Fully impliment JWT auto renew

2025-09-22 19:02:03 -07:00
parent 0a48fb359f
commit e94f77d56d
3 changed files with 18 additions and 13 deletions
@@ -1,6 +1,5 @@
 Server:
    Auth:
-        Make sure autorenew works
        Make sure rate limiting isnt being broken by cloudflare

    Auth-Key-Value-Storage:
@@ -0,0 +1,5 @@
+namespace BoredCareers.Entities {
+    public class JWTRenewRequest {
+        public string JWT { get; set; } = "";
+    }
+}
@@ -9,6 +9,7 @@ using Microsoft.IdentityModel.Tokens;
 using System.IdentityModel.Tokens.Jwt;
 using System.Security.Cryptography;
 using BoredCareers.Services.TimerService;
+using BoredCareers.Entities;

 var builder = WebApplication.CreateBuilder(args);

@@ -203,18 +204,18 @@ app.Use(async (context, next) =>{
        Claim? expClaim = user.FindFirst(JwtRegisteredClaimNames.Exp);
        if (expClaim != null && long.TryParse(expClaim.Value, out long expUnix)) {
            DateTimeOffset expTime = DateTimeOffset.FromUnixTimeSeconds(expUnix);
-            if ((expTime - DateTimeOffset.UtcNow) < TimeSpan.FromMinutes(2)) {
-                IHttpClientFactory clientFactory = context.RequestServices.GetRequiredService<IHttpClientFactory>();
-                HttpClient client = clientFactory.CreateClient();
-                HttpResponseMessage response = await client.PostAsync("https://auth.mistox.com/api/auth/renew", new StringContent(token));
-                if (response.IsSuccessStatusCode) {
-                    string newJwt = await response.Content.ReadAsStringAsync();
-                    context.Response.Cookies.Append("mistox_session", newJwt, new CookieOptions {
-                        HttpOnly = true,
-                        Secure = true,
-                        SameSite = SameSiteMode.Strict,
-                        Expires = DateTimeOffset.UtcNow.AddYears(1)
-                    });
+            if ((expTime - DateTimeOffset.UtcNow) < TimeSpan.FromDays(3)) {
+                using (HttpClient client = new HttpClient()) {
+                    HttpResponseMessage response = await client.PostAsJsonAsync("https://auth.mistox.com/api/auth/renew", new JWTRenewRequest() { JWT = token });
+                    if (response.IsSuccessStatusCode) {
+                        string newJwt = await response.Content.ReadAsStringAsync();
+                        context.Response.Cookies.Append("mistox_session", newJwt, new CookieOptions {
+                            HttpOnly = true,
+                            Secure = true,
+                            SameSite = SameSiteMode.Strict,
+                            Expires = DateTimeOffset.UtcNow.AddYears(3)
+                        });
+                    }
                }
            }
        }