Fixed and Tested Auth methods
This commit is contained in:
@@ -15,8 +15,6 @@ namespace Auth.Controllers {
|
|||||||
|
|
||||||
public MAuthController(DatabaseService db) : base(db) { }
|
public MAuthController(DatabaseService db) : base(db) { }
|
||||||
|
|
||||||
static Dictionary<string, JWTMemCache> LoginSessions = new Dictionary<string, JWTMemCache>();
|
|
||||||
|
|
||||||
// Login and return a ticket to retreive your JWT
|
// Login and return a ticket to retreive your JWT
|
||||||
[HttpPost("login")]
|
[HttpPost("login")]
|
||||||
public async Task<ActionResult> Authenticate([FromBody] LoginRequest request) {
|
public async Task<ActionResult> Authenticate([FromBody] LoginRequest request) {
|
||||||
@@ -34,9 +32,9 @@ namespace Auth.Controllers {
|
|||||||
await _databaseService.SetAccount(test);
|
await _databaseService.SetAccount(test);
|
||||||
|
|
||||||
string Ticket = Guid.NewGuid().ToString().Replace("-", "");
|
string Ticket = Guid.NewGuid().ToString().Replace("-", "");
|
||||||
LoginSessions[Ticket] = new JWTMemCache {
|
AuthJWT.LoginSessions[Ticket] = new JWTMemCache {
|
||||||
JWT = AuthJWT.GenereateJWTToken(test, request.StayLoggedIn),
|
JWT = AuthJWT.GenereateJWTToken(test, request.StayLoggedIn),
|
||||||
ExpiresAt = DateTime.UtcNow.AddMinutes(2)
|
ExpiresAt = DateTime.UtcNow.AddSeconds(30)
|
||||||
};
|
};
|
||||||
|
|
||||||
return Ok(Ticket);
|
return Ok(Ticket);
|
||||||
@@ -57,16 +55,16 @@ namespace Auth.Controllers {
|
|||||||
}
|
}
|
||||||
|
|
||||||
[HttpPost("token")]
|
[HttpPost("token")]
|
||||||
public ActionResult Token([FromForm] JWTRequest request) {
|
public ActionResult Token([FromBody] JWTRequest request) {
|
||||||
try {
|
try {
|
||||||
if (LoginSessions.ContainsKey(request.Ticket)) {
|
if (AuthJWT.LoginSessions.ContainsKey(request.Ticket)) {
|
||||||
JWTMemCache JWTObj = LoginSessions[request.Ticket];
|
JWTMemCache JWTObj = AuthJWT.LoginSessions[request.Ticket];
|
||||||
if (JWTObj.ExpiresAt < DateTime.UtcNow) {
|
if (JWTObj.ExpiresAt >= DateTime.UtcNow) {
|
||||||
string JWT = JWTObj.JWT;
|
string JWT = JWTObj.JWT;
|
||||||
LoginSessions.Remove(request.Ticket);
|
AuthJWT.LoginSessions.Remove(request.Ticket);
|
||||||
return Ok(JWT);
|
return Ok(JWT);
|
||||||
} else {
|
} else {
|
||||||
LoginSessions.Remove(request.Ticket);
|
AuthJWT.LoginSessions.Remove(request.Ticket);
|
||||||
return BadRequest("The session ticket has already expired");
|
return BadRequest("The session ticket has already expired");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,13 +1,13 @@
|
|||||||
using System.IdentityModel.Tokens.Jwt;
|
using System.IdentityModel.Tokens.Jwt;
|
||||||
using System.Security.Claims;
|
using System.Security.Claims;
|
||||||
using System.Security.Cryptography;
|
using System.Security.Cryptography;
|
||||||
using System.Text;
|
|
||||||
using Auth.Entities;
|
using Auth.Entities;
|
||||||
using Microsoft.IdentityModel.Tokens;
|
using Microsoft.IdentityModel.Tokens;
|
||||||
|
|
||||||
namespace Auth.Services {
|
namespace Auth.Services {
|
||||||
public class AuthJWT {
|
public class AuthJWT {
|
||||||
|
|
||||||
|
public static Dictionary<string, JWTMemCache> LoginSessions = new Dictionary<string, JWTMemCache>();
|
||||||
public static RsaSecurityKey RsaPublicKey = LoadRSAKey("/certs/public_key.pem");
|
public static RsaSecurityKey RsaPublicKey = LoadRSAKey("/certs/public_key.pem");
|
||||||
public static RsaSecurityKey RsaPrivateKey = LoadRSAKey("/certs/private_key.pem");
|
public static RsaSecurityKey RsaPrivateKey = LoadRSAKey("/certs/private_key.pem");
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user