Merge pull request #793 from EdiWang/master

Release v14.4.0
EdiWang · May 9, 2024 · 786be8f · 786be8f
2 parents f126671 + 07b1f98
commit 786be8f
Show file tree

Hide file tree

Showing 270 changed files with 1,896 additions and 3,872 deletions.
diff --git a/Deployment/mssql-migration.sql b/Deployment/mssql-migration.sql
@@ -1 +1,33 @@
--- 
+-- v14.3.x - v14.4.0
+CREATE TABLE [dbo].[LoginHistory](
+	[Id] [int] IDENTITY(1,1) NOT NULL,
+	[LoginTimeUtc] [datetime] NOT NULL,
+	[LoginIp] [nvarchar](64) NULL,
+	[LoginUserAgent] [nvarchar](128) NULL,
+	[DeviceFingerprint] [nvarchar](128) NULL,
+ CONSTRAINT [PK_LoginHistory] PRIMARY KEY CLUSTERED 
+(
+	[Id] ASC
+)WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON, OPTIMIZE_FOR_SEQUENTIAL_KEY = OFF) ON [PRIMARY]
+) ON [PRIMARY]
+GO
+
+DROP TABLE [LocalAccount]
+GO
+
+EXEC sys.sp_rename 
+    @objname = N'Category.RouteName', 
+    @newname = 'Slug', 
+    @objtype = 'COLUMN'
+GO
+
+IF EXISTS (
+    SELECT 1
+    FROM sys.columns c
+    JOIN sys.objects o ON c.object_id = o.object_id
+    WHERE o.name = 'Post' AND c.name = 'InlineCss'
+)
+BEGIN
+    ALTER TABLE Post DROP COLUMN InlineCss;
+END;
+GO
diff --git a/README.md b/README.md
@@ -152,8 +152,8 @@ Open Search | Search | Supported | `/opensearch`
 Pingback | Social | Supported | `/pingback`
 Reader View | Reader mode | Supported | N/A
 FOAF | Social | Supported | `/foaf.xml`
-RSD | Service Discovery | Supported | `/rsd` *If MetaWeblog is enabled*
-MetaWeblog | Blogging | Basic Support | `/metaweblog`
+RSD | Service Discovery | Deprecated | N/A
+MetaWeblog | Blogging | Deprecated | N/A
 Dublin Core Metadata | SEO | Basic Support | N/A
 BlogML | Blogging | Not planned | 
 APML | Social | Not planned | 

diff --git a/src/Directory.Build.props b/src/Directory.Build.props
@@ -3,8 +3,8 @@
     <Authors>Edi Wang</Authors>
     <Company>edi.wang</Company>
     <Copyright>(C) 2024 edi.wang@outlook.com</Copyright>
-    <AssemblyVersion>14.3.3.0</AssemblyVersion>
-    <FileVersion>14.3.3.0</FileVersion>
-    <Version>14.3.3</Version>
+    <AssemblyVersion>14.4.0.0</AssemblyVersion>
+    <FileVersion>14.4.0.0</FileVersion>
+    <Version>14.4.0</Version>
   </PropertyGroup>
 </Project>
diff --git a/src/Moonglade.Auth/Account.cs b/src/Moonglade.Auth/Account.cs
diff --git a/src/Moonglade.Auth/AccountExistsQuery.cs b/src/Moonglade.Auth/AccountExistsQuery.cs
diff --git a/src/Moonglade.Auth/ChangePasswordCommand.cs b/src/Moonglade.Auth/ChangePasswordCommand.cs
diff --git a/src/Moonglade.Auth/CountAccountsQuery.cs b/src/Moonglade.Auth/CountAccountsQuery.cs
diff --git a/src/Moonglade.Auth/CreateAccountCommand.cs b/src/Moonglade.Auth/CreateAccountCommand.cs
diff --git a/src/Moonglade.Auth/DeleteAccountCommand.cs b/src/Moonglade.Auth/DeleteAccountCommand.cs
diff --git a/src/Moonglade.Auth/GetAccountQuery.cs b/src/Moonglade.Auth/GetAccountQuery.cs
diff --git a/src/Moonglade.Auth/GetAccountsQuery.cs b/src/Moonglade.Auth/GetAccountsQuery.cs
diff --git a/src/Moonglade.Auth/GetLoginHistoryQuery.cs b/src/Moonglade.Auth/GetLoginHistoryQuery.cs
@@ -0,0 +1,16 @@
+using Moonglade.Data;
+using Moonglade.Data.Entities;
+using Moonglade.Data.Specifications;
+
+namespace Moonglade.Auth;
+
+public record GetLoginHistoryQuery : IRequest<List<LoginHistoryEntity>>;
+
+public class GetLoginHistoryQueryHandler(MoongladeRepository<LoginHistoryEntity> repo) : IRequestHandler<GetLoginHistoryQuery, List<LoginHistoryEntity>>
+{
+    public async Task<List<LoginHistoryEntity>> Handle(GetLoginHistoryQuery request, CancellationToken ct)
+    {
+        var history = await repo.ListAsync(new LoginHistorySpec(10), ct);
+        return history;
+    }
+}
diff --git a/src/Moonglade.Auth/LogSuccessLoginCommand.cs b/src/Moonglade.Auth/LogSuccessLoginCommand.cs
@@ -1,22 +1,22 @@
-using Moonglade.Data.Entities;
-using Moonglade.Data.Infrastructure;
+using Moonglade.Data;
+using Moonglade.Data.Entities;
 
 namespace Moonglade.Auth;
 
-public record LogSuccessLoginCommand(Guid Id, string IpAddress) : IRequest;
+public record LogSuccessLoginCommand(string IpAddress, string UserAgent, string DeviceFingerprint) : IRequest;
 
