don't send hardware hash, calc on the api

This commit is contained in:
Alex Bezdieniezhnykh
2025-02-26 16:02:09 +02:00
parent 6d28085b7e
commit 503ddc8c41
9 changed files with 32 additions and 42 deletions
+3 -7
View File
@@ -151,9 +151,9 @@ app.MapPost("/resources/get/{dataFolder?}", //Need to have POST method for secur
if (user == null)
throw new UnauthorizedAccessException();
await userService.CheckHardware(user, request);
var hwHash = await userService.CheckHardwareHash(user, request);
var key = Security.MakeEncryptionKey(user.Email, request.Password, request.Hardware.Hash);
var key = Security.GetApiEncryptionKey(user.Email, request.Password, hwHash);
var stream = await resourcesService.GetEncryptedResource(dataFolder, request.FileName, key, cancellationToken);
return Results.File(stream, "application/octet-stream", request.FileName);
@@ -162,11 +162,7 @@ app.MapPost("/resources/get/{dataFolder?}", //Need to have POST method for secur
app.MapPut("/resources/reset-hardware",
async (string email, IUserService userService, ICache cache, CancellationToken cancellationToken) =>
{
await userService.UpdateHardware(email, new HardwareInfo(), cancellationToken);
var user = await userService.GetByEmail(email, cancellationToken);
cache.Invalidate($"{nameof(User)}.{user?.Id}");
})
await userService.UpdateHardware(email, new HardwareInfo(), cancellationToken))
.RequireAuthorization(apiAdminPolicy)
.WithOpenApi(op => new OpenApiOperation(op){ Summary = "Resets hardware id in case of hardware change"});