do sessions in memory and also fix glaring security hole
This commit is contained in:
parent
7b6c155a73
commit
f48b421500
31 changed files with 441 additions and 440 deletions
20
Femto.Modules.Auth/Application/Services/AuthModule.cs
Normal file
20
Femto.Modules.Auth/Application/Services/AuthModule.cs
Normal file
|
|
@ -0,0 +1,20 @@
|
|||
using Femto.Common.Domain;
|
||||
using MediatR;
|
||||
|
||||
namespace Femto.Modules.Auth.Application.Services;
|
||||
|
||||
internal class AuthModule(IMediator mediator) : IAuthModule
|
||||
{
|
||||
public async Task Command(ICommand command, CancellationToken cancellationToken = default) =>
|
||||
await mediator.Send(command, cancellationToken);
|
||||
|
||||
public async Task<TResponse> Command<TResponse>(
|
||||
ICommand<TResponse> command,
|
||||
CancellationToken cancellationToken = default
|
||||
) => await mediator.Send(command, cancellationToken);
|
||||
|
||||
public async Task<TResponse> Query<TResponse>(
|
||||
IQuery<TResponse> query,
|
||||
CancellationToken cancellationToken = default
|
||||
) => await mediator.Send(query, cancellationToken);
|
||||
}
|
||||
79
Femto.Modules.Auth/Application/Services/AuthService.cs
Normal file
79
Femto.Modules.Auth/Application/Services/AuthService.cs
Normal file
|
|
@ -0,0 +1,79 @@
|
|||
using Femto.Common.Domain;
|
||||
using Femto.Modules.Auth.Application.Dto;
|
||||
using Femto.Modules.Auth.Data;
|
||||
using Femto.Modules.Auth.Infrastructure;
|
||||
using Femto.Modules.Auth.Models;
|
||||
using Microsoft.EntityFrameworkCore;
|
||||
|
||||
namespace Femto.Modules.Auth.Application.Services;
|
||||
|
||||
internal class AuthService(AuthContext context, SessionStorage storage) : IAuthService
|
||||
{
|
||||
public async Task<UserInfo?> GetUserWithCredentials(
|
||||
string username,
|
||||
string password,
|
||||
CancellationToken cancellationToken = default
|
||||
)
|
||||
{
|
||||
return await context
|
||||
.Users.Where(u => u.Username == username)
|
||||
.Select(u => new UserInfo(u.Id, u.Username, u.Roles.Select(r => r.Role).ToList()))
|
||||
.SingleOrDefaultAsync(cancellationToken);
|
||||
}
|
||||
|
||||
public Task<UserInfo?> GetUserWithId(Guid? userId, CancellationToken cancellationToken)
|
||||
{
|
||||
return context
|
||||
.Users.Where(u => u.Id == userId)
|
||||
.Select(u => new UserInfo(u.Id, u.Username, u.Roles.Select(r => r.Role).ToList()))
|
||||
.SingleOrDefaultAsync(cancellationToken);
|
||||
}
|
||||
|
||||
public async Task<Session> CreateStrongSession(Guid userId)
|
||||
{
|
||||
var session = new Session(userId, true);
|
||||
|
||||
await storage.AddSession(session);
|
||||
|
||||
return session;
|
||||
}
|
||||
|
||||
public async Task<Session> CreateWeakSession(Guid userId)
|
||||
{
|
||||
var session = new Session(userId, false);
|
||||
|
||||
await storage.AddSession(session);
|
||||
|
||||
return session;
|
||||
}
|
||||
|
||||
public Task<Session?> GetSession(string sessionId)
|
||||
{
|
||||
return storage.GetSession(sessionId);
|
||||
}
|
||||
|
||||
public async Task DeleteSession(string sessionId)
|
||||
{
|
||||
await storage.DeleteSession(sessionId);
|
||||
}
|
||||
|
||||
public async Task<LongTermSession> CreateLongTermSession(Guid userId, bool isStrong)
|
||||
{
|
||||
throw new NotImplementedException();
|
||||
}
|
||||
|
||||
public async Task<LongTermSession> DeleteLongTermSession(string sessionId)
|
||||
{
|
||||
throw new NotImplementedException();
|
||||
}
|
||||
|
||||
public async Task<LongTermSession> RefreshLongTermSession(string sessionId)
|
||||
{
|
||||
throw new NotImplementedException();
|
||||
}
|
||||
|
||||
public async Task<ValidateSessionResult> ValidateLongTermSession(string sessionId)
|
||||
{
|
||||
throw new NotImplementedException();
|
||||
}
|
||||
}
|
||||
10
Femto.Modules.Auth/Application/Services/IAuthModule.cs
Normal file
10
Femto.Modules.Auth/Application/Services/IAuthModule.cs
Normal file
|
|
@ -0,0 +1,10 @@
|
|||
using Femto.Common.Domain;
|
||||
|
||||
namespace Femto.Modules.Auth.Application.Services;
|
||||
|
||||
public interface IAuthModule
|
||||
{
|
||||
Task Command(ICommand command, CancellationToken cancellationToken = default);
|
||||
Task<TResponse> Command<TResponse>(ICommand<TResponse> command, CancellationToken cancellationToken = default);
|
||||
Task<TResponse> Query<TResponse>(IQuery<TResponse> query, CancellationToken cancellationToken = default);
|
||||
}
|
||||
14
Femto.Modules.Auth/Application/Services/IAuthService.cs
Normal file
14
Femto.Modules.Auth/Application/Services/IAuthService.cs
Normal file
|
|
@ -0,0 +1,14 @@
|
|||
using Femto.Modules.Auth.Application.Dto;
|
||||
using Femto.Modules.Auth.Models;
|
||||
|
||||
namespace Femto.Modules.Auth.Application.Services;
|
||||
|
||||
public interface IAuthService
|
||||
{
|
||||
public Task<UserInfo?> GetUserWithCredentials(string username, string password, CancellationToken cancellationToken = default);
|
||||
public Task<UserInfo?> GetUserWithId(Guid? userId, CancellationToken cancellationToken = default);
|
||||
public Task<Session> CreateStrongSession(Guid userId);
|
||||
public Task<Session> CreateWeakSession(Guid userId);
|
||||
public Task<Session?> GetSession(string sessionId);
|
||||
public Task DeleteSession(string sessionId);
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue