User service

backend/user-service/user-service-docs.md

@@ -1 +1,215 @@
-Nothing
+# 🛡️ User Service API
+
+Проєкт розроблений на **C# (.NET 8)** з використанням **ASP.NET Core Web API**, **Kestrel**, **PostgreSQL**, **JWT-аутентифікації**, контейнеризований у **Docker**.
+
+## 🔐 Загальні вимоги до запитів
+
+Кожен запит до API повинен містити заголовок авторизації з JWT-токеном:
+
+### 🔸 Authorization Header
+
+```http
+Authorization: Bearer <token>
+```
+
+## 🔴 Помилки
+
+### 401 Unauthorized
+
+```json
+{
+  "message": "Unautorized error"
+}
+```
+
+### 500 Internal Server Error
+
+```json
+{
+  "message": "Internal error",
+  "error": "<exception_message>"
+}
+```
+
+## 📘 Ендпоїнти
+
+### ✅ POST /api/admin/get_users
+
+Отримання **всіх користувачів** з бази.
+
+#### 🔹 Request Body
+
+```json
+null
+```
+
+#### 🔹 Response 200 OK
+
+```json
+{
+  "users": [
+    {
+      "id": "<uuid>",
+      "createdAt": "<timestamp>",
+      "updatedAt": "<timestamp>",
+      "lastLoginAt": "<timestamp|null>",
+      "isActive": "<bool>",
+      "password": "<base64 string>",
+      "roleId": "<uuid>",
+      "verificationStatus": "<string>",
+      "organizationId": "<uuid>",
+      "email": "<string>",
+      "fullName": "<string>",
+      "phone": "<string>",
+      "avatarUrl": "<string>",
+      "govId": "<string>"
+    }
+  ]
+}
+```
+
+### ✅ POST /api/admin/get_user
+
+Отримання **одного користувача** по `id`.
+
+#### 🔹 Request Body
+
+```json
+{
+  "id": "<uuid>"
+}
+```
+
+#### 🔹 Response 200 OK
+
+```json
+{
+  "createdUser": {
+    "id": "<uuid>",
+    "createdAt": "<timestamp>",
+    "updatedAt": "<timestamp>",
+    "lastLoginAt": "<timestamp|null>",
+    "isActive": "<bool>",
+    "password": "<base64 string>",
+    "roleId": "<uuid>",
+    "verificationStatus": "<string>",
+    "organizationId": "<uuid>",
+    "email": "<string>",
+    "fullName": "<string>",
+    "phone": "<string>",
+    "avatarUrl": "<string>",
+    "govId": "<string>"
+  }
+}
+```
+
+### ✅ POST /api/admin/user_add
+
+Додавання **нового користувача**.
+
+#### 🔹 Request Body
+
+```json
+{
+  "fullName": "<string>",
+  "email": "<string>",
+  "password": "<string>"
+}
+```
+
+#### 🔹 Response 200 OK
+
+```json
+{
+  "user": [
+    {
+      "id": "<uuid>",
+      "createdAt": "<timestamp>",
+      "updatedAt": "<timestamp>",
+      "lastLoginAt": "<timestamp|null>",
+      "isActive": "<bool>",
+      "password": "<base64 string>",
+      "roleId": "<uuid>",
+      "verificationStatus": "<string>",
+      "organizationId": "<uuid>",
+      "email": "<string>",
+      "fullName": "<string>",
+      "phone": "<string>",
+      "avatarUrl": "<string>",
+      "govId": "<string>"
+    }
+  ]
+}
+```
+
+#### 🔻 Помилки
+
+##### 400 Bad Request
+
+```json
+{
+  "message": "Full name is required"
+}
+```
+
+```json
+{
+  "message": "Email is required"
+}
+```
+
+```json
+{
+  "message": "Password is required"
+}
+```
+
+##### 409 Conflict
+
+```json
+{
+  "message": "Email already exists"
+}
+```
+
+### ✅ POST /api/admin/user_change
+
+Зміна **даних користувача** за `id`.
+
+#### 🔹 Request Body
+
+```json
+{
+  "id": "<uuid>",
+  "createdAt": "<timestamp>",
+  "updatedAt": "<timestamp>",
+  "lastLoginAt": "<timestamp|null>",
+  "isActive": "<bool>",
+  "password": "<base64 string>",
+  "roleId": "<uuid>",
+  "verificationStatus": "<string>",
+  "organizationId": "<uuid>",
+  "email": "<string>",
+  "fullName": "<string>",
+  "phone": "<string>",
+  "avatarUrl": "<string>",
+  "govId": "<string>"
+}
+```
+
+#### 🔹 Response 200 OK
+
+```json
+{
+  "message": "Ok"
+}
+```
+
+## 📦 Технології
+
+- C# / .NET 8
+- ASP.NET Core Web API
+- PostgreSQL
+- JWT (RS256)
+- Docker
+- Kestrel

backend/user-service/user-service/docker-compose.yml

@@ -0,0 +1,7 @@
+services:
+  user-service:
+    build:
+      context: .
+      dockerfile: docker/Dockerfile
+    ports:
+      - "883:80"

