soroushdes/flatrender
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8b86f17645a8081a1e05e55509986a535281807d
flatrender/services/identity/FlatRender.IdentitySvc/Controllers/PlansController.cs
T
soroush.asadi 8b86f17645 fix: make plans list public, fix frontend healthcheck IPv6 
PlansController had a class-level [Authorize] that gated the public
plans list, contradicting the gateway's optionalAuth on /plans. Mark
List/GetById [AllowAnonymous] and resolve tenant optionally so
anonymous callers receive global plans (purchase/current-plan stay
authenticated).

Frontend container stayed "unhealthy" because busybox wget resolves
localhost to IPv6 [::1] while the Next.js standalone server binds
IPv4 only. Use 127.0.0.1 in the healthcheck.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-30 00:24:53 +03:30

51 lines
1.9 KiB
C#
Raw Blame History

using FlatRender.IdentitySvc.Application.Services.Interfaces;
using FlatRender.IdentitySvc.Models.Requests;
using FlatRender.IdentitySvc.Models.Responses;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
namespace FlatRender.IdentitySvc.Controllers;
[ApiController]
[Route("v1")]
[Authorize]
public class PlansController(IPlanService planService) : ControllerBase
{
[AllowAnonymous]
[HttpGet("plans")]
[ProducesResponseType(typeof(object), 200)]
public async Task<IActionResult> List([FromQuery] string? scope)
{
var plans = await planService.ListAsync(GetTenantIdOrNull(), scope);
return Ok(new { data = plans });
}
[AllowAnonymous]
[HttpGet("plans/{planId:guid}")]
[ProducesResponseType(typeof(PlanResponse), 200)]
public async Task<IActionResult> GetById(Guid planId)
=> Ok(await planService.GetByIdAsync(planId));
[HttpGet("users/me/plan")]
[ProducesResponseType(typeof(UserPlanResponse), 200)]
public async Task<IActionResult> GetCurrentPlan()
=> Ok(await planService.GetCurrentPlanAsync(GetUserId()));
[HttpPost("users/me/plan/purchase")]
[ProducesResponseType(typeof(PurchasePlanResponse), 200)]
public async Task<IActionResult> Purchase([FromBody] PurchasePlanRequest request)
{
var result = await planService.PurchasePlanAsync(GetUserId(), GetTenantId(), request);
return Ok(result);
}
private Guid GetUserId() => Guid.Parse(User.FindFirst(System.Security.Claims.ClaimTypes.NameIdentifier)?.Value
?? User.FindFirst("sub")?.Value ?? throw new UnauthorizedAccessException());
private Guid GetTenantId() => Guid.Parse(User.FindFirst("tenant_id")?.Value
?? throw new UnauthorizedAccessException());
private Guid? GetTenantIdOrNull() => User.FindFirst("tenant_id")?.Value is { } t && Guid.TryParse(t, out var id)
? id : null;
}
Reference in New Issue View Git Blame Copy Permalink