consolidate jwt settings and setup docker compose

2025-07-21 16:41:06 -07:00
parent bd5a909bcd
commit dbc4d973f9
5 changed files with 60 additions and 30 deletions
@@ -1,26 +1,33 @@


 using System.IdentityModel.Tokens.Jwt;
+using System.Runtime.CompilerServices;
 using System.Security.Claims;
 using System.Text;
 using Microsoft.IdentityModel.Tokens;

 namespace BoredCareers.Services {
    public class BoredCareersJWT {
+
+        public static string TokenAudience = "https://boredcareers.com/api";
+        public static string TokenIssuer = "https://boredcareers.com";
+        public static string TokenSecretKey = "";
+        public static string TokenName = "mistox_session";
+
        public static string GenereateJWTToken(int accountID, bool StayLoggedIn) {
            var tokenHandler = new JwtSecurityTokenHandler();
-            var key = Encoding.UTF8.GetBytes("your-super-secret-key");
+            var key = Encoding.UTF8.GetBytes(TokenSecretKey);

            var tokenDiscriptor = new SecurityTokenDescriptor {
-                Subject = new ClaimsIdentity(new[] {
+                Subject = new ClaimsIdentity([
                    new Claim(ClaimTypes.NameIdentifier, accountID.ToString()),
                    new Claim(ClaimTypes.IsPersistent, StayLoggedIn.ToString())
-                }),
-                Expires = DateTime.UtcNow.AddMinutes(15),
+                ]),
+                Expires = DateTime.UtcNow.AddDays(7),
                IssuedAt = DateTime.UtcNow,
-                SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.RsaSha512),
-                Audience = "your-app",
-                Issuer = "your-app"
+                SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256),
+                Audience = TokenAudience,
+                Issuer = TokenIssuer
            };

            var token = tokenHandler.CreateToken(tokenDiscriptor);
@@ -30,16 +37,15 @@ namespace BoredCareers.Services {
        public static void SignIn(HttpResponse Response, bool StayLoggedIn, string jwt) {
            if (StayLoggedIn) {
                // Stay logged in cookie
-                Response.Cookies.Append("access_token", jwt, new CookieOptions {
+                Response.Cookies.Append(TokenName, jwt, new CookieOptions {
                    Secure = true,
                    HttpOnly = true,
                    SameSite = SameSiteMode.Strict,
-                    Expires = DateTime.UtcNow.AddMinutes(15)
+                    Expires = DateTime.UtcNow.AddDays(7)
                });
-            }
-            else {
+            } else {
                // Session cookie
-                Response.Cookies.Append("access_token", jwt, new CookieOptions {
+                Response.Cookies.Append(TokenName, jwt, new CookieOptions {
                    Secure = true,
                    HttpOnly = true,
                    SameSite = SameSiteMode.Strict,
@@ -48,7 +54,7 @@ namespace BoredCareers.Services {
        }

        public static void SignOut(HttpResponse Response) {
-            Response.Cookies.Delete("access_token");
+            Response.Cookies.Delete(TokenName);
        }
    }
 }