From 4db474b8d6db9b2dd618d00a1d9ee7bc5ffd441b Mon Sep 17 00:00:00 2001 From: Derek Holloway Date: Tue, 9 Sep 2025 22:09:25 -0700 Subject: [PATCH 1/2] Update todo --- ToDo.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/ToDo.yaml b/ToDo.yaml index 9c42245..682090f 100755 --- a/ToDo.yaml +++ b/ToDo.yaml @@ -2,6 +2,9 @@ Server: Auth: Make sure autorenew works + Auth-Key-Value-Storage: + Build and connect driver for Key Value storage hosted on Auth.Mistox.Com/api/db/ + When Job Posting Closes Successful: Update the company rating -- 2.52.0 From 0a48fb359f109f603b26bf53b661fb7165c20db4 Mon Sep 17 00:00:00 2001 From: Derek Holloway Date: Mon, 22 Sep 2025 18:30:31 -0700 Subject: [PATCH 2/2] Low numbers to test JWT refresh --- ToDo.yaml | 1 + .../Controllers/MistoxControllerBase.cs | 2 +- src/Server/Program.cs | 39 +++++++++++++------ 3 files changed, 30 insertions(+), 12 deletions(-) diff --git a/ToDo.yaml b/ToDo.yaml index 682090f..2957957 100755 --- a/ToDo.yaml +++ b/ToDo.yaml @@ -1,6 +1,7 @@ Server: Auth: Make sure autorenew works + Make sure rate limiting isnt being broken by cloudflare Auth-Key-Value-Storage: Build and connect driver for Key Value storage hosted on Auth.Mistox.Com/api/db/ diff --git a/src/Server/Controllers/MistoxControllerBase.cs b/src/Server/Controllers/MistoxControllerBase.cs index 9ea558b..ba67fde 100644 --- a/src/Server/Controllers/MistoxControllerBase.cs +++ b/src/Server/Controllers/MistoxControllerBase.cs @@ -18,7 +18,7 @@ namespace BoredCareers.Controllers { Secure = true, HttpOnly = true, SameSite = SameSiteMode.Strict, - Expires = DateTime.UtcNow.AddDays(7) + Expires = DateTime.UtcNow.AddYears(1) }); } diff --git a/src/Server/Program.cs b/src/Server/Program.cs index 39be968..2e1fdde 100755 --- a/src/Server/Program.cs +++ b/src/Server/Program.cs @@ -128,17 +128,6 @@ builder.Services.AddAuthentication(options => { OnMessageReceived = context => { context.Token = context.Request.Cookies["mistox_session"]; return Task.CompletedTask; - }, - OnTokenValidated = context => { - var jwtToken = context.SecurityToken as JwtSecurityToken; - if (jwtToken != null) { - var exp = jwtToken.ValidTo; - var now = DateTime.UtcNow; - if ((exp - now) < TimeSpan.FromDays(3)) { - // Impliment token refresh - } - } - return Task.CompletedTask; } }; }); @@ -206,6 +195,34 @@ app.UseCors(); app.UseRouting(); app.UseAuthentication(); + +app.Use(async (context, next) =>{ + ClaimsPrincipal user = context.User; + if (user.Identity?.IsAuthenticated == true) { + string? token = context.Request.Cookies["mistox_session"]; + Claim? expClaim = user.FindFirst(JwtRegisteredClaimNames.Exp); + if (expClaim != null && long.TryParse(expClaim.Value, out long expUnix)) { + DateTimeOffset expTime = DateTimeOffset.FromUnixTimeSeconds(expUnix); + if ((expTime - DateTimeOffset.UtcNow) < TimeSpan.FromMinutes(2)) { + IHttpClientFactory clientFactory = context.RequestServices.GetRequiredService(); + HttpClient client = clientFactory.CreateClient(); + HttpResponseMessage response = await client.PostAsync("https://auth.mistox.com/api/auth/renew", new StringContent(token)); + if (response.IsSuccessStatusCode) { + string newJwt = await response.Content.ReadAsStringAsync(); + context.Response.Cookies.Append("mistox_session", newJwt, new CookieOptions { + HttpOnly = true, + Secure = true, + SameSite = SameSiteMode.Strict, + Expires = DateTimeOffset.UtcNow.AddYears(1) + }); + } + } + } + } + + await next(); +}); + app.MapControllers(); app.MapFallbackToFile("index.html"); -- 2.52.0