Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Commit d1d2566

Browse files
Authorization validation implemented
1 parent dd54f18 commit d1d2566

File tree

21 files changed

+791
-20
lines changed

21 files changed

+791
-20
lines changed

‎.vscode/launch.json

Lines changed: 28 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,11 +1,11 @@
11
{
2-
// Use IntelliSense to find out which attributes exist for C# debugging
3-
// Use hover for the description of the existing attributes
4-
// For further information visit https://github.com/OmniSharp/omnisharp-vscode/blob/master/debugger-launchjson.md
5-
"version": "0.2.0",
6-
"configurations": [
2+
// Use IntelliSense to find out which attributes exist for C# debugging
3+
// Use hover for the description of the existing attributes
4+
// For further information visit https://github.com/OmniSharp/omnisharp-vscode/blob/master/debugger-launchjson.md
5+
"version": "0.2.0",
6+
"configurations": [
77
{
8-
"name": ".NET Core Launch (web)",
8+
"name": ".NET Core Launch (auth)",
99
"type": "coreclr",
1010
"request": "launch",
1111
"preLaunchTask": "build",
@@ -26,6 +26,28 @@
2626
"/Views": "${workspaceFolder}/Views"
2727
}
2828
},
29+
{
30+
"name": ".NET Core Launch (webapp)",
31+
"type": "coreclr",
32+
"request": "launch",
33+
"preLaunchTask": "build",
34+
// If you have changed target frameworks, make sure to update the program path.
35+
"program": "${workspaceFolder}/server/WebApplication2/WebApplication2/bin/Debug/netcoreapp3.1/WebApplication2.dll",
36+
"args": [],
37+
"cwd": "${workspaceFolder}/server/WebApplication2/WebApplication2",
38+
"stopAtEntry": false,
39+
// Enable launching a web browser when ASP.NET Core starts. For more information: https://aka.ms/VSCode-CS-LaunchJson-WebBrowser
40+
"serverReadyAction": {
41+
"action": "openExternally",
42+
"pattern": "^\\s*Now listening on:\\s+(https?://\\S+)"
43+
},
44+
"env": {
45+
"ASPNETCORE_ENVIRONMENT": "Development"
46+
},
47+
"sourceFileMap": {
48+
"/Views": "${workspaceFolder}/Views"
49+
}
50+
},
2951
{
3052
"name": ".NET Core Attach",
3153
"type": "coreclr",

‎server/AuthWebApplication/AuthWebApplication/AuthWebApplication.csproj

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,7 @@
2020
<PackageReference Include="Microsoft.IdentityModel.Tokens" Version="6.8.0" />
2121
<PackageReference Include="Microsoft.VisualStudio.Azure.Containers.Tools.Targets" Version="1.10.8" />
2222
<PackageReference Include="Microsoft.VisualStudio.Web.CodeGeneration.Design" Version="3.1.4" />
23+
<PackageReference Include="StackExchange.Redis" Version="2.1.58" />
2324
<PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="6.8.0" />
2425
</ItemGroup>
2526

Lines changed: 29 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,29 @@
1+
using System;
2+
using System.Collections.Generic;
3+
using System.Linq;
4+
using System.Threading.Tasks;
5+
using AuthWebApplication.Services;
6+
using Microsoft.AspNetCore.Http;
7+
using Microsoft.AspNetCore.Mvc;
8+
9+
namespace AuthWebApplication.Controllers
10+
{
11+
[Route("api/[controller]")]
12+
[ApiController]
13+
public class AuthorizeTokenController : ControllerBase
14+
{
15+
private RedisService redisService;
16+
17+
public AuthorizeTokenController(RedisService redisService)
18+
{
19+
this.redisService = redisService;
20+
}
21+
22+
public async Task<IActionResult> Get(string jti)
23+
{
24+
var s = await redisService.Get(jti);
25+
var inValid = string.IsNullOrWhiteSpace(s);
26+
return inValid ? (IActionResult) Unauthorized(jti) : Ok();
27+
}
28+
}
29+
}

