GameList/Infrastructure/PlayerIdentityExtensions.cs

using Microsoft.AspNetCore.Diagnostics;

namespace GameList.Infrastructure;

public static class PlayerIdentityExtensions
{
    public const string PlayerCookieName = "player";

    public static IApplicationBuilder UsePlayerIdentity(this IApplicationBuilder app)
    {
        app.Use(async (ctx, next) =>
        {
            var pathBase = ctx.Request.PathBase.HasValue ? ctx.Request.PathBase.Value : "/";
            var isHttps = string.Equals(ctx.Request.Scheme, "https", StringComparison.OrdinalIgnoreCase);

            Guid playerId;
            if (!ctx.Request.Cookies.TryGetValue(PlayerCookieName, out var value) || !Guid.TryParse(value, out playerId))
            {
                await next();
                return;
            }

            IssuePlayerCookie(ctx, playerId);

            await next();
        });

        return app;
    }

    public static void IssuePlayerCookie(HttpContext ctx, Guid playerId)
    {
        var options = BuildCookieOptions(ctx);
        ctx.Response.Cookies.Append(PlayerCookieName, playerId.ToString(), options);
        ctx.Items[PlayerCookieName] = playerId;
    }

    public static void ClearPlayerCookie(HttpContext ctx)
    {
        var options = BuildCookieOptions(ctx);
        options.Expires = DateTimeOffset.UtcNow.AddDays(-1);
        ctx.Response.Cookies.Append(PlayerCookieName, string.Empty, options);
        ctx.Items.Remove(PlayerCookieName);
    }

    private static CookieOptions BuildCookieOptions(HttpContext ctx)
    {
        var pathBase = ctx.Request.PathBase.HasValue ? ctx.Request.PathBase.Value : "/";
        var isHttps = string.Equals(ctx.Request.Scheme, "https", StringComparison.OrdinalIgnoreCase);
        return new CookieOptions
        {
            HttpOnly = true,
            SameSite = SameSiteMode.Strict,
            Secure = isHttps,
            IsEssential = true,
            Expires = DateTimeOffset.UtcNow.AddYears(1),
            Path = pathBase
        };
    }

    public static IApplicationBuilder UseGlobalExceptionLogging(this IApplicationBuilder app)
    {
        app.UseExceptionHandler(handler =>
        {
            handler.Run(async context =>
            {
                var feature = context.Features.Get<IExceptionHandlerFeature>();
                var logger = context.RequestServices.GetRequiredService<ILoggerFactory>().CreateLogger("GlobalException");
                if (feature?.Error != null)
                {
                    logger.LogError(feature.Error, "Unhandled exception");
                }

                context.Response.StatusCode = StatusCodes.Status500InternalServerError;
                context.Response.ContentType = "application/json";
                await context.Response.WriteAsJsonAsync(new { error = "Unexpected server error" });
            });
        });
        return app;
    }

    public static IEndpointRouteBuilder MapHealthChecks(this IEndpointRouteBuilder endpoints)
    {
        endpoints.MapGet("/health", () => Results.Ok(new { status = "ok" }));
        return endpoints;
    }
}