Winsomnia/MireaBackend
1
0
Fork 0
Code Pull Requests Actions Projects Releases Activity

Compare commits

base: Winsomnia:470031af39fb36c4068a36d87b2f46822243e27a
Branches Tags
Winsomnia:master
Winsomnia:release/v1.0.0
Winsomnia:feat/application-command
..
compare: Winsomnia:25b6c7d69148c04d9a37abc4250fdceb6a2bc31a
Branches Tags
Winsomnia:release/v1.0.0
Winsomnia:feat/application-command
Winsomnia:master

15 Commits
470031af39 ... 25b6c7d691

Author SHA1 Message Date
Polianin Nikita
25b6c7d691 feat: add method if there is no pre-auth token 2024-05-29 06:00:15 +03:00
Polianin Nikita
61218c38a0 feat: add logout 2024-05-29 05:56:27 +03:00
Polianin Nikita
d84011cd71 feat: add refresh token 2024-05-29 05:55:57 +03:00
Polianin Nikita
4138c70007 feat: add wrap for revoke access token 2024-05-29 05:55:31 +03:00
Polianin Nikita
9dd505a608 feat: add auth token response 2024-05-29 05:55:13 +03:00
Polianin Nikita
79fb05d428 feat: add token revocation 2024-05-29 05:54:45 +03:00
Polianin Nikita
81f2f995b0 feat: add generate auth token 2024-05-29 05:51:32 +03:00
Polianin Nikita
f3063c5322 feat: add generate access token 2024-05-29 05:51:03 +03:00
Polianin Nikita
43011457d6 feat: add wrap for save to cache 2024-05-29 05:50:47 +03:00
Polianin Nikita
4240ad8110 feat: add auth key for cache 2024-05-29 05:36:26 +03:00
Polianin Nikita
a3a42dd5c2 feat: add generate refresh token 2024-05-29 05:35:44 +03:00
Polianin Nikita
b25be758ad feat: add auth token 2024-05-29 05:33:55 +03:00
Polianin Nikita
7df4c8e4b6 feat: add auth service 2024-05-29 05:32:22 +03:00
Polianin Nikita
f55d701ff3 feat: add sliding expiration for cache 2024-05-29 05:30:00 +03:00
Polianin Nikita
d3a60d2a30 feat: add interface for gen access token 2024-05-29 05:29:25 +03:00
7 changed files with 153 additions and 4 deletions
Show Stats Expand all files Collapse all files

13
Security/Common/Domain/AuthToken.cs Normal file
View File

@ -0,0 +1,13 @@
using System;
namespace Mirea.Api.Security.Common.Domain;
public class AuthToken
{
public required string RefreshToken { get; set; }
public required string UserAgent { get; set; }
public required string Ip { get; set; }
public required string UserId { get; set; }
public required string AccessToken { get; set; }
public DateTime CreatedAt { get; set; }
}

10
Security/Common/Dto/Responses/AuthTokenResponse.cs Normal file
View File

@ -0,0 +1,10 @@
using System;
namespace Mirea.Api.Security.Common.Dto.Responses;
public class AuthTokenResponse
{
public required string AccessToken { get; set; }
public required string RefreshToken { get; set; }
public DateTime ExpiresIn { get; set; }
}

9
Security/Common/Interfaces/IAccessToken.cs Normal file
View File

@ -0,0 +1,9 @@
using System;
namespace Mirea.Api.Security.Common.Interfaces;
public interface IAccessToken
{
(string Token, DateTime ExpireIn) GenerateToken(string userId);
DateTimeOffset GetExpireDateTime(string token);
}

6
Security/Common/Interfaces/ICacheService.cs
View File

@ -6,7 +6,11 @@ namespace Mirea.Api.Security.Common.Interfaces;
public interface ICacheService
{
Task SetAsync<T>(string key, T value, TimeSpan? absoluteExpirationRelativeToNow = null, CancellationToken cancellationToken = default);
Task SetAsync<T>(string key, T value,
TimeSpan? absoluteExpirationRelativeToNow = null,
TimeSpan? slidingExpiration = null,
CancellationToken cancellationToken = default);
Task<T?> GetAsync<T>(string key, CancellationToken cancellationToken = default);
Task RemoveAsync(string key, CancellationToken cancellationToken = default);
}

10
Security/Common/Interfaces/IRevokedToken.cs Normal file
View File

@ -0,0 +1,10 @@
using System;
using System.Threading.Tasks;
namespace Mirea.Api.Security.Common.Interfaces;
public interface IRevokedToken
{
Task AddTokenToRevokedAsync(string token, DateTimeOffset expiresIn);
Task<bool> IsTokenRevokedAsync(string token);
}

