Winsomnia/MireaBackend
2
0
Fork 0
Code Pull Requests Actions Projects Releases Activity

feat: add authorize in OAuth

Browse Source
This commit is contained in:
Polianin Nikita
2024-11-04 02:39:10 +03:00
parent 65d928ec2d
commit e977de3e4f
14 changed files with 390 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
Security/Services/AuthService.cs
View File

@ -23,7 +23,7 @@ public class AuthService(ICacheService cache, IAccessToken accessTokenService, I
accessTokenService.GenerateToken(userId);
private static string GetAuthCacheKey(string fingerprint) => $"{fingerprint}_auth_token";
internal static string GetFirstAuthCacheKey(string fingerprint) => $"{fingerprint}_auth_token_first";
private static string GetFirstAuthCacheKey(string fingerprint) => $"{fingerprint}_auth_token_first";
private Task SetAuthTokenDataToCache(AuthToken data, CancellationToken cancellation) =>
cache.SetAsync(
@ -32,6 +32,18 @@ public class AuthService(ICacheService cache, IAccessToken accessTokenService, I
slidingExpiration: Lifetime,
cancellationToken: cancellation);
private Task CreateFirstAuthTokenToCache(User data, RequestContextInfo requestContext, CancellationToken cancellation) =>
cache.SetAsync(
GetFirstAuthCacheKey(requestContext.Fingerprint),
JsonSerializer.SerializeToUtf8Bytes(new FirstAuthToken(requestContext)
{
UserId = data.Id,
Secret = data.SecondFactorToken,
TwoFactorAuthenticator = data.TwoFactorAuthenticator
}),
slidingExpiration: LifetimeFirstAuth,
cancellationToken: cancellation);
private Task RevokeAccessToken(string token) =>
revokedToken.AddTokenToRevokedAsync(token, accessTokenService.GetExpireDateTime(token));
@ -94,6 +106,21 @@ public class AuthService(ICacheService cache, IAccessToken accessTokenService, I
authToken.Fingerprint);
}
public async Task<TwoFactorAuthenticator> LoginOAuthAsync(CookieOptionsParameters cookieOptions, HttpContext context, User user, OAuthProvider provider, CancellationToken cancellation = default)
{
var requestContext = new RequestContextInfo(context, cookieOptions);
if (user.TwoFactorAuthenticator == TwoFactorAuthenticator.None)
{
await GenerateAuthTokensAsync(cookieOptions, context, requestContext, user.Id, cancellation);
return TwoFactorAuthenticator.None;
}
await CreateFirstAuthTokenToCache(user, requestContext, cancellation);
return user.TwoFactorAuthenticator;
}
public async Task<bool> LoginAsync(CookieOptionsParameters cookieOptions, HttpContext context, TwoFactorAuthenticator authenticator, string code, CancellationToken cancellation = default)
{
var requestContext = new RequestContextInfo(context, cookieOptions);
@ -116,8 +143,6 @@ public class AuthService(ICacheService cache, IAccessToken accessTokenService, I
throw new SecurityException("Invalid verification code. Please try again.");
}
break;
case TwoFactorAuthenticator.None:
break;
default:
throw new InvalidOperationException("Unsupported authorization method.");
}
@ -138,14 +163,7 @@ public class AuthService(ICacheService cache, IAccessToken accessTokenService, I
return TwoFactorAuthenticator.None;
}
var firstAuthToken = new FirstAuthToken(requestContext)
{
UserId = user.Id,
Secret = user.SecondFactorToken,
TwoFactorAuthenticator = user.TwoFactorAuthenticator
};
await cache.SetAsync(GetFirstAuthCacheKey(requestContext.Fingerprint), firstAuthToken, absoluteExpirationRelativeToNow: LifetimeFirstAuth, cancellationToken: cancellation);
await CreateFirstAuthTokenToCache(user, requestContext, cancellation);
return user.TwoFactorAuthenticator;
}