Review tweaks

2022-07-25 20:05:31 +01:00 · 2022-07-25 20:05:31 +01:00 · c51971c298
commit c51971c298
parent 3b1bf9f12d
4 changed files with 9 additions and 27 deletions
--- a/VoidCat/Controllers/Admin/AdminController.cs
+++ b/VoidCat/Controllers/Admin/AdminController.cs
@ -65,7 +65,7 @@ public class AdminController : Controller
    /// <param name="request">Page request</param>
    /// <returns></returns>
    [HttpPost]
-    [Route("user")]
+    [Route("users")]
    public async Task<RenderedResults<AdminListedUser>> ListUsers([FromBody] PagedRequest request)
    {
        var result = await _userStore.ListUsers(request);
@ -91,7 +91,7 @@ public class AdminController : Controller
    /// <param name="user"></param>
    /// <returns></returns>
    [HttpPost]
-    [Route("user/{id}")]
+    [Route("update-user")]
    public async Task<IActionResult> UpdateUser([FromBody] PrivateVoidUser user)
    {
        var oldUser = await _userStore.Get(user.Id);
--- a/VoidCat/Controllers/AuthController.cs
+++ b/VoidCat/Controllers/AuthController.cs
@ -52,7 +52,7 @@ public class AuthController : Controller
            }

            var user = await _manager.Login(req.Username, req.Password);
-            var token = CreateToken(user);
+            var token = CreateToken(user, DateTime.UtcNow.AddHours(12));
            var tokenWriter = new JwtSecurityTokenHandler();
            return new(tokenWriter.WriteToken(token), Profile: user.ToPublic());
        }
@ -86,7 +86,7 @@ public class AuthController : Controller
            }

            var newUser = await _manager.Register(req.Username, req.Password);
-            var token = CreateToken(newUser);
+            var token = CreateToken(newUser, DateTime.UtcNow.AddHours(12));
            var tokenWriter = new JwtSecurityTokenHandler();
            return new(tokenWriter.WriteToken(token), Profile: newUser.ToPublic());
        }
@ -137,7 +137,7 @@ public class AuthController : Controller
        {
            Id = Guid.NewGuid(),
            UserId = user.Id,
-            Token = new JwtSecurityTokenHandler().WriteToken(CreateApiToken(user, expiry)),
+            Token = new JwtSecurityTokenHandler().WriteToken(CreateToken(user, expiry)),
            Expiry = expiry
        };

@ -145,7 +145,7 @@ public class AuthController : Controller
        return Json(key);
    }

-    private JwtSecurityToken CreateApiToken(VoidUser user, DateTime expiry)
+    private JwtSecurityToken CreateToken(VoidUser user, DateTime expiry)
    {
        var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_settings.JwtSettings.Key));
        var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256);
@ -153,7 +153,6 @@ public class AuthController : Controller
        var claims = new List<Claim>()
        {
            new(ClaimTypes.NameIdentifier, user.Id.ToString()),
-            new(JwtRegisteredClaimNames.Aud, "API"),
            new(JwtRegisteredClaimNames.Exp, new DateTimeOffset(expiry).ToUnixTimeSeconds().ToString()),
            new(JwtRegisteredClaimNames.Iat, DateTimeOffset.UtcNow.ToUnixTimeSeconds().ToString())
        };
@ -164,24 +163,6 @@ public class AuthController : Controller
            signingCredentials: credentials);
    }

-    private JwtSecurityToken CreateToken(VoidUser user)
-    {
-        var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_settings.JwtSettings.Key));
-        var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256);
-
-        var claims = new List<Claim>()
-        {
-            new(ClaimTypes.NameIdentifier, user.Id.ToString()),
-            new(JwtRegisteredClaimNames.Exp, DateTimeOffset.UtcNow.AddHours(6).ToUnixTimeSeconds().ToString()),
-            new(JwtRegisteredClaimNames.Iat, DateTimeOffset.UtcNow.ToUnixTimeSeconds().ToString())
-        };
-
-        claims.AddRange(user.Roles.Select(a => new Claim(ClaimTypes.Role, a)));
-
-        return new JwtSecurityToken(_settings.JwtSettings.Issuer, claims: claims,
-            signingCredentials: credentials);
-    }
-
    public sealed class LoginRequest
    {
        public LoginRequest(string username, string password)
--- a/VoidCat/Services/Users/UsersStartup.cs
+++ b/VoidCat/Services/Users/UsersStartup.cs
@ -19,6 +19,7 @@ public static class UsersStartup
        {
            services.AddTransient<IUserStore, CacheUserStore>();
            services.AddTransient<IEmailVerification, CacheEmailVerification>();
+            services.AddTransient<IApiKeyStore, CacheApiKeyStore>();
        }
    }
 }
--- a/VoidCat/spa/src/Api.js
+++ b/VoidCat/spa/src/Api.js
@ -27,8 +27,8 @@ export function useApi() {
        AdminApi: {
            fileList: (pageReq) => getJson("POST", "/admin/file", pageReq, auth),
            deleteFile: (id) => getJson("DELETE", `/admin/file/${id}`, undefined, auth),
-            userList: (pageReq) => getJson("POST", `/admin/user`, pageReq, auth),
-            updateUser: (user) => getJson("POST", `/admin/user/${user.id}`, user, auth)
+            userList: (pageReq) => getJson("POST", `/admin/users`, pageReq, auth),
+            updateUser: (user) => getJson("POST", `/admin/update-user`, user, auth)
        },
        Api: {
            info: () => getJson("GET", "/info"),