First draft of redirecting server-side

WIP. Not yet tested, probably not yet functional.

backend/LexBoxApi/Controllers/UserController.cs

@@ -82,6 +82,38 @@ await HttpContext.SignInAsync(user.GetPrincipal("Registration"),
  return Ok(user);
  }
 
+ [HttpGet("inviteLinkRedirect")]
+ [RequireAudience(LexboxAudience.RegisterAccount, true)]
+ [ProducesResponseType(StatusCodes.Status200OK)]
+ [ProducesResponseType(StatusCodes.Status401Unauthorized)]
+ public async Task<ActionResult<LexAuthUser>> InviteLinkRedirect(LoggedInContext loggedInContext, LexBoxDbContext dbContext)
+ {
+ var user = loggedInContext.User;
+ if (user.Email is null)
+ {
+ return Redirect("/login");
+ }
+ var queryString = QueryString.Create("email", user.Email);
+ var returnTo = new UriBuilder { Path = "/acceptInvitation", Query = queryString.Value }.Uri.PathAndQuery;
+ var dbUser = await dbContext.Users
+ .Where(u => u.Email == user.Email)
+ .Include(u => u.Projects)
+ .Include(u => u.Organizations)
+ .FirstOrDefaultAsync();
+ if (dbUser is null)
+ {
+ return Redirect(returnTo);
+ }
+ else
+ {
+ UpdateUserMemberships(user, dbUser);
+ await dbContext.SaveChangesAsync();
+ await HttpContext.SignInAsync(user.GetPrincipal("Registration"),
+ new AuthenticationProperties { IsPersistent = true });
+ return Ok(user);
+ }
+ }
+
  [HttpPost("acceptInvitation")]
  [RequireAudience(LexboxAudience.RegisterAccount, true)]
  [ProducesResponseType(StatusCodes.Status200OK)]