ToDo.yaml

@@ -1,6 +1,10 @@
 Server:
     Auth:
         Make sure autorenew works
+        Make sure rate limiting isnt being broken by cloudflare
+
+    Auth-Key-Value-Storage:
+        Build and connect driver for Key Value storage hosted on Auth.Mistox.Com/api/db/
 
     When Job Posting Closes Successful:
         Update the company rating

src/Server/Controllers/MistoxControllerBase.cs

@@ -18,7 +18,7 @@ namespace BoredCareers.Controllers {
                 Secure = true,
                 HttpOnly = true,
                 SameSite = SameSiteMode.Strict,
-                Expires = DateTime.UtcNow.AddDays(7)
+                Expires = DateTime.UtcNow.AddYears(1)
             });
         }
 

src/Server/Program.cs

@@ -128,17 +128,6 @@ builder.Services.AddAuthentication(options => {
         OnMessageReceived = context => {
             context.Token = context.Request.Cookies["mistox_session"];
             return Task.CompletedTask;
-        },
-        OnTokenValidated = context => {
-            var jwtToken = context.SecurityToken as JwtSecurityToken;
-            if (jwtToken != null) {
-                var exp = jwtToken.ValidTo;
-                var now = DateTime.UtcNow;
-                if ((exp - now) < TimeSpan.FromDays(3)) {
-                    // Impliment token refresh
-                }
-            }
-            return Task.CompletedTask;
         }
     };
 });
@@ -206,6 +195,34 @@ app.UseCors();
 app.UseRouting();
 
 app.UseAuthentication();
+
+app.Use(async (context, next) =>{
+    ClaimsPrincipal user = context.User;
+    if (user.Identity?.IsAuthenticated == true) {
+        string? token = context.Request.Cookies["mistox_session"];
+        Claim? expClaim = user.FindFirst(JwtRegisteredClaimNames.Exp);
+        if (expClaim != null && long.TryParse(expClaim.Value, out long expUnix)) {
+            DateTimeOffset expTime = DateTimeOffset.FromUnixTimeSeconds(expUnix);
+            if ((expTime - DateTimeOffset.UtcNow) < TimeSpan.FromMinutes(2)) {
+                IHttpClientFactory clientFactory = context.RequestServices.GetRequiredService<IHttpClientFactory>();
+                HttpClient client = clientFactory.CreateClient();
+                HttpResponseMessage response = await client.PostAsync("https://auth.mistox.com/api/auth/renew", new StringContent(token));
+                if (response.IsSuccessStatusCode) {
+                    string newJwt = await response.Content.ReadAsStringAsync();
+                    context.Response.Cookies.Append("mistox_session", newJwt, new CookieOptions {
+                        HttpOnly = true,
+                        Secure = true,
+                        SameSite = SameSiteMode.Strict,
+                        Expires = DateTimeOffset.UtcNow.AddYears(1)
+                    });
+                }
+            }
+        }
+    }
+
+    await next();
+});
+
 app.MapControllers();
 
 app.MapFallbackToFile("index.html");