add Cache.cs

fix hardware hash stack in the jwt token claims

Azaion.Api/Program.cs

@@ -98,10 +98,13 @@ builder.Services.Configure<JwtConfig>(builder.Configuration.GetSection(nameof(Jw
 builder.Services.Configure<ConnectionStrings>(builder.Configuration.GetSection(nameof(ConnectionStrings)));
 
 builder.Services.AddScoped<IUserService, UserService>();
+builder.Services.AddScoped<IAuthService, AuthService>();
 builder.Services.AddScoped<IResourcesService, ResourcesService>();
-builder.Services.AddSingleton<IAuthService, AuthService>();
 builder.Services.AddSingleton<IDbFactory, DbFactory>();
 
+builder.Services.AddLazyCache();
+builder.Services.AddScoped<ICache, MemoryCache>();
+
 builder.Services.AddValidatorsFromAssemblyContaining<RegisterUserValidator>();
 
 var app = builder.Build();
@@ -145,7 +148,7 @@ app.MapPost("/resources/{dataFolder?}",
 app.MapPost("/resources/get/{dataFolder?}", //Need to have POST method for secure password
     async ([FromBody]GetResourceRequest request, [FromRoute]string? dataFolder, IAuthService authService, IUserService userService, IResourcesService resourcesService, CancellationToken cancellationToken) =>
     {
-        var user = authService.CurrentUser;
+        var user = await authService.GetCurrentUser();
         if (user == null)
             throw new UnauthorizedAccessException();
 
@@ -159,8 +162,13 @@ app.MapPost("/resources/get/{dataFolder?}", //Need to have POST method for secur
     .WithOpenApi(op => new OpenApiOperation(op){ Summary = "Gets encrypted by users Password and HardwareHash resources. POST method for secure password"});
 
 app.MapPut("/resources/reset-hardware",
-    async (string email, IUserService userService, CancellationToken cancellationToken)
-        => await userService.UpdateHardware(email, new HardwareInfo(), cancellationToken))
+    async (string email, IUserService userService, ICache cache, CancellationToken cancellationToken) =>
+    {
+        await userService.UpdateHardware(email, new HardwareInfo(), cancellationToken);
+        var user = await userService.GetByEmail(email, cancellationToken);
+        cache.Invalidate($"{nameof(User)}.{user?.Id}");
+    })
+    .RequireAuthorization(apiAdminPolicy)
     .WithOpenApi(op => new OpenApiOperation(op){ Summary = "Resets hardware id in case of hardware change"});
 
 app.Run();