Adds PasswordHasher + DbSetup

2025-01-21 23:26:05 +01:00 · 2025-01-21 23:26:05 +01:00 · db09261768
commit db09261768
parent 4ec4beef21
7 changed files with 269 additions and 45 deletions
--- a/Database/Database.csproj
+++ b/Database/Database.csproj
@ -3,7 +3,6 @@
  <PropertyGroup>
    <TargetFramework>net8.0</TargetFramework>
    <ImplicitUsings>enable</ImplicitUsings>
-    <Nullable>enable</Nullable>
  </PropertyGroup>

  <ItemGroup>
--- a/Database/Identity/DbSetup.cs
+++ b/Database/Identity/DbSetup.cs
@ -0,0 +1,79 @@
+using Insight.Database;
+using System.Data;
+
+namespace Database.Identity
+{
+    public class DbSetup
+    {
+        private readonly IDbConnection _db;
+
+        public DbSetup(IDbConnection db)
+        {
+            _db = db;
+        }
+
+        public void CreateDatabase()
+        {
+            var schema = "dev";
+
+            if (_db.State != ConnectionState.Open)
+                _db.Open();
+
+            using var transaction = _db.BeginTransaction();
+            try
+            {
+                // Create tables
+                _db.Execute(@$"
+                CREATE TABLE IF NOT EXISTS {schema}.users (
+                    id SERIAL PRIMARY KEY,
+                    email VARCHAR(256) NOT NULL UNIQUE,
+                    password_hash VARCHAR(256) NOT NULL,
+                    security_stamp VARCHAR(36) NOT NULL,
+                    email_confirmed BOOLEAN NOT NULL DEFAULT FALSE,
+                    created_date TIMESTAMP NOT NULL,
+                    last_login_date TIMESTAMP NULL
+                );
+
+                CREATE TABLE IF NOT EXISTS {schema}.tenants (
+                    id SERIAL PRIMARY KEY,
+                    connection_string VARCHAR(500) NOT NULL,
+                    created_date TIMESTAMP NOT NULL,
+                    created_by INTEGER REFERENCES users(id),
+                    is_active BOOLEAN DEFAULT true
+                );
+
+                CREATE TABLE IF NOT EXISTS {schema}.user_tenants (
+                    user_id INTEGER REFERENCES users(id),
+                    tenant_id INTEGER REFERENCES tenants(id),
+                    created_date TIMESTAMP NOT NULL,
+                    PRIMARY KEY (user_id, tenant_id)
+                );
+
+                -- Enable RLS på både tenants og user_tenants
+                ALTER TABLE {schema}.tenants ENABLE ROW LEVEL SECURITY;
+                ALTER TABLE {schema}.user_tenants ENABLE ROW LEVEL SECURITY;
+
+                -- RLS policy for tenants
+                DROP POLICY IF EXISTS tenant_access ON {schema}.tenants;
+                CREATE POLICY tenant_access ON {schema}.tenants
+                    USING (id IN (
+                        SELECT tenant_id 
+                        FROM {schema}.user_tenants 
+                        WHERE user_id = current_setting('app.user_id', TRUE)::INTEGER
+                    ));
+
+                -- RLS policy for user_tenants
+                DROP POLICY IF EXISTS user_tenant_access ON {schema}.user_tenants;
+                CREATE POLICY user_tenant_access ON {schema}.user_tenants
+                    USING (user_id = current_setting('app.user_id', TRUE)::INTEGER);");
+
+                transaction.Commit();
+            }
+            catch
+            {
+                transaction.Rollback();
+                throw;
+            }
+        }
+    }
+}
--- a/Database/Identity/UserService.cs
+++ b/Database/Identity/UserService.cs
@ -0,0 +1,76 @@
+using Core.Entities.Users;
+using Insight.Database;
+using System.Data;
+
+namespace Database.Identity
+{
+    public class UserService
+    {
+        private readonly IDbConnection _db;
+
+        public UserService(IDbConnection db)
+        {
+            _db = db;
+        }
+
+        public async Task CreateUserWithTenant(string email, string password, string tenantConnectionString)
+        {
+            var schema = "dev";
+
+            if (_db.State != ConnectionState.Open)
+                _db.Open();
+
+            using var transaction = _db.BeginTransaction();
+            try
+            {
+                // Create user
+                var user = new User
+                {
+                    Email = email,
+                    PasswordHash = PasswordHasher.HashPassword(password),
+                    SecurityStamp = Guid.NewGuid().ToString(),
+                    EmailConfirmed = false,
+                    CreatedDate = DateTime.UtcNow
+                };
+
+                var userId = await _db.ExecuteScalarAsync<int>(@$"
+                INSERT INTO {schema}.users (email, password_hash, security_stamp, email_confirmed, created_date)
+                VALUES (@Email, @PasswordHash, @SecurityStamp, @EmailConfirmed, @CreatedDate)
+                RETURNING id", user);
+
+                // Create tenant
+                var tenant = new Tenant
+                {
+                    ConnectionString = tenantConnectionString,
+                    CreatedDate = DateTime.UtcNow,
+                    CreatedBy = userId,
+                    IsActive = true
+                };
+
+                var tenantId = await _db.ExecuteScalarAsync<int>(@$"
+                INSERT INTO {schema}.tenants (connection_string, created_date, created_by, is_active)
+                VALUES (@ConnectionString, @CreatedDate, @CreatedBy, @IsActive)
+                RETURNING id", tenant);
+
+                // Link user to tenant
+                var userTenant = new UserTenant
+                {
+                    UserId = userId,
+                    TenantId = tenantId,
+                    CreatedDate = DateTime.UtcNow
+                };
+
+                await _db.ExecuteAsync(@$"
+                INSERT INTO {schema}.user_tenants (user_id, tenant_id, created_date)
+                VALUES (@UserId, @TenantId, @CreatedDate)", userTenant);
+
+                transaction.Commit();
+            }
+            catch
+            {
+                transaction.Rollback();
+                throw;
+            }
+        }
+    }
+}