Final changes to Note Controller and removing cryptographic support.

SmoothNotesAPI/Controllers/NoteController.cs

@@ -19,37 +19,21 @@ public NoteController(DataContext context)
 
     //Create
     // POST api/<ValuesController>
-    [HttpPost, Authorize]
+    [HttpPost("add"), Authorize]
     public async Task<ActionResult> Post([FromBody] Note args)
     {
         try
         {
-            //Testing
-            //Move to Applikation side when possible
-            #region Testing
-            Folder folder = await _context.Folders.FirstOrDefaultAsync(f => f.Id == args.FolderId);
-            Profile profile = await _context.Profiles.FirstOrDefaultAsync(p => p.Id == folder.ProfileId);
-            string key = ConverterService.ReadEncodedKey(ConverterService.ByteArrayToHexString(Convert.FromBase64String(profile.PuK)));
+
             Note item = new Note()
             {
                 Id = Guid.NewGuid().ToString(),
                 FolderId = args.FolderId,
                 Name = args.Name,
-                Text = RSAService.RSAEncrypt(args.Text, key, false),
+                Text = args.Text,
                 CrDate = DateTime.Now,
                 EdDate = DateTime.Now
             };
-            #endregion
-
-            //Note item = new Note()
-            //{
-            //    Id = Guid.NewGuid(),
-            //    FolderId = args.FolderId,
-            //    Name = args.Name,
-            //    Text = args.Text,
-            //    CrDate = DateTime.Now,
-            //    EdDate = DateTime.Now
-            //};
 
             await _context.Notes.AddAsync(item);
             await _context.SaveChangesAsync();
@@ -76,38 +60,16 @@ public async Task<ActionResult<List<IBase>>> Get()
         }
     }
     // GET: api/<ValuesController>/id
-    [HttpGet("id"), Authorize]
-    public async Task<ActionResult<IBase>> GetById(string id)
+    [HttpGet("folderid"), Authorize]
+    public async Task<ActionResult<List<IBase>>> GetByFolderId(string folderid)
     {
         try
         {
-            var item = await _context.Notes.FirstOrDefaultAsync(u => u.Id == id);
-            if (item == null)
-                return NotFound();
-
-            return Ok(item);
-        }
-        catch (Exception e)
-        {
-            return BadRequest(e.Message);
-        }
-    }
-
-    //Testing ONLY
-    // GET: api/<ValuesController>/id
-    [HttpGet("id/profileId/show"), Authorize]
-    public async Task<ActionResult<IBase>> GetById(string id, string profileId, int show = 0)
-    {
-        try
-        {
-            AESService aes = new AESService();
-            Profile profile = await _context.Profiles.FirstOrDefaultAsync(p => p.Id == profileId);
-            var item = await _context.Notes.FirstOrDefaultAsync(u => u.Id == id);
-            item.Text = RSAService.RSADecrypt(item.Text, ConverterService.ReadEncodedKey(aes.Decrypt(profile.PrK, "Password123")), false);
-            if (item == null)
+            var items = await _context.Notes.Where(u => u.FolderId == folderid).ToListAsync();
+            if (items == null)
                 return NotFound();
 
-            return Ok(item);
+            return Ok(items);
         }
         catch (Exception e)
         {
@@ -117,7 +79,7 @@ public async Task<ActionResult<IBase>> GetById(string id, string profileId, int
 
     //Update
     // PUT api/<ValuesController>/id
-    [HttpPut("{id}"), Authorize]
+    [HttpPut("edit"), Authorize]
     public async Task<ActionResult> Put([FromBody] Note item)
     {
         try
@@ -137,7 +99,7 @@ public async Task<ActionResult> Put([FromBody] Note item)
     //Delete
     // DELETE api/<ValuesController>/id
     [HttpDelete("{id}"), Authorize]
-    public async Task<ActionResult> Delete(Guid id)
+    public async Task<ActionResult> Delete(string id)
     {
         try
         {

SmoothNotesAPI/Controllers/ProfileController.cs

@@ -5,6 +5,7 @@
 using SmoothNotesAPI.Models;
 using SmoothNotesAPI.Models.Interfaces;
 using SmoothNotesAPI.Models.Login;
+using SmoothNotesAPI.Models.Registration;
 using SmoothNotesAPI.Service;
 using System.IdentityModel.Tokens.Jwt;
 using System.Security.Claims;
@@ -36,63 +37,28 @@ public ProfileController(DataContext context, IConfiguration configuration)
     //Create
     // POST api/<ValuesController>
     [HttpPost("register")]
-    public async Task<ActionResult> Register([FromBody] ProfileDto args)
+    public async Task<ActionResult> Register([FromBody] Register args)
     {
         try
         {
-            if (await _context.Profiles.AnyAsync(p => p.Name == args.username))
+            if (await _context.Profiles.AnyAsync(p => p.Name == args.Name))
                 return Ok("1");
 
-            string hpw = _hashingService.HashPW(args.password);
+            string hpw = _hashingService.HashPW(args.Pw);
 
-            //TODO: Remove when application side is implemented
-            //Testing only move to application side, when possible
-            #region Testing Only
-            //Rsa Key Pair
-            List<string> pair = new List<string>();
-            try
-            {
-                pair = rsa.GenKeyPair();
-            }
-            catch (Exception e)
-            {
-                return BadRequest($"Error##: {e.Message}");
-            }
-
-            //Aes encryption
-            string ePrK = "";
-            try
-            {
-                ePrK = aes.Encrypt(pair[0], args.password);
-            }
-            catch (Exception e)
-            {
-                return BadRequest($"Error##: {e.Message}");
-            }
+
 
             //Test recive version
             Profile item = new Profile()
             {
                 Id = Guid.NewGuid().ToString(),
-                Name = args.username,
+                Name = args.Name,
                 PW = hpw,
-                PrK = ePrK,
-                PuK = Convert.ToBase64String(ConverterService.HexStringToByteArray(pair[1])),
+                PrK = args.Prk,
+                PuK = args.PuK,
                 CrDate = DateTime.Now,
                 EdDate = DateTime.Now
             };
-            #endregion
-
-            //Profile item = new Profile()
-            //{
-            //    Id = Guid.NewGuid(),
-            //    Name = args.Name,
-            //    PW = hpw,
-            //    PrK = args.PrK,
-            //    PuK = args.PuK,
-            //    CrDate = DateTime.Now,
-            //    EdDate = DateTime.Now
-            //};
 
             await _context.Profiles.AddAsync(item);
             await _context.SaveChangesAsync();
@@ -107,7 +73,8 @@ public async Task<ActionResult> Register([FromBody] ProfileDto args)
     [HttpPost("login")]
     public async Task<ActionResult<string>> Login(ProfileDto request)
     {
-        if (await _context.Profiles.AnyAsync(p => p.Name == request.username))
+        var p = await _context.Profiles.FirstOrDefaultAsync(u => u.Name == request.username);
+        if(p != null)
         {
             if (await VerifyPassword(request.username, request.password))
             {
@@ -116,6 +83,14 @@ public async Task<ActionResult<string>> Login(ProfileDto request)
             }
         }
         return BadRequest("Login failed");
+        //if (await _context.Profiles.AnyAsync(p => p.Name == request.username))
+        //{
+        //    if (await VerifyPassword(request.username, request.password))
+        //    {
+        //        string token = CreateToken(await _context.Profiles.FirstOrDefaultAsync(p => p.Name == request.username));
+        //        return Ok(token);
+        //    }
+        //}
     }
 
     [HttpGet("refresh/username"), Authorize]
@@ -166,6 +141,7 @@ public async Task<ActionResult<LProfile>> GetLogin(string username)
             LProfile p = new LProfile();
             p.Id = item.Id.ToString();
             p.Name = item.Name;
+            p.PrK = item.PrK;
             p.PuK = item.PuK;
             p.folders = item.folders;
             return p;
@@ -182,8 +158,6 @@ public async Task<ActionResult<List<IBase>>> Get()
     {
         try
         {
-            //return Ok(await _context.Profiles.Include(s => s.folders).ToListAsync());
-
             return Ok(await _context.Profiles.Include(f => f.folders).ThenInclude(n => n.notes).ToListAsync());
         }
         catch (Exception e)
@@ -192,41 +166,6 @@ public async Task<ActionResult<List<IBase>>> Get()
         }
     }
 
