derek/boredcareers
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Change to JWT inside Secure Cookie Auth

Browse Source
This commit is contained in:
derek.holloway
2025-07-21 10:07:26 -07:00
parent 1687b097f8
commit bd5a909bcd
4 changed files with 98 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/Server/Controllers/AuthenticationController.cs
+4 -14
View File
@@ -34,19 +34,9 @@ namespace BoredCareers.Controllers {
test.CurrentPasswordAttempts = 0;
await _databaseService.SetAccount(test);
List<Claim> claims = new List<Claim>() {
new Claim("ID", test.ID.ToString()),
new Claim(ClaimTypes.NameIdentifier, test.ID.ToString())
};
string jwt = BoredCareersJWT.GenereateJWTToken(test.ID, StayLoggedIn);
BoredCareersJWT.SignIn(Response, StayLoggedIn, jwt);
await HttpContext.SignInAsync(
CookieAuthenticationDefaults.AuthenticationScheme,
new ClaimsPrincipal(new ClaimsIdentity(claims, "Auth")),
new AuthenticationProperties {
ExpiresUtc = DateTime.UtcNow.AddYears(30), // Add 30 years with sliding on
IsPersistent = StayLoggedIn, // Is set from the StayLoggedIn
}
);
return Ok(test);
} else {
test.CurrentPasswordAttempts += 1;
@@ -151,9 +141,9 @@ namespace BoredCareers.Controllers {
[Route("logout")]
[HttpPost]
public async Task<ActionResult> Logout() {
public ActionResult Logout() {
if (isLoggedIn()) {
await HttpContext.SignOutAsync();
BoredCareersJWT.SignOut(Response);
return Ok();
}
return NotFound();