botris.social/femto-backend
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

deleting password

Browse source
This commit is contained in:
john 2025-07-19 14:10:01 +02:00
parent 36d8cc9a4d
commit 2519fc77d2
15 changed files with 237 additions and 47 deletions
Download patch file Download diff file Expand all files Collapse all files

39
Femto.Modules.Auth/Application/AuthService.cs
View file

@ -11,7 +11,7 @@ namespace Femto.Modules.Auth.Application;
internal class AuthService(
AuthContext context,
SessionStorage storage,
SessionStorage sessionStorage,
IDbConnectionFactory connectionFactory
) : IAuthService
{
@ -33,7 +33,7 @@ internal class AuthService(
var session = new Session(user.Id, true);
await storage.AddSession(session);
await sessionStorage.AddSession(session);
return new(
new UserInfo(user.Id, user.Username, user.Roles.Select(r => r.Role).ToList()),
@ -53,7 +53,7 @@ internal class AuthService(
{
var session = new Session(userId, true);
await storage.AddSession(session);
await sessionStorage.AddSession(session);
return session;
}
@ -62,19 +62,19 @@ internal class AuthService(
{
var session = new Session(userId, false);
await storage.AddSession(session);
await sessionStorage.AddSession(session);
return session;
}
public Task<Session?> GetSession(string sessionId)
{
return storage.GetSession(sessionId);
return sessionStorage.GetSession(sessionId);
}
public async Task DeleteSession(string sessionId)
{
await storage.DeleteSession(sessionId);
await sessionStorage.DeleteSession(sessionId);
}
public async Task<UserAndSession> CreateUserWithCredentials(
@ -113,7 +113,7 @@ internal class AuthService(
var session = new Session(user.Id, true);
await storage.AddSession(session);
await sessionStorage.AddSession(session);
await context.SaveChangesAsync(cancellationToken);
@ -189,7 +189,7 @@ internal class AuthService(
if (token is null)
return (null, null);
if (!token.Validate(rememberMeToken.Verifier))
if (!token.CheckVerifier(rememberMeToken.Verifier))
return (null, null);
var user = await context.Users.SingleOrDefaultAsync(u => u.Id == token.UserId);
@ -218,13 +218,34 @@ internal class AuthService(
if (session is null)
return;
if (!session.Validate(rememberMeToken.Verifier))
if (!session.CheckVerifier(rememberMeToken.Verifier))
return;
context.Remove(session);
await context.SaveChangesAsync();
}
public async Task ChangePassword(Guid userId, string password, CancellationToken cancellationToken)
{
// change the password
// invalidate long term sessions
// invalidate sessions
var user = await context.Users.SingleOrDefaultAsync(u => u.Id == userId,cancellationToken);
if (user is null)
throw new DomainError("invalid user");
user.SetPassword(password);
await context.SaveChangesAsync(cancellationToken);
}
public async Task InvalidateUserSessions(Guid userId, CancellationToken cancellationToken)
{
await sessionStorage.InvalidateUserSessions(userId);
}
private class GetSignupCodesQueryResultRow
{
public string Code { get; set; }