Winsomnia/MireaBackend
1
0
Fork 0
Code Pull Requests Actions Projects Releases Activity

sec: transfer user verification to the appropriate service

Browse Source
This commit is contained in:
Polianin Nikita 2024-12-22 05:13:46 +03:00
parent 5cc54eac44
commit f2e79e51f2
2 changed files with 6 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Endpoint/Controllers/V1/AuthController.cs
View File

@ -164,10 +164,6 @@ public class AuthController(IOptionsSnapshot<Admin> user, IOptionsSnapshot<Gener
{ {
var userEntity = user.Value; var userEntity = user.Value;
if (!userEntity.Username.Equals(request.Username, StringComparison.OrdinalIgnoreCase) &&
!userEntity.Email.Equals(request.Username, StringComparison.OrdinalIgnoreCase))
return Unauthorized("Authentication failed. Please check your credentials.");
var tokenResult = await auth.LoginAsync( var tokenResult = await auth.LoginAsync(
GetCookieParams(), GetCookieParams(),
new User new User
@ -181,7 +177,7 @@ public class AuthController(IOptionsSnapshot<Admin> user, IOptionsSnapshot<Gener
SecondFactorToken = userEntity.Secret, SecondFactorToken = userEntity.Secret,
OAuthProviders = userEntity.OAuthProviders OAuthProviders = userEntity.OAuthProviders
}, },
HttpContext, request.Password); HttpContext, request.Password, request.Username);
return Ok(tokenResult.ConvertToDto()); return Ok(tokenResult.ConvertToDto());
} }

9
Security/Services/AuthService.cs
View File

@ -47,10 +47,11 @@ public class AuthService(ICacheService cache, IAccessToken accessTokenService, I
private Task RevokeAccessToken(string token) => private Task RevokeAccessToken(string token) =>
revokedToken.AddTokenToRevokedAsync(token, accessTokenService.GetExpireDateTime(token)); revokedToken.AddTokenToRevokedAsync(token, accessTokenService.GetExpireDateTime(token));
private async Task VerifyUserOrThrowError(RequestContextInfo requestContext, User user, string password, private async Task VerifyUserOrThrowError(RequestContextInfo requestContext, User user, string password, string username,
CancellationToken cancellation = default) CancellationToken cancellation = default)
{ {
if (passwordService.VerifyPassword(password, user.Salt, user.PasswordHash)) if ((user.Email.Equals(username, StringComparison.OrdinalIgnoreCase) || user.Username.Equals(username, StringComparison.OrdinalIgnoreCase)) &&
passwordService.VerifyPassword(password, user.Salt, user.PasswordHash))
return; return;
var failedLoginCacheName = $"{requestContext.Fingerprint}_login_failed"; var failedLoginCacheName = $"{requestContext.Fingerprint}_login_failed";
@ -151,11 +152,11 @@ public class AuthService(ICacheService cache, IAccessToken accessTokenService, I
return true; return true;
} }
public async Task<TwoFactorAuthenticator> LoginAsync(CookieOptionsParameters cookieOptions, User user, HttpContext context, string password, CancellationToken cancellation = default) public async Task<TwoFactorAuthenticator> LoginAsync(CookieOptionsParameters cookieOptions, User user, HttpContext context, string password, string username, CancellationToken cancellation = default)
{ {
var requestContext = new RequestContextInfo(context, cookieOptions); var requestContext = new RequestContextInfo(context, cookieOptions);
await VerifyUserOrThrowError(requestContext, user, password, cancellation); await VerifyUserOrThrowError(requestContext, user, password, username, cancellation);
if (user.TwoFactorAuthenticator == TwoFactorAuthenticator.None) if (user.TwoFactorAuthenticator == TwoFactorAuthenticator.None)
{ {