35 lines
1.0 KiB
C#
35 lines
1.0 KiB
C#
using Gateway.Security;
|
|
using Gateway.Services;
|
|
using Microsoft.AspNetCore.Mvc;
|
|
using System.Text.Json;
|
|
|
|
namespace Gateway.Controllers;
|
|
|
|
[ApiController]
|
|
[Route("api/execution")]
|
|
public sealed class ExecutionController : ControllerBase
|
|
{
|
|
private readonly ExecutionService _svc;
|
|
private readonly ClientContext _client;
|
|
|
|
public ExecutionController(ExecutionService svc, ClientContext client)
|
|
{
|
|
_svc = svc;
|
|
_client = client;
|
|
}
|
|
|
|
[HttpPost("request")]
|
|
public async Task<IActionResult> Execute([FromBody] JsonElement body)
|
|
{
|
|
// SECURITY: Require authenticated session
|
|
if (!_client.IsAuthenticated)
|
|
return Unauthorized(new { ok = false, error = "Authentication required" });
|
|
|
|
if (body.ValueKind == JsonValueKind.Undefined || body.ValueKind == JsonValueKind.Null)
|
|
return BadRequest(new { ok = false, error = "Missing request body" });
|
|
|
|
var resp = await _svc.ExecuteAsync(body, HttpContext.RequestAborted);
|
|
return Content(resp, "application/json");
|
|
}
|
|
}
|