MireaBackend/Security/Services/AuthService.cs

109 lines
4.2 KiB
C#
Raw Normal View History

2024-05-29 05:50:47 +03:00
using Mirea.Api.Security.Common.Domain;
using Mirea.Api.Security.Common.Dto.Requests;
using Mirea.Api.Security.Common.Dto.Responses;
using Mirea.Api.Security.Common.Interfaces;
using System;
2024-05-29 05:51:32 +03:00
using System.Security;
using System.Text.Json;
using System.Threading;
using System.Threading.Tasks;
2024-05-29 05:32:22 +03:00
namespace Mirea.Api.Security.Services;
2024-05-29 05:55:31 +03:00
public class AuthService(ICacheService cache, IAccessToken accessTokenService, IRevokedToken revokedToken)
2024-05-29 05:32:22 +03:00
{
public TimeSpan Lifetime { private get; init; }
2024-05-29 05:35:44 +03:00
private static string GenerateRefreshToken() => Guid.NewGuid().ToString().Replace("-", "") +
GeneratorKey.GenerateString(32);
2024-05-29 05:51:03 +03:00
private (string Token, DateTime ExpireIn) GenerateAccessToken(string userId) =>
accessTokenService.GenerateToken(userId);
2024-05-29 05:36:26 +03:00
private static string GetAuthCacheKey(string fingerprint) => $"{fingerprint}_auth_token";
2024-05-29 05:50:47 +03:00
private Task SetAuthTokenDataToCache(string fingerprint, AuthToken data, CancellationToken cancellation) =>
cache.SetAsync(
GetAuthCacheKey(fingerprint),
JsonSerializer.SerializeToUtf8Bytes(data),
slidingExpiration: Lifetime,
cancellationToken: cancellation);
2024-05-29 05:51:32 +03:00
2024-05-29 05:55:31 +03:00
private Task RevokeAccessToken(string token) =>
revokedToken.AddTokenToRevokedAsync(token, accessTokenService.GetExpireDateTime(token));
public async Task<AuthTokenResponse> GenerateAuthTokensAsync(TokenRequest request, string userId, CancellationToken cancellation = default)
2024-05-29 05:51:32 +03:00
{
var refreshToken = GenerateRefreshToken();
2024-06-21 21:36:11 +03:00
var (token, expireIn) = GenerateAccessToken(userId);
2024-05-29 05:51:32 +03:00
var authTokenStruct = new AuthToken
{
CreatedAt = DateTime.UtcNow,
Ip = request.Ip,
RefreshToken = refreshToken,
UserAgent = request.UserAgent,
UserId = userId,
2024-06-21 21:36:11 +03:00
AccessToken = token
2024-05-29 05:51:32 +03:00
};
await SetAuthTokenDataToCache(request.Fingerprint, authTokenStruct, cancellation);
return new AuthTokenResponse
{
2024-06-21 21:36:11 +03:00
AccessToken = token,
AccessExpiresIn = expireIn,
RefreshToken = authTokenStruct.RefreshToken,
RefreshExpiresIn = DateTime.UtcNow.Add(Lifetime),
2024-05-29 05:51:32 +03:00
};
}
2024-05-29 05:55:57 +03:00
public async Task<AuthTokenResponse> GenerateAuthTokensWithPreAuthAsync(TokenRequest request, string preAuthToken,
CancellationToken cancellation = default) =>
await GenerateAuthTokensAsync(request,
await new PreAuthService(cache).MatchToken(request, preAuthToken, cancellation),
cancellation);
2024-05-29 05:55:57 +03:00
public async Task<AuthTokenResponse> RefreshTokenAsync(TokenRequest request, string refreshToken, CancellationToken cancellation = default)
{
var authToken = await cache.GetAsync<AuthToken>(GetAuthCacheKey(request.Fingerprint), cancellation)
?? throw new SecurityException(request.Fingerprint);
if (authToken.RefreshToken != refreshToken ||
authToken.UserAgent != request.UserAgent &&
authToken.Ip != request.Ip)
{
2024-06-27 23:37:40 +03:00
await cache.RemoveAsync(GetAuthCacheKey(request.Fingerprint), cancellation);
2024-05-29 05:55:57 +03:00
await RevokeAccessToken(authToken.AccessToken);
throw new SecurityException(request.Fingerprint);
}
2024-06-21 21:36:11 +03:00
var (token, expireIn) = GenerateAccessToken(authToken.UserId);
2024-05-29 05:55:57 +03:00
await RevokeAccessToken(authToken.AccessToken);
var newRefreshToken = GenerateRefreshToken();
2024-06-21 21:36:11 +03:00
authToken.AccessToken = token;
authToken.RefreshToken = newRefreshToken;
2024-05-29 05:55:57 +03:00
await SetAuthTokenDataToCache(request.Fingerprint, authToken, cancellation);
return new AuthTokenResponse
{
2024-06-21 21:36:11 +03:00
AccessToken = token,
AccessExpiresIn = expireIn,
RefreshToken = newRefreshToken,
2024-06-21 21:36:11 +03:00
RefreshExpiresIn = DateTime.UtcNow.Add(Lifetime)
2024-05-29 05:55:57 +03:00
};
}
2024-05-29 05:56:27 +03:00
public async Task LogoutAsync(string fingerprint, CancellationToken cancellation = default)
{
var authTokenStruct = await cache.GetAsync<AuthToken>(GetAuthCacheKey(fingerprint), cancellation);
if (authTokenStruct == null) return;
await RevokeAccessToken(authTokenStruct.AccessToken);
await cache.RemoveAsync(fingerprint, cancellation);
}
2024-05-29 05:32:22 +03:00
}