comments galore
This commit is contained in:
@@ -21,14 +21,16 @@ public class JwtService {
|
||||
userManager_ = userManager;
|
||||
}
|
||||
|
||||
// create a jwt string given a user (user contains permissions which go into claims)
|
||||
public async Task<string?> GenerateJwt(User user) {
|
||||
|
||||
// security stuff
|
||||
string? jwtKey = config_["Jwt:Key"];
|
||||
if(jwtKey == null) return null;
|
||||
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtKey));
|
||||
|
||||
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
|
||||
|
||||
// make sure the user is real
|
||||
if(user.UserName == null) return null;
|
||||
|
||||
// not too sure
|
||||
@@ -37,13 +39,15 @@ public class JwtService {
|
||||
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString())
|
||||
};
|
||||
|
||||
// add each permission that the user has into the claims
|
||||
List<string>? permissions = user.Permissions;
|
||||
if(permissions != null) {
|
||||
foreach(var perm in permissions) {
|
||||
foreach(string perm in permissions) {
|
||||
claims.Add(new Claim("permission", perm));
|
||||
}
|
||||
}
|
||||
|
||||
// construct that token
|
||||
var token = new JwtSecurityToken(
|
||||
issuer: "agologum",
|
||||
audience: "agologum",
|
||||
@@ -56,6 +60,7 @@ public class JwtService {
|
||||
|
||||
}
|
||||
|
||||
// generating a refresh token is just like a long random password
|
||||
public string GenerateRefreshToken() {
|
||||
|
||||
byte[] randomBytes = new byte[64];
|
||||
@@ -64,10 +69,12 @@ public class JwtService {
|
||||
|
||||
}
|
||||
|
||||
// we store refresh tokens on our side to check against when a user requests a refresh
|
||||
public async Task<RefreshToken?> GetRefreshToken(string refreshTokenString) {
|
||||
return await db_.RefreshTokens.FirstOrDefaultAsync(u => u.Token == refreshTokenString);
|
||||
}
|
||||
|
||||
// add a refresh token to the token db store
|
||||
public async Task<RefreshToken> AddRefreshToken(RefreshToken refreshToken) {
|
||||
db_.RefreshTokens.Add(refreshToken);
|
||||
await db_.SaveChangesAsync();
|
||||
@@ -77,8 +84,9 @@ public class JwtService {
|
||||
// helper to get the User from the id that exists in a refresh token object
|
||||
public async Task<User?> GetUser(string id) {
|
||||
return await db_.Users.FindAsync(id);
|
||||
}
|
||||
} // since other places aren't good for having references to db contexts
|
||||
|
||||
// remove refresh token from our store; called when user logs out
|
||||
public async Task<bool> RevokeRefreshToken(string refreshTokenString) {
|
||||
var refreshToken = await db_.RefreshTokens.FirstOrDefaultAsync(u => u.Token == refreshTokenString);
|
||||
if(refreshToken == null) return false;
|
||||
|
||||
Reference in New Issue
Block a user