botris.social/femto-backend
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

add username and userid cookies

Browse source
This commit is contained in:
john 2025-05-20 09:20:50 +02:00
parent 0d34774059
commit a6fef1929c
3 changed files with 29 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

11
Femto.Api/Auth/SessionAuthenticationHandler.cs
View file

@ -38,15 +38,18 @@ internal class SessionAuthenticationHandler(
}; };
claims.AddRange( claims.AddRange(
result.User.Roles result.User.Roles.Select(role => new Claim(ClaimTypes.Role, role.ToString()))
.Select(role => new Claim(ClaimTypes.Role, role.ToString()))
); );
var identity = new ClaimsIdentity(claims, this.Scheme.Name); var identity = new ClaimsIdentity(claims, this.Scheme.Name);
var principal = new ClaimsPrincipal(identity); var principal = new ClaimsPrincipal(identity);
this.Context.SetSession(result.Session, cookieOptions.Value); this.Context.SetSession(result.Session, result.User, cookieOptions.Value);
currentUserContext.CurrentUser = new CurrentUser(result.User.Id, result.User.Username, result.Session.SessionId); currentUserContext.CurrentUser = new CurrentUser(
result.User.Id,
result.User.Username,
result.Session.SessionId
);
return AuthenticateResult.Success( return AuthenticateResult.Success(
new AuthenticationTicket(principal, this.Scheme.Name) new AuthenticationTicket(principal, this.Scheme.Name)

4
Femto.Api/Controllers/Auth/AuthController.cs
View file

@ -28,7 +28,7 @@ public class AuthController(
{ {
var result = await authModule.Command(new LoginCommand(request.Username, request.Password)); var result = await authModule.Command(new LoginCommand(request.Username, request.Password));
HttpContext.SetSession(result.Session, cookieSettings.Value); HttpContext.SetSession(result.Session, result.User, cookieSettings.Value);
return new LoginResponse( return new LoginResponse(
result.User.Id, result.User.Id,
@ -44,7 +44,7 @@ public class AuthController(
new RegisterCommand(request.Username, request.Password, request.SignupCode) new RegisterCommand(request.Username, request.Password, request.SignupCode)
); );
HttpContext.SetSession(result.Session, cookieSettings.Value); HttpContext.SetSession(result.Session, result.User, cookieSettings.Value);
return new RegisterResponse( return new RegisterResponse(
result.User.Id, result.User.Id,

23
Femto.Api/Sessions/HttpContextSessionExtensions.cs
View file

@ -8,24 +8,41 @@ internal static class HttpContextSessionExtensions
public static void SetSession( public static void SetSession(
this HttpContext httpContext, this HttpContext httpContext,
Session session, Session session,
UserInfo user,
CookieSettings cookieSettings CookieSettings cookieSettings
) )
{ {
var secure = cookieSettings.Secure;
var sameSite = cookieSettings.SameSite ? SameSiteMode.Strict : SameSiteMode.Unspecified;
var expires = session.Expires;
httpContext.Response.Cookies.Append( httpContext.Response.Cookies.Append(
"session", "session",
session.SessionId, session.SessionId,
new CookieOptions new CookieOptions
{ {
HttpOnly = true, HttpOnly = true,
Secure = secure,
SameSite = sameSite,
Expires = expires,
}
);
httpContext.Response.Cookies.Append(
"uid",
user.Id.ToString(),
new CookieOptions
{
Secure = cookieSettings.Secure, Secure = cookieSettings.Secure,
SameSite = cookieSettings.SameSite ? SameSiteMode.Strict : SameSiteMode.Unspecified, SameSite = cookieSettings.SameSite ? SameSiteMode.Strict : SameSiteMode.Unspecified,
Expires = session.Expires, Expires = session.Expires,
} }
); );
httpContext.Response.Cookies.Append( httpContext.Response.Cookies.Append(
"hasSession", "uname",
"true", user.Username,
new CookieOptions new CookieOptions
{ {
Secure = cookieSettings.Secure, Secure = cookieSettings.Secure,