Update key store to validate account and site

2025-09-09 21:47:34 -07:00
parent 0e16bee869
commit f1222b4ec6
7 changed files with 52 additions and 23 deletions
@@ -25,7 +25,7 @@ namespace Auth.Services {
            ClockSkew = TimeSpan.FromMinutes(1)
        };

-        public static string GenereateJWTToken(Account account, bool StayLoggedIn) {
+        public static string GenereateJWTToken(Account account, string RequestedSite, bool StayLoggedIn) {
            JwtSecurityTokenHandler tokenHandler = new JwtSecurityTokenHandler();
            SecurityTokenDescriptor tokenDiscriptor = new SecurityTokenDescriptor {
                Subject = new ClaimsIdentity([
@@ -34,6 +34,7 @@ namespace Auth.Services {
                    new Claim(ClaimTypes.Email, account.Email),
                    new Claim(ClaimTypes.Role, account.Role),
                    new Claim(ClaimTypes.UserData, account.DataServer),
+                    new Claim(ClaimTypes.Dns, RequestedSite),
                    new Claim(ClaimTypes.IsPersistent, StayLoggedIn.ToString()),
                ]),
                Expires = DateTime.UtcNow.AddDays(7),
@@ -47,14 +48,33 @@ namespace Auth.Services {
            return tokenHandler.WriteToken(token);
        }

+        public static Account? ValidateJWTToken(string Token) {
+            try {
+                JwtSecurityTokenHandler tokenHandler = new JwtSecurityTokenHandler();
+                ClaimsPrincipal principal = tokenHandler.ValidateToken( Token, TokenParameters, out SecurityToken validatedToken );
+                return new Account {
+                    ID = Convert.ToInt32(principal.FindFirstValue(ClaimTypes.NameIdentifier)),
+                    UserName = principal.FindFirstValue(ClaimTypes.Name)!,
+                    Email = principal.FindFirstValue(ClaimTypes.Email)!,
+                    Role = principal.FindFirstValue(ClaimTypes.Role)!,
+                    DataServer = principal.FindFirstValue(ClaimTypes.UserData)!,
+                    Site = principal.FindFirstValue(ClaimTypes.Dns)!
+                };
+            } catch (Exception) {
+                return null;
+            }
+        }
+
        public static string RenewJWTToken(ClaimsPrincipal principal) {
            return GenereateJWTToken(new Account {
-                ID = Convert.ToInt32(principal.FindFirst(ClaimTypes.NameIdentifier)!.Value),
-                UserName = principal.FindFirst(ClaimTypes.Name)!.Value,
-                Email = principal.FindFirst(ClaimTypes.Email)!.Value,
-                Role = principal.FindFirst(ClaimTypes.Role)!.Value,
-                DataServer = principal.FindFirst(ClaimTypes.UserData)!.Value
-            }, Convert.ToBoolean(principal.FindFirst(ClaimTypes.IsPersistent)!.Value));
+                ID = Convert.ToInt32(principal.FindFirstValue(ClaimTypes.NameIdentifier)),
+                UserName = principal.FindFirstValue(ClaimTypes.Name)!,
+                Email = principal.FindFirstValue(ClaimTypes.Email)!,
+                Role = principal.FindFirstValue(ClaimTypes.Role)!,
+                DataServer = principal.FindFirstValue(ClaimTypes.UserData)!
+            },
+            principal.FindFirstValue(ClaimTypes.Dns)!,
+            Convert.ToBoolean(principal.FindFirstValue(ClaimTypes.IsPersistent)!));
        }

        public static RsaSecurityKey LoadRSAKey(string KeyPath) {