Added configuration wrappers, authentication options and authentication documentation

2024-12-21 14:04:49 +01:00
parent dce0471105
commit 88c8fe612d
15 changed files with 134 additions and 34 deletions
--- a/src/HopFrame.Api/Extensions/ServiceCollectionExtensions.cs
+++ b/src/HopFrame.Api/Extensions/ServiceCollectionExtensions.cs
@@ -4,6 +4,7 @@ using HopFrame.Api.Logic.Implementation;
 using HopFrame.Database;
 using HopFrame.Security.Authentication;
 using Microsoft.AspNetCore.Http;
+using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.DependencyInjection.Extensions;

@@ -15,23 +16,25 @@ public static class ServiceCollectionExtensions {
    /// Adds all HopFrame endpoints and services to the application
    /// </summary>
    /// <param name="services">The service provider to add the services to</param>
+    /// <param name="configuration">The configuration used to configure HopFrame authentication</param>
    /// <typeparam name="TDbContext">The data source for all HopFrame entities</typeparam>
-    public static void AddHopFrame<TDbContext>(this IServiceCollection services) where TDbContext : HopDbContextBase {
+    public static void AddHopFrame<TDbContext>(this IServiceCollection services, ConfigurationManager configuration) where TDbContext : HopDbContextBase {
        services.AddMvcCore().UseSpecificControllers(typeof(SecurityController));
-        AddHopFrameNoEndpoints<TDbContext>(services);
+        AddHopFrameNoEndpoints<TDbContext>(services, configuration);
    }
    
    /// <summary>
    /// Adds all HopFrame services to the application
    /// </summary>
    /// <param name="services">The service provider to add the services to</param>
+    /// <param name="configuration">The configuration used to configure HopFrame authentication</param>
    /// <typeparam name="TDbContext">The data source for all HopFrame entities</typeparam>
-    public static void AddHopFrameNoEndpoints<TDbContext>(this IServiceCollection services) where TDbContext : HopDbContextBase {
+    public static void AddHopFrameNoEndpoints<TDbContext>(this IServiceCollection services, ConfigurationManager configuration) where TDbContext : HopDbContextBase {
        services.AddHopFrameRepositories<TDbContext>();
        services.TryAddSingleton<IHttpContextAccessor, HttpContextAccessor>();
        services.AddScoped<IAuthLogic, AuthLogic>();
        
-        services.AddHopFrameAuthentication();
+        services.AddHopFrameAuthentication(configuration);
    }
    
 }
--- a/src/HopFrame.Api/Logic/Implementation/AuthLogic.cs
+++ b/src/HopFrame.Api/Logic/Implementation/AuthLogic.cs
@@ -5,10 +5,11 @@ using HopFrame.Security.Authentication;
 using HopFrame.Security.Claims;
 using HopFrame.Security.Models;
 using Microsoft.AspNetCore.Http;
+using Microsoft.Extensions.Options;

 namespace HopFrame.Api.Logic.Implementation;

-internal class AuthLogic(IUserRepository users, ITokenRepository tokens, ITokenContext tokenContext, IHttpContextAccessor accessor) : IAuthLogic {
+internal class AuthLogic(IUserRepository users, ITokenRepository tokens, ITokenContext tokenContext, IHttpContextAccessor accessor, IOptions<HopFrameAuthenticationOptions> options) : IAuthLogic {
    
    public async Task<LogicResult<SingleValueResult<string>>> Login(UserLogin login) {
        var user = await users.GetUserByEmail(login.Email);
@@ -23,12 +24,12 @@ internal class AuthLogic(IUserRepository users, ITokenRepository tokens, ITokenC
        var accessToken = await tokens.CreateToken(Token.AccessTokenType, user);
        
        accessor.HttpContext?.Response.Cookies.Append(ITokenContext.RefreshTokenType, refreshToken.Content.ToString(), new CookieOptions {
-            MaxAge = HopFrameAuthentication.RefreshTokenTime,
+            MaxAge = options.Value.RefreshTokenTime,
            HttpOnly = true,
            Secure = true
        });
        accessor.HttpContext?.Response.Cookies.Append(ITokenContext.AccessTokenType, accessToken.Content.ToString(), new CookieOptions {
-            MaxAge = HopFrameAuthentication.AccessTokenTime,
+            MaxAge = options.Value.AccessTokenTime,
            HttpOnly = true,
            Secure = true
        });
@@ -54,12 +55,12 @@ internal class AuthLogic(IUserRepository users, ITokenRepository tokens, ITokenC
        var accessToken = await tokens.CreateToken(Token.AccessTokenType, user);
        
        accessor.HttpContext?.Response.Cookies.Append(ITokenContext.RefreshTokenType, refreshToken.Content.ToString(), new CookieOptions {
-            MaxAge = HopFrameAuthentication.RefreshTokenTime,
+            MaxAge = options.Value.RefreshTokenTime,
            HttpOnly = true,
            Secure = true
        });
        accessor.HttpContext?.Response.Cookies.Append(ITokenContext.AccessTokenType, accessToken.Content.ToString(), new CookieOptions {
-            MaxAge = HopFrameAuthentication.AccessTokenTime,
+            MaxAge = options.Value.AccessTokenTime,
            HttpOnly = false,
            Secure = true
        });
@@ -81,13 +82,13 @@ internal class AuthLogic(IUserRepository users, ITokenRepository tokens, ITokenC
        if (token.Type != Token.RefreshTokenType)
            return LogicResult<SingleValueResult<string>>.Conflict("The provided token is not a refresh token");

-        if (token.CreatedAt + HopFrameAuthentication.RefreshTokenTime < DateTime.Now)
+        if (token.CreatedAt + options.Value.RefreshTokenTime < DateTime.Now)
            return LogicResult<SingleValueResult<string>>.Forbidden("Refresh token is expired");

        var accessToken = await tokens.CreateToken(Token.AccessTokenType, token.Owner);
        
        accessor.HttpContext?.Response.Cookies.Append(ITokenContext.AccessTokenType, accessToken.Content.ToString(), new CookieOptions {
-            MaxAge = HopFrameAuthentication.AccessTokenTime,
+            MaxAge = options.Value.AccessTokenTime,
            HttpOnly = false,
            Secure = true
        });