| | | 1 | | using Syki.Back.Auth.Schemes; |
| | | 2 | | using System.Security.Claims; |
| | | 3 | | using System.Text.RegularExpressions; |
| | | 4 | | using Microsoft.AspNetCore.Authentication; |
| | | 5 | | using Microsoft.AspNetCore.Mvc.Controllers; |
| | | 6 | | |
| | | 7 | | namespace Syki.Back.Extensions; |
| | | 8 | | |
| | | 9 | | public static partial class HttpExtensions |
| | | 10 | | { |
| | | 11 | | extension(HttpResponse response) |
| | | 12 | | { |
| | | 13 | | public void AppendJWTCookie(string token, AuthSettings settings) |
| | | 14 | | { |
| | 282 | 15 | | response.Cookies.Append( |
| | 282 | 16 | | JwtBearerScheme.Cookie, |
| | 282 | 17 | | token, |
| | 282 | 18 | | new CookieOptions |
| | 282 | 19 | | { |
| | 282 | 20 | | Path = "/", |
| | 282 | 21 | | HttpOnly = true, |
| | 282 | 22 | | Secure = settings.CookieSecure, |
| | 282 | 23 | | SameSite = settings.CookieSameSite, |
| | 282 | 24 | | } |
| | 282 | 25 | | ); |
| | 282 | 26 | | } |
| | | 27 | | |
| | | 28 | | public void DeleteJWTCookie(AuthSettings settings) |
| | | 29 | | { |
| | 24 | 30 | | response.Cookies.Delete( |
| | 24 | 31 | | JwtBearerScheme.Cookie, |
| | 24 | 32 | | new CookieOptions |
| | 24 | 33 | | { |
| | 24 | 34 | | Path = "/", |
| | 24 | 35 | | HttpOnly = true, |
| | 24 | 36 | | SameSite = settings.CookieSameSite, |
| | 24 | 37 | | Secure = settings.CookieSecure, |
| | 24 | 38 | | } |
| | 24 | 39 | | ); |
| | 24 | 40 | | } |
| | | 41 | | } |
| | | 42 | | |
| | | 43 | | [GeneratedRegex(@"[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}", RegexOptions.IgnoreCase)] |
| | | 44 | | private static partial Regex GuidPattern(); |
| | | 45 | | |
| | 0 | 46 | | private static string NormalizePath(string path) => GuidPattern().Replace(path, "{id}"); |
| | | 47 | | |
| | | 48 | | extension(HttpContext context) |
| | | 49 | | { |
| | | 50 | | public string GetTargetControllerName() |
| | | 51 | | { |
| | 1360 | 52 | | var endpoint = context.GetEndpoint(); |
| | 1360 | 53 | | if (endpoint == null) return NormalizePath(context.Request.Path.ToString()); |
| | | 54 | | |
| | 1360 | 55 | | var action = endpoint.Metadata.GetMetadata<ControllerActionDescriptor>(); |
| | 2718 | 56 | | if (action != null) return $"{action.ControllerName}Controller"; |
| | | 57 | | |
| | 2 | 58 | | if (endpoint is RouteEndpoint routeEndpoint) |
| | 2 | 59 | | return routeEndpoint.RoutePattern.RawText ?? endpoint.DisplayName ?? NormalizePath(context.Request.Path. |
| | | 60 | | |
| | 0 | 61 | | return endpoint.DisplayName ?? NormalizePath(context.Request.Path.ToString()); |
| | | 62 | | } |
| | | 63 | | |
| | | 64 | | public string GetIpAddress() |
| | | 65 | | { |
| | 0 | 66 | | return context.Connection.RemoteIpAddress?.ToString() ?? "-"; |
| | | 67 | | } |
| | | 68 | | |
| | | 69 | | public string GetUserAgent() |
| | | 70 | | { |
| | 0 | 71 | | return context.Request.Headers.UserAgent.FirstOrDefault() ?? "-"; |
| | | 72 | | } |
| | | 73 | | |
| | | 74 | | public async Task SignInTwoFactorUserIdSchemeAsync(int userId) |
| | | 75 | | { |
| | | 76 | | // Store user ID in Identity cookie for 2FA verification step |
| | 20 | 77 | | var identity = new ClaimsIdentity(IdentityConstants.TwoFactorUserIdScheme); |
| | 20 | 78 | | identity.AddClaim(new Claim(ClaimTypes.Name, userId.ToString())); |
| | 20 | 79 | | await context!.SignInAsync(IdentityConstants.TwoFactorUserIdScheme, new ClaimsPrincipal(identity)); |
| | 20 | 80 | | } |
| | | 81 | | } |
| | | 82 | | } |