| | | 1 | | using Syki.Back.Auth.Schemes; |
| | | 2 | | using System.Security.Claims; |
| | | 3 | | using System.Text.RegularExpressions; |
| | | 4 | | using Microsoft.AspNetCore.Authentication; |
| | | 5 | | using Microsoft.AspNetCore.Mvc.Controllers; |
| | | 6 | | |
| | | 7 | | namespace Syki.Back.Extensions; |
| | | 8 | | |
| | | 9 | | public static partial class HttpExtensions |
| | | 10 | | { |
| | | 11 | | extension(HttpResponse response) |
| | | 12 | | { |
| | | 13 | | public void AppendSykiJwtCookie(string token, AuthSettings settings) |
| | | 14 | | { |
| | 0 | 15 | | response.Cookies.Append( |
| | 0 | 16 | | "syki_jwt", |
| | 0 | 17 | | token, |
| | 0 | 18 | | new CookieOptions |
| | 0 | 19 | | { |
| | 0 | 20 | | HttpOnly = true, |
| | 0 | 21 | | SameSite = SameSiteMode.Lax, |
| | 0 | 22 | | Secure = settings.CookieSecure, |
| | 0 | 23 | | Domain = settings.CookieDomain |
| | 0 | 24 | | } |
| | 0 | 25 | | ); |
| | 0 | 26 | | } |
| | | 27 | | |
| | | 28 | | public void AppendJWTCookie(string token, AuthSettings settings) |
| | | 29 | | { |
| | 252 | 30 | | response.Cookies.Append( |
| | 252 | 31 | | JwtBearerScheme.Cookie, |
| | 252 | 32 | | token, |
| | 252 | 33 | | new CookieOptions |
| | 252 | 34 | | { |
| | 252 | 35 | | Path = "/", |
| | 252 | 36 | | HttpOnly = true, |
| | 252 | 37 | | Secure = settings.CookieSecure, |
| | 252 | 38 | | SameSite = settings.CookieSameSite, |
| | 252 | 39 | | } |
| | 252 | 40 | | ); |
| | 252 | 41 | | } |
| | | 42 | | |
| | | 43 | | public void DeleteJWTCookie(AuthSettings settings) |
| | | 44 | | { |
| | 24 | 45 | | response.Cookies.Delete( |
| | 24 | 46 | | JwtBearerScheme.Cookie, |
| | 24 | 47 | | new CookieOptions |
| | 24 | 48 | | { |
| | 24 | 49 | | Path = "/", |
| | 24 | 50 | | HttpOnly = true, |
| | 24 | 51 | | SameSite = settings.CookieSameSite, |
| | 24 | 52 | | Secure = settings.CookieSecure, |
| | 24 | 53 | | } |
| | 24 | 54 | | ); |
| | 24 | 55 | | } |
| | | 56 | | } |
| | | 57 | | |
| | | 58 | | [GeneratedRegex(@"[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}", RegexOptions.IgnoreCase)] |
| | | 59 | | private static partial Regex GuidPattern(); |
| | | 60 | | |
| | 0 | 61 | | private static string NormalizePath(string path) => GuidPattern().Replace(path, "{id}"); |
| | | 62 | | |
| | | 63 | | extension(HttpContext context) |
| | | 64 | | { |
| | | 65 | | public string GetTargetControllerName() |
| | | 66 | | { |
| | 1046 | 67 | | var endpoint = context.GetEndpoint(); |
| | 1046 | 68 | | if (endpoint == null) return NormalizePath(context.Request.Path.ToString()); |
| | | 69 | | |
| | 1046 | 70 | | var action = endpoint.Metadata.GetMetadata<ControllerActionDescriptor>(); |
| | 2092 | 71 | | if (action != null) return $"{action.ControllerName}Controller"; |
| | | 72 | | |
| | 0 | 73 | | if (endpoint is RouteEndpoint routeEndpoint) |
| | 0 | 74 | | return routeEndpoint.RoutePattern.RawText ?? endpoint.DisplayName ?? NormalizePath(context.Request.Path. |
| | | 75 | | |
| | 0 | 76 | | return endpoint.DisplayName ?? NormalizePath(context.Request.Path.ToString()); |
| | | 77 | | } |
| | | 78 | | |
| | | 79 | | public async Task SignInTwoFactorUserIdSchemeAsync(int userId) |
| | | 80 | | { |
| | | 81 | | // Store user ID in Identity cookie for 2FA verification step |
| | 20 | 82 | | var identity = new ClaimsIdentity(IdentityConstants.TwoFactorUserIdScheme); |
| | 20 | 83 | | identity.AddClaim(new Claim(ClaimTypes.Name, userId.ToString())); |
| | 20 | 84 | | await context!.SignInAsync(IdentityConstants.TwoFactorUserIdScheme, new ClaimsPrincipal(identity)); |
| | 20 | 85 | | } |
| | | 86 | | } |
| | | 87 | | } |