From 51056c2ea57b6502355f12135340fd7d4728ff2e Mon Sep 17 00:00:00 2001 From: Derek Holloway Date: Tue, 9 Sep 2025 19:24:53 -0700 Subject: [PATCH] Dont log into local site when only signing into external site --- src/Server/Controllers/MAuth.cs | 21 ++++++++++++--------- src/Server/DTO/AuthenticationDTO.cs | 1 + 2 files changed, 13 insertions(+), 9 deletions(-) diff --git a/src/Server/Controllers/MAuth.cs b/src/Server/Controllers/MAuth.cs index 76fad62..a01b499 100644 --- a/src/Server/Controllers/MAuth.cs +++ b/src/Server/Controllers/MAuth.cs @@ -51,16 +51,19 @@ namespace Auth.Controllers { if (BCrypt.Net.BCrypt.Verify(request.Password, test.PasswordHash)) { test.CurrentPasswordAttempts = 0; await _databaseService.SetAccount(test); + + if (request.SameSite) { + SignIn(Response, AuthJWT.GenereateJWTToken(test, request.StayLoggedIn)); + } else { + string Ticket = Guid.NewGuid().ToString().Replace("-", ""); + string JWT = AuthJWT.GenereateJWTToken(test, request.StayLoggedIn); + AuthJWT.LoginSessions[Ticket] = new JWTMemCache { + JWT = JWT, + ExpiresAt = DateTime.UtcNow.AddSeconds(30) + }; - string Ticket = Guid.NewGuid().ToString().Replace("-", ""); - string JWT = AuthJWT.GenereateJWTToken(test, request.StayLoggedIn); - AuthJWT.LoginSessions[Ticket] = new JWTMemCache { - JWT = JWT, - ExpiresAt = DateTime.UtcNow.AddSeconds(30) - }; - - SignIn(Response, JWT); - return Ok(Ticket); + return Ok(Ticket); + } } else { test.CurrentPasswordAttempts += 1; await _databaseService.SetAccount(test); diff --git a/src/Server/DTO/AuthenticationDTO.cs b/src/Server/DTO/AuthenticationDTO.cs index 416afc1..6fab651 100644 --- a/src/Server/DTO/AuthenticationDTO.cs +++ b/src/Server/DTO/AuthenticationDTO.cs @@ -4,6 +4,7 @@ namespace Auth.DTO { public string UserName { get; set; } = ""; public string Password { get; set; } = ""; public bool StayLoggedIn { get; set; } + public bool SameSite { get; set; } } public class JWTRenewRequest {