consolidate jwt settings and setup docker compose
This commit is contained in:
+14
-7
@@ -1,4 +1,3 @@
|
||||
using Microsoft.AspNetCore.Authentication.Cookies;
|
||||
using BoredCareers.Controllers.Payment;
|
||||
using BoredCareers.Services;
|
||||
using BoredCareers.Services.DatabaseService;
|
||||
@@ -7,7 +6,6 @@ using Stripe;
|
||||
using System.Security.Claims;
|
||||
using Microsoft.AspNetCore.Authentication.JwtBearer;
|
||||
using Microsoft.IdentityModel.Tokens;
|
||||
using Org.BouncyCastle.Bcpg.Sig;
|
||||
using System.Text;
|
||||
using System.IdentityModel.Tokens.Jwt;
|
||||
|
||||
@@ -41,6 +39,15 @@ string dbPass = !string.IsNullOrEmpty(_dbpass) ? _dbpass : "oasv34$8gpv023dd";
|
||||
DatabaseService databaseService = new DatabaseService(connectionString: "server=" + dbserver + ";user=" + dbUser + ";database=" + dbdatabase + ";password=" + dbPass + ";port=3306;");
|
||||
builder.Services.Add( new ServiceDescriptor( typeof( DatabaseService ), databaseService ) );
|
||||
|
||||
////////////////////////////////
|
||||
////////// Auth Service ////////
|
||||
////////////////////////////////
|
||||
|
||||
// Address
|
||||
string? _jwtSecret = Environment.GetEnvironmentVariable("JWTsecret");
|
||||
string JWTsecret = !string.IsNullOrEmpty(_jwtSecret) ? _jwtSecret : "v0Ftluhdh7Nht8^2b5eaiC^IS^VS1ku0VBs3j*B2";
|
||||
BoredCareersJWT.TokenSecretKey = JWTsecret;
|
||||
|
||||
////////////////////////////////
|
||||
///////// Email Service ////////
|
||||
////////////////////////////////
|
||||
@@ -95,14 +102,14 @@ builder.Services.AddAuthentication(options => {
|
||||
ValidateAudience = true,
|
||||
ValidateLifetime = true,
|
||||
ValidateIssuerSigningKey = true,
|
||||
ValidIssuer = "your-app",
|
||||
ValidAudience = "your-app",
|
||||
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("secret-key")),
|
||||
ValidIssuer = BoredCareersJWT.TokenIssuer,
|
||||
ValidAudience = BoredCareersJWT.TokenAudience,
|
||||
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(BoredCareersJWT.TokenSecretKey)),
|
||||
ClockSkew = TimeSpan.FromMinutes(1)
|
||||
};
|
||||
options.Events = new JwtBearerEvents {
|
||||
OnMessageReceived = context => {
|
||||
context.Token = context.Request.Cookies["access_token"];
|
||||
context.Token = context.Request.Cookies[BoredCareersJWT.TokenName];
|
||||
return Task.CompletedTask;
|
||||
},
|
||||
OnTokenValidated = context => {
|
||||
@@ -110,7 +117,7 @@ builder.Services.AddAuthentication(options => {
|
||||
if (jwtToken != null) {
|
||||
var exp = jwtToken.ValidTo;
|
||||
var now = DateTime.UtcNow;
|
||||
if ((exp - now) < TimeSpan.FromMinutes(5)) {
|
||||
if ((exp - now) < TimeSpan.FromDays(3)) {
|
||||
int accountID = Convert.ToInt32(context.Principal?.FindFirst(ClaimTypes.NameIdentifier)?.Value);
|
||||
bool isPersistent = bool.Parse(context.Principal?.FindFirst(ClaimTypes.IsPersistent)?.Value);
|
||||
var newJWT = BoredCareersJWT.GenereateJWTToken(accountID, isPersistent);
|
||||
|
||||
Reference in New Issue
Block a user