Compare commits

..

4 Commits

Author SHA1 Message Date
fba842acc3 feat: add a cache with a short lifetime
All checks were successful
.NET Test Pipeline / build-and-test (push) Successful in 2m3s
Build and Deploy Docker Container / build-and-deploy (push) Successful in 4m34s
2024-08-24 04:30:31 +03:00
31087a57c9 feat: add cache for api 2024-08-24 02:27:05 +03:00
24c75e4306 refator: set fingerprint expire instead session mode 2024-08-24 02:26:11 +03:00
dee89b278b refactor: set HttpOnly for debug mode too 2024-08-24 02:25:29 +03:00
8 changed files with 23 additions and 10 deletions

View File

@ -75,9 +75,9 @@ public partial class SetupController(
{ {
Path = UrlHelper.GetSubPathWithoutFirstApiName + "api", Path = UrlHelper.GetSubPathWithoutFirstApiName + "api",
Domain = HttpContext.GetCurrentDomain(), Domain = HttpContext.GetCurrentDomain(),
HttpOnly = true,
#if !DEBUG #if !DEBUG
Secure = true, Secure = true
HttpOnly = true
#endif #endif
}); });
return Ok(true); return Ok(true);

View File

@ -6,6 +6,7 @@ using Microsoft.Extensions.Options;
using Mirea.Api.Dto.Common; using Mirea.Api.Dto.Common;
using Mirea.Api.Dto.Requests; using Mirea.Api.Dto.Requests;
using Mirea.Api.Dto.Responses; using Mirea.Api.Dto.Responses;
using Mirea.Api.Endpoint.Common.Attributes;
using Mirea.Api.Endpoint.Common.Services; using Mirea.Api.Endpoint.Common.Services;
using Mirea.Api.Endpoint.Common.Settings; using Mirea.Api.Endpoint.Common.Settings;
using Mirea.Api.Security.Common.Dto.Requests; using Mirea.Api.Security.Common.Dto.Requests;
@ -31,33 +32,38 @@ public class AuthController(IOptionsSnapshot<Admin> user, AuthService auth, Pass
Expires = expires, Expires = expires,
Path = UrlHelper.GetSubPathWithoutFirstApiName + "api", Path = UrlHelper.GetSubPathWithoutFirstApiName + "api",
Domain = HttpContext.GetCurrentDomain(), Domain = HttpContext.GetCurrentDomain(),
HttpOnly = true,
#if !DEBUG #if !DEBUG
Secure = true, Secure = true
HttpOnly = true
#endif #endif
}; };
Response.Cookies.Append(name, value, cookieOptions); Response.Cookies.Append(name, value, cookieOptions);
} }
private void SetRefreshToken(string value, DateTimeOffset? expires = null) => private void SetRefreshToken(string value, DateTimeOffset? expires = null)
{
SetCookie("refresh_token", value, expires); SetCookie("refresh_token", value, expires);
SetCookie("user_key", Fingerprint, expires);
}
private void SetFirstToken(string value, DateTimeOffset? expires = null) => private void SetFirstToken(string value, DateTimeOffset? expires = null)
{
SetCookie("authentication_token", value, expires); SetCookie("authentication_token", value, expires);
SetCookie("user_key", Fingerprint, expires);
}
[ApiExplorerSettings(IgnoreApi = true)] [ApiExplorerSettings(IgnoreApi = true)]
public void OnActionExecuting(ActionExecutingContext context) public void OnActionExecuting(ActionExecutingContext context)
{ {
Ip = context.HttpContext.Connection.RemoteIpAddress?.ToString()!; Ip = HttpContext.Connection.RemoteIpAddress?.ToString()!;
UserAgent = context.HttpContext.Request.Headers.UserAgent.ToString(); UserAgent = Request.Headers.UserAgent.ToString();
Fingerprint = context.HttpContext.Request.Cookies["user_key"] ?? string.Empty; Fingerprint = Request.Cookies["user_key"] ?? string.Empty;
RefreshToken = Request.Cookies["refresh_token"] ?? string.Empty; RefreshToken = Request.Cookies["refresh_token"] ?? string.Empty;
if (!string.IsNullOrWhiteSpace(Fingerprint)) return; if (!string.IsNullOrWhiteSpace(Fingerprint)) return;
Fingerprint = Guid.NewGuid().ToString().Replace("-", ""); Fingerprint = Guid.NewGuid().ToString().Replace("-", "");
SetCookie("user_key", Fingerprint);
} }
[ApiExplorerSettings(IgnoreApi = true)] [ApiExplorerSettings(IgnoreApi = true)]
@ -157,5 +163,6 @@ public class AuthController(IOptionsSnapshot<Admin> user, AuthService auth, Pass
[HttpGet("GetRole")] [HttpGet("GetRole")]
[ProducesResponseType(StatusCodes.Status401Unauthorized)] [ProducesResponseType(StatusCodes.Status401Unauthorized)]
[Authorize] [Authorize]
[CacheMaxAge(0, 0, 1)]
public ActionResult<AuthRoles> GetRole() => Ok(AuthRoles.Admin); public ActionResult<AuthRoles> GetRole() => Ok(AuthRoles.Admin);
} }

