feat: add a change to the User Agent and Ip address in case of a mismatch

2024-12-25 05:52:39 +03:00 · 2024-12-25 05:52:39 +03:00 · 2ab5dea8ba
commit 2ab5dea8ba
parent 5e65aded79
1 changed files with 23 additions and 0 deletions
--- a/Security/Services/AuthService.cs
+++ b/Security/Services/AuthService.cs
@ -227,7 +227,30 @@ public class AuthService(ICacheService cache, IAccessToken accessTokenService, I
                    requestContext.Ip);

            throw new SecurityException(defaultMessageError);
+        }

+        if (authToken.UserAgent != requestContext.UserAgent)
+        {
+            logger.LogInformation("The resulting User-Agent {ProvidedUserAgent} does not match the cached " +
+                                  "{ExpectedUserAgent} of the user {UserId} with the fingerprint {Fingerprint}.",
+                requestContext.UserAgent,
+                authToken.UserAgent,
+                authToken.UserId,
+                requestContext.Fingerprint);
+
+            authToken.UserAgent = requestContext.UserAgent;
+        }
+
+        if (authToken.Ip != requestContext.Ip)
+        {
+            logger.LogInformation("The resulting Ip {ProvidedIp} does not match the cached " +
+                                  "{ExpectedIp} of the user {UserId} with the fingerprint {Fingerprint}.",
+                requestContext.Ip,
+                authToken.Ip,
+                authToken.UserId,
+                requestContext.Fingerprint);
+
+            authToken.Ip = requestContext.Ip;
        }

        var (token, expireIn) = GenerateAccessToken(authToken.UserId);