    public static string GetAuthToken(User user)
+    {
+        var userId = user.Id.ToString();
+
+        var claims = new List<Claim>
+        {
+            new(ClaimTypes.NameIdentifier, userId)
+        };
+
+        var jwt = new JwtSecurityToken(
+            claims: claims,
+            issuer: AuthOptions.Issuer,
+            audience: AuthOptions.Audience,
+            expires: DateTime.UtcNow + AuthOptions.TokenLifetime,
+            signingCredentials: new SigningCredentials(AuthOptions.SymmetricSecurityKey, SecurityAlgorithms.HmacSha256)
+        );
+
+        var token = new JwtSecurityTokenHandler().WriteToken(jwt);
+
+        return token;
+    }
+}

SurveyBackend/SurveyBackend.Infrastructure/Repositories/UserRepository.cs

@@ -0,0 +1,44 @@
+using Microsoft.EntityFrameworkCore;
+using SurveyBackend.Core.Models;
+using SurveyBackend.Core.Repositories;
+using SurveyBackend.Infrastructure.Data;
+
+namespace SurveyBackend.Infrastructure.Repositories;
+
+public class UserRepository : IUserRepository
+{
+    private readonly ApplicationDbContext _context;
+
+    public UserRepository(ApplicationDbContext context)
+    {
+        _context = context;
+    }
+
+    public async Task<User?> GetByIdAsync(int id)
+    {
+        return await _context.Users.FindAsync(id);
+    }
+
+    public async Task<IEnumerable<User>> GetAllAsync()
+    {
+        return await _context.Users.ToListAsync();
+    }
+
+    public async Task AddAsync(User entity)
+    {
+        await _context.Users.AddAsync(entity);
+        await _context.SaveChangesAsync();
+    }
+
+    public async Task UpdateAsync(User entity)
+    {
+        _context.Users.Update(entity);
+        await _context.SaveChangesAsync();
+    }
+
+    public async Task DeleteAsync(User entity)
+    {
+        _context.Users.Remove(entity);
+        await _context.SaveChangesAsync();
+    }
+}

SurveyBackend/SurveyBackend.Infrastructure/Services/IPasswordHasher.cs

@@ -0,0 +1,7 @@
+namespace SurveyBackend.Infrastructure.Services;
+
+public interface IPasswordHasher
+{
+    public string HashPassword(string password);
+    public bool Verify(string password, string hashedPassword);
+}

SurveyBackend/SurveyBackend.Infrastructure/Services/Sha256PasswordHasher.cs

@@ -0,0 +1,61 @@
+using System.Security.Cryptography;
+
+namespace SurveyBackend.Infrastructure.Services;
+
+public class Sha256PasswordHasher : IPasswordHasher
+{
+    private const int RehashCount = 10000;
+
+    private const int HashSizeBytes = 16;
+
+    private const int SaltSizeBytes = 16;
+
+    public string HashPassword(string password)
+    {
+        var saltBytes = RandomNumberGenerator.GetBytes(SaltSizeBytes);
+
+        using var deriveBytes = GetDeriveBytes(password, saltBytes);
+
+        var hashBytes = deriveBytes.GetBytes(HashSizeBytes);
+
+        var fullHashBytes = new byte[SaltSizeBytes + HashSizeBytes];
+
+        Array.Copy(saltBytes, 0, fullHashBytes, 0, SaltSizeBytes);
+        Array.Copy(hashBytes, 0, fullHashBytes, SaltSizeBytes, HashSizeBytes);
+
+        var hashedPassword = Convert.ToBase64String(fullHashBytes);
+
+        return hashedPassword;
+    }
+
+    public bool Verify(string password, string hashedPassword)
+    {
+        var fullHashBytes = Convert.FromBase64String(hashedPassword);
+
+        var saltBytes = new byte[SaltSizeBytes];
+
+        Array.Copy(fullHashBytes, 0, saltBytes, 0, SaltSizeBytes);
+
+        using var deriveBytes = GetDeriveBytes(password, saltBytes);
+
+        var hashBytes = deriveBytes.GetBytes(HashSizeBytes);
+
+        var isMatch = CompareHashes(hashBytes, fullHashBytes);
+
+        return isMatch;
+    }
+
+    private static bool CompareHashes(byte[] hashBytes, byte[] fullHashBytes)
+    {
+        for (var i = 0; i < HashSizeBytes; i++)
+            if (hashBytes[i] != fullHashBytes[i + SaltSizeBytes])
+                return false;
+
+        return true;
+    }
+
+    private static Rfc2898DeriveBytes GetDeriveBytes(string password, byte[] saltBytes)
+    {
+        return new Rfc2898DeriveBytes(password, saltBytes, RehashCount, HashAlgorithmName.SHA256);
+    }
+}

SurveyBackend/SurveyBackend.Infrastructure/SurveyBackend.Infrastructure.csproj

@@ -0,0 +1,18 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+    <PropertyGroup>
+        <TargetFramework>net8.0</TargetFramework>
+        <ImplicitUsings>enable</ImplicitUsings>
+        <Nullable>enable</Nullable>
+    </PropertyGroup>
+
+    <ItemGroup>
+      <PackageReference Include="Microsoft.EntityFrameworkCore" Version="9.0.3" />
+      <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="7.1.2" />
+    </ItemGroup>
+
+    <ItemGroup>
+      <ProjectReference Include="..\SurveyBackend.Core\SurveyBackend.Core.csproj" />
+    </ItemGroup>
+
+</Project>

SurveyBackend/SurveyBackend.sln

@@ -4,6 +4,8 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "SurveyBackend.API", "Survey
 EndProject
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "SurveyBackend.Core", "SurveyBackend.Core\SurveyBackend.Core.csproj", "{596B4603-4066-4FF2-9C96-5357193F7229}"
 EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "SurveyBackend.Infrastructure", "SurveyBackend.Infrastructure\SurveyBackend.Infrastructure.csproj", "{4006471D-9F65-4AD6-852B-88A1211B49F4}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -18,5 +20,9 @@ Global
 		{596B4603-4066-4FF2-9C96-5357193F7229}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{596B4603-4066-4FF2-9C96-5357193F7229}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{596B4603-4066-4FF2-9C96-5357193F7229}.Release|Any CPU.Build.0 = Release|Any CPU
+		{4006471D-9F65-4AD6-852B-88A1211B49F4}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{4006471D-9F65-4AD6-852B-88A1211B49F4}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{4006471D-9F65-4AD6-852B-88A1211B49F4}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{4006471D-9F65-4AD6-852B-88A1211B49F4}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 EndGlobal