Winsomnia/MireaBackend
2
0
Fork 0
Code Pull Requests Actions Projects Releases Activity

Release v1.0.0 #16

Merged
Wesser merged 492 commits from release/v1.0.0 into master 2025-02-12 09:19:32 +03:00
Conversation 0 Commits 492 Files Changed 301 +15265 -99
288 changed files with 15265 additions and 99 deletions
Showing only changes of commit 6358410f18 - Show all commits
.editorconfig.env
.gitea/workflows
deploy-stage.yamltest.yaml
.gitignore
ApiDto
ApiDto.csproj
Common
AuthRoles.csCacheType.csDatabaseType.csOAuthAction.csOAuthProvider.csPairPeriodTime.csPasswordPolicy.csTwoFactorAuthentication.cs
Requests
Configuration
CacheRequest.csDatabaseRequest.csEmailRequest.csLoggingRequest.csScheduleConfigurationRequest.cs
CreateUserRequest.csLoginRequest.csScheduleRequest.csTwoFactorAuthRequest.cs
Responses
AvailableOAuthProvidersResponse.csCampusBasicInfoResponse.csCampusDetailsResponse.cs
Configuration
CacheResponse.csDatabaseResponse.cs
DisciplineResponse.csFacultyResponse.csGroupDetailsResponse.csGroupResponse.csLectureHallDetailsResponse.csLectureHallResponse.csProfessorResponse.csScheduleResponse.csTotpKeyResponse.csUserResponse.cs
Backend.slnDockerfile
Endpoint
Backend.http
Common
Attributes
BadRequestResponseAttribute.csCacheMaxAgeAttribute.csLocalhostAttribute.csMaintenanceModeIgnoreAttribute.csNotFoundResponseAttribute.csSwaggerDefaultAttribute.csTokenAuthenticationAttribute.cs
Exceptions
ControllerArgumentException.csServerUnavailableException.cs
Interfaces
IMaintenanceModeNotConfigureService.csIMaintenanceModeService.csISetupToken.cs
MapperDto
AvailableProvidersConverter.csPairPeriodTimeConverter.csPasswordPolicyConverter.csTwoFactorAuthenticationConverter.csUserConverter.cs
Services
MaintenanceModeNotConfigureService.csMaintenanceModeService.csPathBuilder.csScheduleSyncManager.cs
Security
DistributedCacheService.csJwtTokenService.csMemoryCacheService.csMemoryRevokedTokenService.cs
UrlHelper.cs
Configuration
Core
BackgroundTasks
ScheduleSyncService.cs
Middleware
CacheMaxAgeMiddleware.csCookieAuthorizationMiddleware.csCustomExceptionHandlerMiddleware.csJwtRevocationMiddleware.csMaintenanceModeMiddleware.cs
Startup
ApiVersioningConfiguration.csCacheConfiguration.csEnvironmentConfiguration.csJwtConfiguration.csLoggerConfiguration.csSecureConfiguration.csSwaggerConfiguration.cs
ISaveSettings.cs
Model
Admin.csGeneralConfig.cs
GeneralSettings
CacheSettings.csDbSettings.csEmailSettings.csLogSettings.csScheduleSettings.cs
SwaggerOptions
ActionResultSchemaFilter.csConfigureSwaggerOptions.csSwaggerDefaultValues.csSwaggerExampleFilter.cs
Validation
Attributes
RequiredSettingsAttribute.cs
Interfaces
IIsConfigured.cs
SetupTokenService.cs
Validators
SettingsRequiredValidator.cs
Controllers
BaseController.cs
Configuration
SetupController.cs
V1
AuthController.csCampusController.csDisciplineController.csFacultyController.csGroupController.csImportController.csLectureHallController.csProfessorController.csScheduleController.csSecurityController.cs
WeatherForecastController.cs
Endpoint.csprojProgram.cs
Sync
Common
DataRepository.cs
ScheduleSynchronizer.cs
WeatherForecast.cs
wwwroot
css
swagger
SwaggerDark.css
README.md
Security
Common
CookieNames.cs
Domain
Caching
AuthToken.csFirstAuthToken.csOAuthUserExtension.cs
OAuthPayload.csOAuthProvider.csOAuthProviderUrisData.csOAuthUser.csRequestContextInfo.cs
Interfaces
IAccessToken.csICacheService.csIRevokedToken.csIUserInfo.cs
Model
CookieOptions.csPasswordPolicy.csTwoFactorAuthenticator.csUser.cs
OAuth2
OAuthTokenResponse.cs
UserInfo
GoogleUserInfo.csMailRuUserInfo.csYandexUserInfo.cs
ViewModel
LoginOAuth.cs
DependencyInjection.cs
Properties
launchSettings.json
Security.csproj
Services
AuthService.csGeneratorKey.csOAuthService.csPasswordHashService.csPasswordPolicyService.csTotpService.cs
SqlData
Application
Application.csproj
Common
Behaviors
ValidationBehavior.cs
Exceptions
NotFoundException.cs
Cqrs
Campus
Queries
GetCampusBasicInfoList
