search

osu-tournament-rating / otr-api

API powering osu! Tournament Rating
https://otr.stagec.xyz/
GNU General Public License v3.0
4 stars 2 forks source link

Use redirect actions for user-owned resources on `/me` #235

Closed myssto closed 1 month ago

myssto commented 2 months ago

The Microsoft.AspNetCore.Mvc.ControllerBase comes with a method RedirectToAction(string? actionName, string? controllerName, object? routeValues). Returning the result of this method will redirect the requester to another action using a status 302 Found. Actions on the MeController are essentially wrappers for for accessing user-owned resources by parsing the authorized user id, so this is a much more sensible way compared to what we currently do by re-using the related service method for obtaining the resource.

For example, consider the endpoint GET /me. This endpoint currently parses the requester's authorized user id, and then proceeds to reimplement the functionality of GET /users/{id}.

    public async Task<IActionResult> GetAsync()
    {
        var id = HttpContext.AuthorizedUserIdentity();
        if (!id.HasValue)
        {
            return Unauthorized();
        }

        UserDTO? user = await _userService.GetAsync(id.Value);
        if (user?.OsuId == null)
        {
            return NotFound();
        }

        return Ok(user);
    }

Here is what it could look like using RedirectToAction()

    public IActionResult Get()
    {
        var id = HttpContext.AuthorizedUserIdentity();
        if (!id.HasValue)
        {
            return Unauthorized();
        }

        return RedirectToAction("Get", "Users", new { id });
    }
myssto commented 2 months ago

Soft breaking change, as response codes will be changed.