backend/user-service/user-service/docker/Dockerfile

@@ -0,0 +1,17 @@
+FROM mcr.microsoft.com/dotnet/sdk:8.0 AS build
+WORKDIR /src
+COPY ./src/ .
+RUN dotnet publish -c Release -o /app
+
+RUN useradd -u 8571 -r -g -0 -s /sbin/nologin \
+    -c "Default Application User" postgres
+
+FROM mcr.microsoft.com/dotnet/aspnet:8.0
+WORKDIR /app
+COPY --from=build /app .
+
+COPY ./keys/public.pem ./public.pem
+
+USER 8571
+
+ENTRYPOINT ["dotnet", "app.dll"]

backend/user-service/user-service/keys/public.pem

@@ -0,0 +1,9 @@
+-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Ytzek1ZpurQJ+wCb5q5
+4IBg33MCA+QXbgQ3G1udE7f1EjRKlLmMOyedMVr5t5Ssyh6oQYMKjr/5akRfwoXm
+JU4JjkdmS6slqho/vYQQoOB1+HNzeOIY8jMMrbVMLYnwGBH3DNgOFJUFQiPPJ/o9
++GSvDwCbQ4cz1hSNKpywwAuHNowe7umC/9AzbOjSUfZcrh+qf2BbJg2Am5cYtdZV
+h1PBXBiJCR+Bt+eEag8OUCSPBe4iOfyGttjPsLOHxObvlsuERuq6AowqvY0bam1L
+tbHs4bZ7Jo0k7X0dYI9CriaeaNHGs/lBWfueGGJNlbplj9tZz9Qe/fIkK4NLN3qi
+jQIDAQAB
+-----END PUBLIC KEY-----

backend/user-service/user-service/src/Controllers/Common/ControllerBaseAdminRequired.cs

@@ -0,0 +1,33 @@
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.Filters;
+
+using Services.Token;
+
+namespace Controllers.Users.Common;
+
+[ApiController]
+public abstract class ControllerBaseAdminRequired : ControllerBase, IActionFilter
+{
+    protected ITokenPacketProcessorService _tokenService;
+
+    protected Guid UserId { get; private set; }
+
+    protected ControllerBaseAdminRequired(ITokenPacketProcessorService tokenService)
+    {
+        _tokenService = tokenService;
+    }
+
+    public void OnActionExecuting(ActionExecutingContext context)
+    {
+        if (!_tokenService.TryValidateToken(context.HttpContext.Request, out var userId))
+        {
+            //context.Result = new UnauthorizedObjectResult(new { message = "Invalid token" });
+
+            return;
+        }
+
+        UserId = userId;
+    }
+
+    public void OnActionExecuted(ActionExecutedContext context) {  }
+}

backend/user-service/user-service/src/Controllers/ControllerAddUser.cs

@@ -0,0 +1,49 @@
+using Controllers.Users.Common;
+
+using Microsoft.AspNetCore.Mvc;
+
+using Services.Token;
+using Services.PasswordHashing;
+using Services.Users;
+
+using Models.Users;
+
+namespace Controllers.Users;
+
+[ApiController]
+[Route("api/admin/user_add")]
+public class ControllerAddUser(
+    ITokenPacketProcessorService tokenService,
+    IPasswordHashingService passwordHasher,
+    AddUserService addUserService
+) : ControllerBaseAdminRequired(tokenService)
+{
+    [HttpPost]
+    public IActionResult AddUser([FromBody] AddUserRequest req)
+    {
+        try
+        {
+            if (string.IsNullOrWhiteSpace(req.FullName)) return BadRequest(new { message = "Full name is required" });
+
+            if (string.IsNullOrWhiteSpace(req.Email)) return BadRequest(new { message = "Email is required" });
+
+            if (string.IsNullOrWhiteSpace(req.Password)) return BadRequest(new { message = "Password is required" });
+
+            if (addUserService.EmailExists(req.Email)) return Conflict(new { message = "Email already exists" });
+
+            var hash = passwordHasher.Hash(req.Password);
+
+            var id = addUserService.CreateUser(req.FullName, req.Email, hash);
+
+            var createdUser = addUserService.GetById(id);
+
+            if (createdUser is null) return StatusCode(500, new { message = "Internal Error" });
+
+            return Ok(new { createdUser });
+        }
+        catch (Exception ex)
+        {
+            return StatusCode(500, new { message = "Internal error", error = ex.Message });
+        }
+    }
+}

backend/user-service/user-service/src/Controllers/ControllerChangeUser.cs

@@ -0,0 +1,32 @@
+using Controllers.Users.Common;
+
+using Microsoft.AspNetCore.Mvc;
+
+using Services.Token;
+using Services.Users;
+
+using Models.Users;
+
+namespace Controllers.Users;
+
+[ApiController]
+[Route("api/admin/user_change")]
+public class ControllerChangeUser(
+    ITokenPacketProcessorService tokenService,
+    ChangeUserService changeUserService
+) : ControllerBaseAdminRequired(tokenService)
+{
+    [HttpPost]
+    public IActionResult ChangeUser([FromBody] ChangeUserRequest req)
+    {
+        try
+        {
+            changeUserService.ChangeUser(req.Id, req.CreatedAt, req.Email, req.FullName, req.Phone, req.VerificationStatus);
+            return Ok(new { message = "User updated successfully" });
+        }
+        catch (Exception ex)
+        {
+            return StatusCode(500, new { message = "Internal error", error = ex.Message });
+        }
+    }
+}