103
Security/Services/AuthService.cs Normal file
View File

@ -0,0 +1,103 @@
using Mirea.Api.Security.Common.Domain;
using Mirea.Api.Security.Common.Dto.Requests;
using Mirea.Api.Security.Common.Dto.Responses;
using Mirea.Api.Security.Common.Interfaces;
using System;
using System.Security;
using System.Text.Json;
using System.Threading;
using System.Threading.Tasks;
namespace Mirea.Api.Security.Services;
public class AuthService(ICacheService cache, IAccessToken accessTokenService, IRevokedToken revokedToken)
{
public TimeSpan Lifetime { private get; init; }
private static string GenerateRefreshToken() => Guid.NewGuid().ToString().Replace("-", "") +
GeneratorKey.GenerateString(32);
private (string Token, DateTime ExpireIn) GenerateAccessToken(string userId) =>
accessTokenService.GenerateToken(userId);
private static string GetAuthCacheKey(string fingerprint) => $"{fingerprint}_auth_token";
private Task SetAuthTokenDataToCache(string fingerprint, AuthToken data, CancellationToken cancellation) =>
cache.SetAsync(
GetAuthCacheKey(fingerprint),
JsonSerializer.SerializeToUtf8Bytes(data),
slidingExpiration: Lifetime,
cancellationToken: cancellation);
private Task RevokeAccessToken(string token) =>
revokedToken.AddTokenToRevokedAsync(token, accessTokenService.GetExpireDateTime(token));
public async Task<AuthTokenResponse> GenerateAuthTokensAsync(TokenRequest request, string userId, CancellationToken cancellation = default)
{
var refreshToken = GenerateRefreshToken();
var accessToken = GenerateAccessToken(userId);
var authTokenStruct = new AuthToken
{
CreatedAt = DateTime.UtcNow,
Ip = request.Ip,
RefreshToken = refreshToken,
UserAgent = request.UserAgent,
UserId = userId,
AccessToken = accessToken.Token
};
await SetAuthTokenDataToCache(request.Fingerprint, authTokenStruct, cancellation);
return new AuthTokenResponse
{
AccessToken = accessToken.Token,
ExpiresIn = accessToken.ExpireIn,
RefreshToken = authTokenStruct.RefreshToken
};
}
public async Task<AuthTokenResponse> GenerateAuthTokensWithPreAuthAsync(TokenRequest request, string preAuthToken,
CancellationToken cancellation = default) =>
await GenerateAuthTokensAsync(request,
await new PreAuthService(cache).MatchToken(request, preAuthToken, cancellation),
cancellation);
public async Task<AuthTokenResponse> RefreshTokenAsync(TokenRequest request, string refreshToken, CancellationToken cancellation = default)
{
var authToken = await cache.GetAsync<AuthToken>(GetAuthCacheKey(request.Fingerprint), cancellation)
?? throw new SecurityException(request.Fingerprint);
if (authToken.RefreshToken != refreshToken ||
authToken.UserAgent != request.UserAgent &&
authToken.Ip != request.Ip)
{
await cache.RemoveAsync(request.Fingerprint, cancellation);
await RevokeAccessToken(authToken.AccessToken);
throw new SecurityException(request.Fingerprint);
}
var accessToken = GenerateAccessToken(authToken.UserId);
await RevokeAccessToken(authToken.AccessToken);
authToken.AccessToken = accessToken.Token;
await SetAuthTokenDataToCache(request.Fingerprint, authToken, cancellation);
return new AuthTokenResponse
{
AccessToken = accessToken.Token,
ExpiresIn = accessToken.ExpireIn,
RefreshToken = GenerateRefreshToken()
};
}
public async Task LogoutAsync(string fingerprint, CancellationToken cancellation = default)
{
var authTokenStruct = await cache.GetAsync<AuthToken>(GetAuthCacheKey(fingerprint), cancellation);
if (authTokenStruct == null) return;
await RevokeAccessToken(authTokenStruct.AccessToken);
await cache.RemoveAsync(fingerprint, cancellation);
}
}

6
Security/Services/PreAuthService.cs
View File

@ -14,7 +14,7 @@ public class PreAuthService(ICacheService cache)
{
public TimeSpan Lifetime { private get; init; }
private static string GeneratePreAuthToken() => Guid.NewGuid().ToString().Replace("-", "") +
private static string GeneratePreAuthToken() => Guid.NewGuid().ToString().Replace("-", "") +
GeneratorKey.GenerateString(16);
private static string GetPreAuthCacheKey(string fingerprint) => $"{fingerprint}_pre_auth_token";
@ -35,8 +35,8 @@ public class PreAuthService(ICacheService cache)
await cache.SetAsync(
GetPreAuthCacheKey(request.Fingerprint),
JsonSerializer.SerializeToUtf8Bytes(preAuthTokenStruct),
Lifetime,
cancellation);
absoluteExpirationRelativeToNow: Lifetime,
cancellationToken: cancellation);
return new PreAuthTokenResponse
{