seed improve

PandaTechAM · Mar 18, 2024 · b99404b · b99404b
1 parent f11baf8
commit b99404b
Show file tree

Hide file tree

Showing 6 changed files with 75 additions and 115 deletions.
diff --git a/PandaVerticalSlices.sln.DotSettings b/PandaVerticalSlices.sln.DotSettings
diff --git a/PandaWebApi.sln.DotSettings b/PandaWebApi.sln.DotSettings
diff --git a/qodana.yaml b/qodana.yaml
diff --git a/src/Pandatech.VerticalSlices/Infrastructure/DependencyInjection.cs b/src/Pandatech.VerticalSlices/Infrastructure/DependencyInjection.cs
@@ -1,6 +1,7 @@
 using Pandatech.VerticalSlices.Infrastructure.Extensions;
 using Pandatech.VerticalSlices.Infrastructure.Repositories;
 using Pandatech.VerticalSlices.Infrastructure.Seed;
+using Pandatech.VerticalSlices.Infrastructure.Seed.User;
 using Pandatech.VerticalSlices.SharedKernel.Extensions;
 
 namespace Pandatech.VerticalSlices.Infrastructure;

diff --git a/src/Pandatech.VerticalSlices/Infrastructure/Seed/SeederExtension.cs b/src/Pandatech.VerticalSlices/Infrastructure/Seed/SeederExtension.cs
diff --git a/src/Pandatech.VerticalSlices/Infrastructure/Seed/User/SystemUser.cs b/src/Pandatech.VerticalSlices/Infrastructure/Seed/User/SystemUser.cs
@@ -0,0 +1,74 @@
+using System.Collections;
+using Pandatech.Crypto;
+using Pandatech.VerticalSlices.Domain.Entities;
+using Pandatech.VerticalSlices.Domain.Enums;
+using Pandatech.VerticalSlices.Infrastructure.Contexts;
+
+namespace Pandatech.VerticalSlices.Infrastructure.Seed.User;
+
+public static class SystemUser
+{
+   public static WebApplication SeedSystemUser(this WebApplication app)
+   {
+      using var scope = app.Services.CreateScope();
+      var services = scope.ServiceProvider;
+      var context = services.GetRequiredService<PostgresContext>();
+      var configuration = services.GetRequiredService<IConfiguration>();
+      var argon2Id = services.GetRequiredService<Argon2Id>();
+
+      var username = configuration["Security:SuperUser:Username"];
+      ValidateConfiguration(username, "SuperUser:Username");
+
+      var normalizedUsername = username!.ToLowerInvariant();
+      var existingUsers = context.Users
+         .Where(u => u.Username == normalizedUsername || u.Role == UserRole.SuperAdmin)
+         .ToList();
+
+      ValidateSuperUserUniqueness(existingUsers);
+
+      if (existingUsers.Count == 1)
+      {
+         return app;
+      }
+
+      var userPassword = configuration["Security:SuperUser:Password"];
+      ValidateConfiguration(userPassword, "SuperUser:Password");
+
+      var passwordHash = argon2Id.HashPassword(userPassword!);
+
+      var newUser = CreateNewUser(normalizedUsername, passwordHash);
+      context.Users.Add(newUser);
+      context.SaveChanges();
+
+      return app;
+   }
+
+   private static void ValidateConfiguration(string? configValue, string configName)
+   {
+      if (string.IsNullOrWhiteSpace(configValue))
+      {
+         throw new ArgumentException($"{configName} is not set in appsettings.json");
+      }
+   }
+
+   private static void ValidateSuperUserUniqueness(ICollection users)
+   {
+      if (users.Count > 1)
+      {
+         throw new InvalidOperationException("There are multiple super users in the database.");
+      }
+   }
+
+   private static UserEntity CreateNewUser(string username, byte[] passwordHash)
+   {
+      return new UserEntity
+      {
+         FullName = "System",
+         PasswordHash = passwordHash,
+         Username = username,
+         Role = UserRole.SuperAdmin,
+         ForcePasswordChange = false,
+         Comment = "Seeded user, please do not delete"
+      };
+   }
+}