33 lines
1.2 KiB
C#
33 lines
1.2 KiB
C#
using static System.Security.Cryptography.RandomNumberGenerator;
|
|
|
|
namespace Femto.Modules.Auth.Models;
|
|
|
|
internal class Session
|
|
{
|
|
private static TimeSpan SessionTimeout { get; } = TimeSpan.FromMinutes(30);
|
|
private static TimeSpan ExpiryBuffer { get; } = TimeSpan.FromMinutes(5);
|
|
public string Id { get; private set; }
|
|
public Guid UserId { get; private set; }
|
|
public DateTimeOffset Expires { get; private set; }
|
|
public bool ExpiresSoon => Expires < DateTimeOffset.UtcNow + ExpiryBuffer;
|
|
|
|
// true if this session was created with remember me token
|
|
// otherwise false
|
|
// required to be true to do things like change password etc.
|
|
public bool IsStronglyAuthenticated { get; private set; }
|
|
public bool ShouldRefresh => this.Expires < DateTimeOffset.UtcNow + ExpiryBuffer;
|
|
|
|
private Session() { }
|
|
|
|
public static Session Strong(Guid userId) => new(userId, true);
|
|
|
|
public static Session Weak(Guid userId) => new(userId, false);
|
|
|
|
private Session(Guid userId, bool isStrong)
|
|
{
|
|
this.Id = Convert.ToBase64String(GetBytes(32));
|
|
this.UserId = userId;
|
|
this.Expires = DateTimeOffset.UtcNow + SessionTimeout;
|
|
this.IsStronglyAuthenticated = isStrong;
|
|
}
|
|
}
|