-    // GET: api/<ValuesController>/id/show
-    [HttpGet("id/show"), Authorize]
-    public async Task<ActionResult<IBase>> GetById(string id, int show = 0)
-    {
-        try
-        {
-            //var item = await _context.Profiles.Include(s => s.folders).FirstAsync(u => u.Id == id);
-            var item = await _context.Profiles.Where(p => p.Id == id).Include(f => f.folders).ThenInclude(n => n.notes).FirstOrDefaultAsync();
-            if (item == null)
-                return NotFound();
-
-            //TODO: Remove when application side is implemented
-            //Testing ONLY
-            if (show == 1)
-            {
-                try
-                {
-                    string dePrK = ConverterService.ReadEncodedKey(aes.Decrypt(item.PrK, "Password123"));
-                    item.PrK = dePrK;
-                    item.PuK = ConverterService.ReadEncodedKey(ConverterService.ByteArrayToHexString(Convert.FromBase64String(item.PuK)));
-                }
-                catch (Exception e)
-                {
-                    Console.WriteLine(Environment.NewLine + $"Error: {e.Message}");
-                }
-            }
-
-            return Ok(item);
-        }
-        catch (Exception e)
-        {
-            return BadRequest(e.Message);
-        }
-    }
-
     //Update
     // PUT api/<ValuesController>/id
     [HttpPut("{id}"), Authorize]
@@ -248,13 +187,19 @@ public async Task<ActionResult> Put([FromBody] Profile item)
 
     //Delete
     // DELETE api/<ValuesController>/id
-    [HttpDelete("{id}"), Authorize]
+    [HttpDelete("id"), Authorize]
     public async Task<ActionResult> Delete(string id)
     {
         try
         {
-            //Finding Item with Id == id
+            //Getting Profile from id
             var profile = await _context.Profiles.FindAsync(id);
+
+            //In case no profile is found
+            if (profile == null)
+                return NotFound();
+
+            //Getting all related folders, notes and removing them
             var folders = await _context.Folders.Where(f => f.ProfileId == id).ToListAsync();
             foreach (var folder in folders)
             {
@@ -264,9 +209,7 @@ public async Task<ActionResult> Delete(string id)
                 _context.Folders.Remove(folder);
             }
 
-            if (profile == null)
-                return NotFound();
-
+            //Remove profile and save
             _context.Profiles.Remove(profile);
             await _context.SaveChangesAsync();
             return Ok("Deletion Successful");

SmoothNotesAPI/Models/Login/LProfile.cs

@@ -4,6 +4,7 @@ public class LProfile
 {
     public string Id { get; set; }
     public string Name { get; set; } = string.Empty;
+    public string PrK { get; set; } = string.Empty;
     public string PuK { get; set; } = string.Empty;
 
     public List<Folder>? folders { get; set; }

SmoothNotesAPI/Models/Registration/Register.cs

@@ -0,0 +1,10 @@
+namespace SmoothNotesAPI.Models.Registration;
+
+public class Register
+{
+    public string Id { get; set; } = string.Empty;
+    public string Name { get; set; } = string.Empty;
+    public string Pw { get; set; } = string.Empty;
+    public string Prk { get; set; } = string.Empty;
+    public string PuK { get; set; } = string.Empty;
+}

SmoothNotesAPI/Program.cs

@@ -7,7 +7,6 @@
 var builder = WebApplication.CreateBuilder(args);
 
 // Add services to the container.
-
 builder.Services.AddControllers();
 builder.Services.AddDbContext<DataContext>(options =>
 {
@@ -37,6 +36,7 @@
     app.UseSwaggerUI();
 }
 
+//Disabled to use http instead of https. Running things local.
 //app.UseHttpsRedirection();
 
 app.UseAuthentication();