‎server/AuthWebApplication/AuthWebApplication/Controllers/TokenController.cs

Lines changed: 19 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,10 +1,12 @@
11
using System;
22
using System.Collections.Generic;
3+
using System.IdentityModel.Tokens.Jwt;
34
using System.Linq;
45
using System.Security.Claims;
56
using System.Threading.Tasks;
67
using AuthWebApplication.Models;
78
using AuthWebApplication.Models.Db;
9+
using AuthWebApplication.Services;
810
using AuthWebApplication.Utilities;
911
using Microsoft.AspNetCore.Authorization;
1012
using Microsoft.AspNetCore.Http;
@@ -26,15 +28,17 @@ public class TokenController : ControllerBase
2628
private readonly JwtIssuerOptions jwtOptions;
2729
private readonly SecurityDbContext securityDb;
2830
private readonly ILogger<TokenController> logger;
31+
private readonly RedisService redisService;
2932

3033
public TokenController(ILogger<TokenController> logger, UserManager<ApplicationUser> userManager, IJwtFactory jwtFactory,
31-
IOptions<JwtIssuerOptions> jwtOptions, SecurityDbContext securityDb)
34+
IOptions<JwtIssuerOptions> jwtOptions, SecurityDbContext securityDb,RedisServiceredisService)
3235
{
3336
this.logger = logger;
3437
this.userManager = userManager;
3538
this.jwtFactory = jwtFactory;
3639
this.jwtOptions = jwtOptions.Value;
3740
this.securityDb = securityDb;
41+
this.redisService = redisService;
3842
}
3943

4044
[AllowAnonymous]
@@ -54,8 +58,8 @@ public async Task<ActionResult> Post([FromBody] LoginViewModel loginViewModel)
5458
}
5559

5660
Claim claim = identity.Claims.First(x => x.Type == Constants.Strings.JwtClaimIdentifiers.Id);
57-
var id = claim.Value.ToString();
58-
ApplicationUser user = securityDb.Users.First(x => x.Id == id);
61+
var userId = claim.Value.ToString();
62+
ApplicationUser user = securityDb.Users.First(x => x.Id == userId);
5963

6064
if (user == null)
6165
{
@@ -69,7 +73,7 @@ public async Task<ActionResult> Post([FromBody] LoginViewModel loginViewModel)
6973
return BadRequest("User is Deactivated");
7074
}
7175

72-
76+
7377
//var roles = await securityDb.ApplicationUserRoles.Include(x => x.Role).Where(x => x.UserId == user.Id).Select(x => (dynamic) new { x.Role.Id, x.Role.Name }).ToListAsync();
7478

7579
var jwt = await Tokens.GenerateJwt(
@@ -81,12 +85,21 @@ public async Task<ActionResult> Post([FromBody] LoginViewModel loginViewModel)
8185
new JsonSerializerSettings { Formatting = Formatting.None },
8286
securityDb);
8387

84-
IdentityUserToken<string> token = new IdentityUserToken<string>
88+
var jtiClaim = identity.Claims.First(x => x.Type == JwtRegisteredClaimNames.Jti);
89+
90+
var token = new ApplicationUserToken()
8591
{
86-
UserId = user.Id, Name = "Token", LoginProvider = "Self", Value = jwt.ToString()
92+
UserId = user.Id,
93+
Name = jtiClaim.Value,
94+
LoginProvider = "Self",
95+
Value = true.ToString()
8796
};
97+
8898
await securityDb.UserTokens.AddAsync(token);
8999
await securityDb.SaveChangesAsync();
100+
101+
await redisService.Set(token.Name, user.Id);
102+
90103
return Ok(jwt);
91104
}
92105

0 commit comments

Comments
(0)

AltStyle によって変換されたページ (->オリジナル) /