derek/boredcareers
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

working #43

Merged
derek merged 4 commits from working into main 2025-09-22 19:10:29 -07:00
Conversation 0 Commits 4 Files Changed 3
+21 -14
1 changed files with 21 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 06093f54c7 - Show all commits
src/Server/Program.cs
+21 -14
View File
@@ -111,6 +111,7 @@ using (HttpClient client = new HttpClient()) {
Console.WriteLine("PublicKey loaded"); Console.WriteLine("PublicKey loaded");
} }
// Pull JWT out of cookie for auth
builder.Services.AddAuthentication(options => { builder.Services.AddAuthentication(options => {
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
@@ -197,28 +198,34 @@ app.UseRouting();
app.UseAuthentication(); app.UseAuthentication();
// Autorenew JWT about to expire
app.Use(async (context, next) =>{ app.Use(async (context, next) =>{
ClaimsPrincipal user = context.User; ClaimsPrincipal user = context.User;
if (user.Identity?.IsAuthenticated == true) { if (user.Identity?.IsAuthenticated == true) {
string? token = context.Request.Cookies["mistox_session"]; string? token = context.Request.Cookies["mistox_session"];
Claim? expClaim = user.FindFirst(JwtRegisteredClaimNames.Exp); Claim? staySignedIn = user.FindFirst(ClaimTypes.IsPersistent);
if (expClaim != null && long.TryParse(expClaim.Value, out long expUnix)) { if (staySignedIn != null && bool.TryParse(staySignedIn.Value, out bool sli) && sli == true) {
DateTimeOffset expTime = DateTimeOffset.FromUnixTimeSeconds(expUnix); Claim? expClaim = user.FindFirst(ClaimTypes.Expiration);
if ((expTime - DateTimeOffset.UtcNow) < TimeSpan.FromDays(3)) { if (expClaim != null && long.TryParse(expClaim.Value, out long expUnix)) {
using (HttpClient client = new HttpClient()) { DateTimeOffset expTime = DateTimeOffset.FromUnixTimeSeconds(expUnix);
HttpResponseMessage response = await client.PostAsJsonAsync("https://auth.mistox.com/api/auth/renew", new JWTRenewRequest() { JWT = token }); if ((expTime - DateTimeOffset.UtcNow) < TimeSpan.FromDays(3)) {
if (response.IsSuccessStatusCode) { using (HttpClient client = new HttpClient()) {
string newJwt = await response.Content.ReadAsStringAsync(); HttpResponseMessage response = await client.PostAsJsonAsync("https://auth.mistox.com/api/auth/renew", new JWTRenewRequest() { JWT = token });
context.Response.Cookies.Append("mistox_session", newJwt, new CookieOptions { if (response.IsSuccessStatusCode) {
HttpOnly = true, string newJwt = await response.Content.ReadAsStringAsync();
Secure = true, context.Response.Cookies.Append("mistox_session", newJwt, new CookieOptions {
SameSite = SameSiteMode.Strict, HttpOnly = true,
Expires = DateTimeOffset.UtcNow.AddYears(3) Secure = true,
}); SameSite = SameSiteMode.Strict,
Expires = DateTimeOffset.UtcNow.AddYears(3)
});
}
} }
} }
} }
} }
} else {
context.Response.Cookies.Delete("mistox_session");
} }
await next(); await next();