CampusBasicInfoDto.csCampusBasicInfoVm.csGetCampusBasicInfoListQuery.csGetCampusBasicInfoListQueryHandler.cs
GetCampusDetails
CampusDetailsVm.csGetCampusDetailsQuery.csGetCampusDetailsQueryHandler.cs
Discipline
Queries
GetDisciplineDetails
DisciplineInfoVm.csGetDisciplineInfoQuery.csGetDisciplineInfoQueryHandler.cs
GetDisciplineList
DisciplineListVm.csDisciplineLookupDto.csGetDisciplineListQuery.csGetDisciplineListQueryHandler.cs
Faculty
Queries
GetFacultyList
FacultyListVm.csFacultyLookupDto.csGetFacultyListQuery.csGetFacultyListQueryHandler.cs
Group
Queries
GetGroupDetails
GetGroupInfoQuery.csGetGroupInfoQueryHandler.csGroupInfoVm.cs
GetGroupList
GetGroupListQuery.csGetGroupListQueryHandler.csGroupListVm.csGroupLookupDto.cs
LectureHall
Queries
GetLectureHallDetails
GetLectureHallInfoQuery.csGetLectureHallInfoQueryHandler.csLectureHallInfoVm.cs
GetLectureHallList
GetLectureHallListQuery.csGetLectureHallListQueryHandler.csLectureHallListVm.csLectureHallLookupDto.cs
Professor
Queries
GetProfessorDetails
GetProfessorInfoQuery.csGetProfessorInfoQueryHandler.csProfessorInfoVm.cs
GetProfessorDetailsBySearch
GetProfessorInfoSearchQuery.csGetProfessorInfoSearchQueryHandler.csProfessorInfoListVm.cs
GetProfessorList
GetProfessorListQuery.csGetProfessorListQueryHandler.csProfessorListVm.csProfessorLookupDto.cs
Schedule
Queries
GetScheduleList
GetScheduleListQuery.csGetScheduleListQueryHandler.csScheduleListVm.csScheduleLookupDto.cs
DependencyInjection.cs
Interfaces
DbContexts
IDbContextBase.cs
Schedule
ICampusDbContext.csIDisciplineDbContext.csIFacultyDbContext.csIGroupDbContext.csILectureHallDbContext.csILessonAssociationDbContext.csILessonDbContext.csIProfessorDbContext.csISpecificWeekDbContext.csITypeOfOccupationDbContext.cs
Domain
Domain.csproj
Schedule
Campus.csDiscipline.csFaculty.csGroup.csLectureHall.csLesson.csLessonAssociation.csProfessor.csSpecificWeek.csTypeOfOccupation.cs
Migrations
MysqlMigrations
Migrations
20240601023106_InitialMigration.Designer.cs20240601023106_InitialMigration.cs20241027034820_RemoveUnusedRef.Designer.cs20241027034820_RemoveUnusedRef.csUberDbContextModelSnapshot.cs
MysqlMigrations.csproj
PsqlMigrations
Migrations
20240601021702_InitialMigration.Designer.cs20240601021702_InitialMigration.cs20241027032753_RemoveUnusedRef.Designer.cs20241027032753_RemoveUnusedRef.csUberDbContextModelSnapshot.cs
PsqlMigrations.csproj
SqliteMigrations
Migrations
20240601015714_InitialMigration.Designer.cs20240601015714_InitialMigration.cs20241027032931_RemoveUnusedRef.Designer.cs20241027032931_RemoveUnusedRef.csUberDbContextModelSnapshot.cs
SqliteMigrations.csproj
Persistence
Common
BaseDbContext.csConfigurationResolver.csDatabaseProvider.csDbContextFactory.csModelBuilderExtensions.cs
Contexts
Schedule
CampusDbContext.csDisciplineDbContext.csFacultyDbContext.csGroupDbContext.csLectureHallDbContext.csLessonAssociationDbContext.csLessonDbContext.csProfessorDbContext.csSpecificWeekDbContext.csTypeOfOccupationDbContext.cs
DbInitializer.csDependencyInjection.cs
EntityTypeConfigurations
Mark.cs
Mysql
Schedule
CampusConfiguration.csDisciplineConfiguration.csFacultyConfiguration.csGroupConfiguration.csLectureHallConfiguration.csLessonAssociationConfiguration.csLessonConfiguration.csProfessorConfiguration.csSpecificWeekConfiguration.csTypeOfOccupationConfiguration.cs
Postgresql
Schedule
CampusConfiguration.csDisciplineConfiguration.csFacultyConfiguration.csGroupConfiguration.csLectureHallConfiguration.csLessonAssociationConfiguration.csLessonConfiguration.csProfessorConfiguration.csSpecificWeekConfiguration.csTypeOfOccupationConfiguration.cs
Sqlite
Schedule
CampusConfiguration.csDisciplineConfiguration.csFacultyConfiguration.csGroupConfiguration.csLectureHallConfiguration.csLessonAssociationConfiguration.csLessonConfiguration.csProfessorConfiguration.csSpecificWeekConfiguration.csTypeOfOccupationConfiguration.cs
Persistence.csprojUberDbContext.cs
nuget.config

