Move ApiKeyService to Jellyfin.Api

1 files changed, 97 insertions, 0 deletions

diff --git a/Jellyfin.Api/Controllers/ApiKeyController.cs b/Jellyfin.Api/Controllers/ApiKeyController.cs
new file mode 100644
index 000000000..ed521c1fc
--- /dev/null
+++ b/Jellyfin.Api/Controllers/ApiKeyController.cs
@@ -0,0 +1,97 @@
+using System;
+using System.ComponentModel.DataAnnotations;
+using System.Globalization;
+using Jellyfin.Api.Constants;
+using MediaBrowser.Controller;
+using MediaBrowser.Controller.Security;
+using MediaBrowser.Controller.Session;
+using MediaBrowser.Model.Querying;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Mvc;
+
+namespace Jellyfin.Api.Controllers
+{
+    /// <summary>
+    /// Authentication controller.
+    /// </summary>
+    [Route("/Auth")]
+    public class ApiKeyController : BaseJellyfinApiController
+    {
+        private readonly ISessionManager _sessionManager;
+        private readonly IServerApplicationHost _appHost;
+        private readonly IAuthenticationRepository _authRepo;
+
+        /// <summary>
+        /// Initializes a new instance of the <see cref="ApiKeyController"/> class.
+        /// </summary>
+        /// <param name="sessionManager">Instance of <see cref="ISessionManager"/> interface.</param>
+        /// <param name="appHost">Instance of <see cref="IServerApplicationHost"/> interface.</param>
+        /// <param name="authRepo">Instance of <see cref="IAuthenticationRepository"/> interface.</param>
+        public ApiKeyController(
+            ISessionManager sessionManager,
+            IServerApplicationHost appHost,
+            IAuthenticationRepository authRepo)
+        {
+            _sessionManager = sessionManager;
+            _appHost = appHost;
+            _authRepo = authRepo;
+        }
+
+        /// <summary>
+        /// Get all keys.
+        /// </summary>
+        /// <response code="200">Api keys retrieved.</response>
+        /// <returns>A <see cref="QueryResult{AuthenticationInfo}"/> with all keys.</returns>
+        [HttpGet("Keys")]
+        [Authorize(Policy = Policies.RequiresElevation)]
+        [ProducesResponseType(StatusCodes.Status200OK)]
+        public ActionResult<QueryResult<AuthenticationInfo>> GetKeys()
+        {
+            var result = _authRepo.Get(new AuthenticationInfoQuery
+            {
+                HasUser = false
+            });
+
+            return result;
+        }
+
+        /// <summary>
+        /// Create a new api key.
+        /// </summary>
+        /// <param name="app">Name of the app using the authentication key.</param>
+        /// <response code="204">Api key created.</response>
+        /// <returns>A <see cref="NoContentResult"/>.</returns>
+        [HttpPost("Keys")]
+        [Authorize(Policy = Policies.RequiresElevation)]
+        [ProducesResponseType(StatusCodes.Status204NoContent)]
+        public ActionResult CreateKey([FromQuery, Required] string app)
+        {
+            _authRepo.Create(new AuthenticationInfo
+            {
+                AppName = app,
+                AccessToken = Guid.NewGuid().ToString("N", CultureInfo.InvariantCulture),
+                DateCreated = DateTime.UtcNow,
+                DeviceId = _appHost.SystemId,
+                DeviceName = _appHost.FriendlyName,
+                AppVersion = _appHost.ApplicationVersionString
+            });
+            return NoContent();
+        }
+
+        /// <summary>
+        /// Remove an api key.
+        /// </summary>
+        /// <param name="key">The access token to delete.</param>
+        /// <response code="204">Api key deleted.</response>
+        /// <returns>A <see cref="NoContentResult"/>.</returns>
+        [HttpDelete("Keys/{key}")]
+        [Authorize(Policy = Policies.RequiresElevation)]
+        [ProducesResponseType(StatusCodes.Status204NoContent)]
+        public ActionResult RevokeKey([FromRoute] string key)
+        {
+            _sessionManager.RevokeToken(key);
+            return NoContent();
+        }
+    }
+}