Add hashing and other security features #12
@ -3,6 +3,7 @@ using Mirea.Api.Security.Common.Dto.Requests;
|
||||
using Mirea.Api.Security.Common.Dto.Responses;
|
||||
using Mirea.Api.Security.Common.Interfaces;
|
||||
using System;
|
||||
using System.Security;
|
||||
using System.Text.Json;
|
||||
using System.Threading;
|
||||
using System.Threading.Tasks;
|
||||
@ -43,4 +44,21 @@ public class PreAuthService(ICacheService cache)
|
||||
ExpiresIn = DateTime.UtcNow.Add(Lifetime)
|
||||
};
|
||||
}
|
||||
public async Task<string> MatchToken(TokenRequest request, string preAuthToken, CancellationToken cancellation = default)
|
||||
{
|
||||
var preAuthTokenStruct = await cache.GetAsync<PreAuthToken>(GetPreAuthCacheKey(request.Fingerprint), cancellation)
|
||||
?? throw new SecurityException($"The token was not found using fingerprint \"{request.Fingerprint}\"");
|
||||
|
||||
if (preAuthTokenStruct == null ||
|
||||
preAuthTokenStruct.Token != preAuthToken ||
|
||||
(preAuthTokenStruct.UserAgent != request.UserAgent &&
|
||||
preAuthTokenStruct.Ip != request.Ip))
|
||||
{
|
||||
throw new SecurityException("It was not possible to verify the authenticity of the token");
|
||||
}
|
||||
|
||||
await cache.RemoveAsync(GetPreAuthCacheKey(request.Fingerprint), cancellation);
|
||||
|
||||
return preAuthTokenStruct.UserId;
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue
Block a user