azaion/admin
1
0
Fork 0
mirror of https://github.com/azaion/admin.git synced 2026-04-22 11:16:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

add Cache.cs

Browse Source 
fix hardware hash stack in the jwt token claims
This commit is contained in:
Alex Bezdieniezhnykh
2025-01-18 14:36:50 +02:00
parent 0945635a1c
commit 49de0351c1
7 changed files with 77 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Azaion.Api/Program.cs
+12 -4
View File
@@ -98,10 +98,13 @@ builder.Services.Configure<JwtConfig>(builder.Configuration.GetSection(nameof(Jw
builder.Services.Configure<ConnectionStrings>(builder.Configuration.GetSection(nameof(ConnectionStrings)));
builder.Services.AddScoped<IUserService, UserService>();
builder.Services.AddScoped<IAuthService, AuthService>();
builder.Services.AddScoped<IResourcesService, ResourcesService>();
builder.Services.AddSingleton<IAuthService, AuthService>();
builder.Services.AddSingleton<IDbFactory, DbFactory>();
builder.Services.AddLazyCache();
builder.Services.AddScoped<ICache, MemoryCache>();
builder.Services.AddValidatorsFromAssemblyContaining<RegisterUserValidator>();
var app = builder.Build();
@@ -145,7 +148,7 @@ app.MapPost("/resources/{dataFolder?}",
app.MapPost("/resources/get/{dataFolder?}", //Need to have POST method for secure password
async ([FromBody]GetResourceRequest request, [FromRoute]string? dataFolder, IAuthService authService, IUserService userService, IResourcesService resourcesService, CancellationToken cancellationToken) =>
{
var user = authService.CurrentUser;
var user = await authService.GetCurrentUser();
if (user == null)
throw new UnauthorizedAccessException();
@@ -159,8 +162,13 @@ app.MapPost("/resources/get/{dataFolder?}", //Need to have POST method for secur
.WithOpenApi(op => new OpenApiOperation(op){ Summary = "Gets encrypted by users Password and HardwareHash resources. POST method for secure password"});
app.MapPut("/resources/reset-hardware",
async (string email, IUserService userService, CancellationToken cancellationToken)
=> await userService.UpdateHardware(email, new HardwareInfo(), cancellationToken))
async (string email, IUserService userService, ICache cache, CancellationToken cancellationToken) =>
{
await userService.UpdateHardware(email, new HardwareInfo(), cancellationToken);
var user = await userService.GetByEmail(email, cancellationToken);
cache.Invalidate($"{nameof(User)}.{user?.Id}");
})
.RequireAuthorization(apiAdminPolicy)
.WithOpenApi(op => new OpenApiOperation(op){ Summary = "Resets hardware id in case of hardware change"});
app.Run();
Azaion.Api/appsettings.json
+1 -1
View File
@@ -12,6 +12,6 @@
"JwtConfig": {
"Issuer": "AzaionApi",
"Audience": "Annotators/OrangePi/Admins",
"TokenLifetimeHours": 2.5
"TokenLifetimeHours": 4
}
}