View File

@ -12,6 +12,7 @@ using System.Threading.Tasks;
namespace Mirea.Api.Endpoint.Controllers.V1; namespace Mirea.Api.Endpoint.Controllers.V1;
[ApiVersion("1.0")] [ApiVersion("1.0")]
[CacheMaxAge(true)]
public class CampusController(IMediator mediator) : BaseController public class CampusController(IMediator mediator) : BaseController
{ {
/// <summary> /// <summary>

View File

@ -12,6 +12,7 @@ using System.Threading.Tasks;
namespace Mirea.Api.Endpoint.Controllers.V1; namespace Mirea.Api.Endpoint.Controllers.V1;
[ApiVersion("1.0")] [ApiVersion("1.0")]
[CacheMaxAge(true)]
public class DisciplineController(IMediator mediator) : BaseController public class DisciplineController(IMediator mediator) : BaseController
{ {
/// <summary> /// <summary>

View File

@ -12,6 +12,7 @@ using System.Threading.Tasks;
namespace Mirea.Api.Endpoint.Controllers.V1; namespace Mirea.Api.Endpoint.Controllers.V1;
[ApiVersion("1.0")] [ApiVersion("1.0")]
[CacheMaxAge(true)]
public class FacultyController(IMediator mediator) : BaseController public class FacultyController(IMediator mediator) : BaseController
{ {
/// <summary> /// <summary>

View File

@ -13,6 +13,7 @@ using System.Threading.Tasks;
namespace Mirea.Api.Endpoint.Controllers.V1; namespace Mirea.Api.Endpoint.Controllers.V1;
[ApiVersion("1.0")] [ApiVersion("1.0")]
[CacheMaxAge(true)]
public class GroupController(IMediator mediator) : BaseController public class GroupController(IMediator mediator) : BaseController
{ {
private static int GetCourseNumber(string groupName) private static int GetCourseNumber(string groupName)

View File

@ -12,6 +12,7 @@ using System.Threading.Tasks;
namespace Mirea.Api.Endpoint.Controllers.V1; namespace Mirea.Api.Endpoint.Controllers.V1;
[ApiVersion("1.0")] [ApiVersion("1.0")]
[CacheMaxAge(true)]
public class LectureHallController(IMediator mediator) : BaseController public class LectureHallController(IMediator mediator) : BaseController
{ {
/// <summary> /// <summary>

View File

@ -12,6 +12,7 @@ using System.Threading.Tasks;
namespace Mirea.Api.Endpoint.Controllers.V1; namespace Mirea.Api.Endpoint.Controllers.V1;
[ApiVersion("1.0")] [ApiVersion("1.0")]
[CacheMaxAge(true)]
public class ProfessorController(IMediator mediator) : BaseController public class ProfessorController(IMediator mediator) : BaseController
{ {
/// <summary> /// <summary>