From c51971c298eb45e0e2c8de46b582e69a3bdfbec9 Mon Sep 17 00:00:00 2001 From: Kieran Date: Mon, 25 Jul 2022 20:05:31 +0100 Subject: [PATCH] Review tweaks --- VoidCat/Controllers/Admin/AdminController.cs | 4 +-- VoidCat/Controllers/AuthController.cs | 27 +++----------------- VoidCat/Services/Users/UsersStartup.cs | 1 + VoidCat/spa/src/Api.js | 4 +-- 4 files changed, 9 insertions(+), 27 deletions(-) diff --git a/VoidCat/Controllers/Admin/AdminController.cs b/VoidCat/Controllers/Admin/AdminController.cs index 7ac0e48..49e152f 100644 --- a/VoidCat/Controllers/Admin/AdminController.cs +++ b/VoidCat/Controllers/Admin/AdminController.cs @@ -65,7 +65,7 @@ public class AdminController : Controller /// Page request /// [HttpPost] - [Route("user")] + [Route("users")] public async Task> ListUsers([FromBody] PagedRequest request) { var result = await _userStore.ListUsers(request); @@ -91,7 +91,7 @@ public class AdminController : Controller /// /// [HttpPost] - [Route("user/{id}")] + [Route("update-user")] public async Task UpdateUser([FromBody] PrivateVoidUser user) { var oldUser = await _userStore.Get(user.Id); diff --git a/VoidCat/Controllers/AuthController.cs b/VoidCat/Controllers/AuthController.cs index f4e6fa7..082eae0 100644 --- a/VoidCat/Controllers/AuthController.cs +++ b/VoidCat/Controllers/AuthController.cs @@ -52,7 +52,7 @@ public class AuthController : Controller } var user = await _manager.Login(req.Username, req.Password); - var token = CreateToken(user); + var token = CreateToken(user, DateTime.UtcNow.AddHours(12)); var tokenWriter = new JwtSecurityTokenHandler(); return new(tokenWriter.WriteToken(token), Profile: user.ToPublic()); } @@ -86,7 +86,7 @@ public class AuthController : Controller } var newUser = await _manager.Register(req.Username, req.Password); - var token = CreateToken(newUser); + var token = CreateToken(newUser, DateTime.UtcNow.AddHours(12)); var tokenWriter = new JwtSecurityTokenHandler(); return new(tokenWriter.WriteToken(token), Profile: newUser.ToPublic()); } @@ -137,7 +137,7 @@ public class AuthController : Controller { Id = Guid.NewGuid(), UserId = user.Id, - Token = new JwtSecurityTokenHandler().WriteToken(CreateApiToken(user, expiry)), + Token = new JwtSecurityTokenHandler().WriteToken(CreateToken(user, expiry)), Expiry = expiry }; @@ -145,7 +145,7 @@ public class AuthController : Controller return Json(key); } - private JwtSecurityToken CreateApiToken(VoidUser user, DateTime expiry) + private JwtSecurityToken CreateToken(VoidUser user, DateTime expiry) { var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_settings.JwtSettings.Key)); var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256); @@ -153,7 +153,6 @@ public class AuthController : Controller var claims = new List() { new(ClaimTypes.NameIdentifier, user.Id.ToString()), - new(JwtRegisteredClaimNames.Aud, "API"), new(JwtRegisteredClaimNames.Exp, new DateTimeOffset(expiry).ToUnixTimeSeconds().ToString()), new(JwtRegisteredClaimNames.Iat, DateTimeOffset.UtcNow.ToUnixTimeSeconds().ToString()) }; @@ -164,24 +163,6 @@ public class AuthController : Controller signingCredentials: credentials); } - private JwtSecurityToken CreateToken(VoidUser user) - { - var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_settings.JwtSettings.Key)); - var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256); - - var claims = new List() - { - new(ClaimTypes.NameIdentifier, user.Id.ToString()), - new(JwtRegisteredClaimNames.Exp, DateTimeOffset.UtcNow.AddHours(6).ToUnixTimeSeconds().ToString()), - new(JwtRegisteredClaimNames.Iat, DateTimeOffset.UtcNow.ToUnixTimeSeconds().ToString()) - }; - - claims.AddRange(user.Roles.Select(a => new Claim(ClaimTypes.Role, a))); - - return new JwtSecurityToken(_settings.JwtSettings.Issuer, claims: claims, - signingCredentials: credentials); - } - public sealed class LoginRequest { public LoginRequest(string username, string password) diff --git a/VoidCat/Services/Users/UsersStartup.cs b/VoidCat/Services/Users/UsersStartup.cs index 1b88548..e1de418 100644 --- a/VoidCat/Services/Users/UsersStartup.cs +++ b/VoidCat/Services/Users/UsersStartup.cs @@ -19,6 +19,7 @@ public static class UsersStartup { services.AddTransient(); services.AddTransient(); + services.AddTransient(); } } } \ No newline at end of file diff --git a/VoidCat/spa/src/Api.js b/VoidCat/spa/src/Api.js index 9a227f2..a8479be 100644 --- a/VoidCat/spa/src/Api.js +++ b/VoidCat/spa/src/Api.js @@ -27,8 +27,8 @@ export function useApi() { AdminApi: { fileList: (pageReq) => getJson("POST", "/admin/file", pageReq, auth), deleteFile: (id) => getJson("DELETE", `/admin/file/${id}`, undefined, auth), - userList: (pageReq) => getJson("POST", `/admin/user`, pageReq, auth), - updateUser: (user) => getJson("POST", `/admin/user/${user.id}`, user, auth) + userList: (pageReq) => getJson("POST", `/admin/users`, pageReq, auth), + updateUser: (user) => getJson("POST", `/admin/update-user`, user, auth) }, Api: { info: () => getJson("GET", "/info"),