3
Security/Common/Domain/Caching/OAuthUserExtension.cs

@ -5,5 +5,8 @@ internal class OAuthUserExtension
public string? Message { get; set; } public string? Message { get; set; }
public bool IsSuccess { get; set; } public bool IsSuccess { get; set; }
public required OAuthProvider? Provider { get; set; } public required OAuthProvider? Provider { get; set; }
public string? UserAgent { get; set; } = null;
public string? Ip { get; set; } = null;
public string? Fingerprint { get; set; } = null;
public OAuthUser? User { get; set; } public OAuthUser? User { get; set; }
} }

34
Security/Services/OAuthService.cs

@ -369,8 +369,6 @@ public class OAuthService(ILogger<OAuthService> logger, Dictionary<OAuthProvider
return (null, "Invalid or expired token.", false, null); return (null, "Invalid or expired token.", false, null);
} }
await cache.RemoveAsync(tokenFailedKey, cancellation);
const string log = "Cache data retrieved for token: {Token}. Fingerprint: {Fingerprint}."; const string log = "Cache data retrieved for token: {Token}. Fingerprint: {Fingerprint}.";
if (result.User != null) if (result.User != null)
@ -387,6 +385,38 @@ public class OAuthService(ILogger<OAuthService> logger, Dictionary<OAuthProvider
else else
logger.LogInformation(log, token, requestInfo.Fingerprint); logger.LogInformation(log, token, requestInfo.Fingerprint);
if ((!string.IsNullOrEmpty(result.Fingerprint) &&
result.Fingerprint != requestInfo.Fingerprint) ||
(!string.IsNullOrEmpty(result.UserAgent) &&
result.UserAgent != requestInfo.UserAgent &&
!string.IsNullOrEmpty(result.Ip)) &&
result.Ip != requestInfo.Ip)
{
logger.LogWarning(
"Potential token compromise detected. " +
"Token {Token} has been used from different location. " +
"Fingerprint: {ExpectedFingerprint} -> {ProvidedFingerprint}, " +
"UserAgent: {ExpectedUserAgent} -> {ProvidedUserAgent}, " +
"Ip: {ExpectedUserIp} -> {ProvidedIp}",
token,
result.Fingerprint,
requestInfo.Fingerprint,
result.UserAgent,
requestInfo.UserAgent,
result.Ip,
requestInfo.Ip);
await cache.RemoveAsync(token, cancellation);
return (null, "Invalid or expired token.", false, null);
}
await cache.RemoveAsync(tokenFailedKey, cancellation);
result.Ip = requestInfo.Ip;
result.UserAgent = requestInfo.UserAgent;
result.Fingerprint = requestInfo.Fingerprint;
return (result.User, result.Message, result.IsSuccess, result.Provider); return (result.User, result.Message, result.IsSuccess, result.Provider);
} }
} }