-public class LogSuccessLoginCommandHandler(IRepository<LocalAccountEntity> repo) : IRequestHandler<LogSuccessLoginCommand>
+public class LogSuccessLoginCommandHandler(MoongladeRepository<LoginHistoryEntity> repo) : IRequestHandler<LogSuccessLoginCommand>
 {
     public async Task Handle(LogSuccessLoginCommand request, CancellationToken ct)
     {
-        var (id, ipAddress) = request;
-
-        var entity = await repo.GetAsync(id, ct);
-        if (entity is not null)
+        var entity = new LoginHistoryEntity
         {
-            entity.LastLoginIp = ipAddress.Trim();
-            entity.LastLoginTimeUtc = DateTime.UtcNow;
-            await repo.UpdateAsync(entity, ct);
-        }
+            LoginIp = request.IpAddress.Trim(),
+            LoginTimeUtc = DateTime.UtcNow,
+            LoginUserAgent = request.UserAgent.Trim(),
+            DeviceFingerprint = request.DeviceFingerprint.Trim()
+        };
+
+        await repo.AddAsync(entity, ct);
     }
 }
diff --git a/src/Moonglade.Auth/Moonglade.Auth.csproj b/src/Moonglade.Auth/Moonglade.Auth.csproj
@@ -16,9 +16,10 @@
   </ItemGroup>
   <ItemGroup>
     <FrameworkReference Include="Microsoft.AspNetCore.App" />
-    <PackageReference Include="Microsoft.Identity.Web" Version="2.17.4" />
+    <PackageReference Include="Microsoft.Identity.Web" Version="2.18.1" />
   </ItemGroup>
   <ItemGroup>
+    <ProjectReference Include="..\Moonglade.Configuration\Moonglade.Configuration.csproj" />
     <ProjectReference Include="..\Moonglade.Data\Moonglade.Data.csproj" />
     <ProjectReference Include="..\Moonglade.Utils\Moonglade.Utils.csproj" />
   </ItemGroup>

diff --git a/src/Moonglade.Auth/UpdateLocalAccountPasswordRequest.cs b/src/Moonglade.Auth/UpdateLocalAccountPasswordRequest.cs
@@ -0,0 +1,18 @@
+using System.ComponentModel.DataAnnotations;
+
+namespace Moonglade.Auth;
+
+public class UpdateLocalAccountPasswordRequest
+{
+    [Required]
+    [RegularExpression("^[A-Za-z0-9]{3,16}$")]
+    public string NewUsername { get; set; }
+
+    [Required]
+    [RegularExpression("^(?=.*[a-zA-Z])(?=.*[0-9])[A-Za-z0-9._~!@#$^&*]{8,}$")]
+    public string OldPassword { get; set; }
+
+    [Required]
+    [RegularExpression("^(?=.*[a-zA-Z])(?=.*[0-9])[A-Za-z0-9._~!@#$^&*]{8,}$")]
+    public string NewPassword { get; set; }
+}
diff --git a/src/Moonglade.Auth/ValidateLoginCommand.cs b/src/Moonglade.Auth/ValidateLoginCommand.cs
@@ -1,34 +1,21 @@
-using Moonglade.Data.Entities;
-using Moonglade.Data.Infrastructure;
+using Moonglade.Configuration;
 using Moonglade.Utils;
 
 namespace Moonglade.Auth;
 
-public record ValidateLoginCommand(string Username, string InputPassword) : IRequest<Guid>;
+public record ValidateLoginCommand(string Username, string InputPassword) : IRequest<bool>;
 
-public class ValidateLoginCommandHandler(IRepository<LocalAccountEntity> repo) : IRequestHandler<ValidateLoginCommand, Guid>
+public class ValidateLoginCommandHandler(IBlogConfig config) : IRequestHandler<ValidateLoginCommand, bool>
 {
-    public async Task<Guid> Handle(ValidateLoginCommand request, CancellationToken ct)
+    public Task<bool> Handle(ValidateLoginCommand request, CancellationToken ct)
     {
-        var account = await repo.GetAsync(p => p.Username == request.Username);
-        if (account is null) return Guid.Empty;
+        var account = config.LocalAccountSettings;
 
-        var valid = account.PasswordHash == (string.IsNullOrWhiteSpace(account.PasswordSalt)
-            ? Helper.HashPassword(request.InputPassword.Trim())
-            : Helper.HashPassword2(request.InputPassword.Trim(), account.PasswordSalt));
+        if (account is null) return Task.FromResult(false);
+        if (account.Username != request.Username) return Task.FromResult(false);
 
-        // migrate old account to salt
-        if (valid && string.IsNullOrWhiteSpace(account.PasswordSalt))
-        {
-            var salt = Helper.GenerateSalt();
-            var newHash = Helper.HashPassword2(request.InputPassword.Trim(), salt);
+        var valid = account.PasswordHash == Helper.HashPassword(request.InputPassword.Trim(), account.PasswordSalt);
 
-            account.PasswordSalt = salt;
-            account.PasswordHash = newHash;
-
-            await repo.UpdateAsync(account, ct);
-        }
-
-        return valid ? account.Id : Guid.Empty;
+        return Task.FromResult(valid);
     }
 }
diff --git a/src/Moonglade.Comments/Comment.cs b/src/Moonglade.Comments/Comment.cs
@@ -13,7 +13,7 @@ public class Comment
 
     public string CommentContent { get; set; }
 
-    public IReadOnlyList<CommentReplyDigest> CommentReplies { get; set; }
+    public List<CommentReplyDigest> CommentReplies { get; set; }
 }
 
 public class CommentDetailedItem : Comment