Added client side functionality and created register page

2024-07-14 16:42:32 +02:00
parent 01978d30ce
commit a164a3d282
41 changed files with 1024 additions and 30 deletions
--- a/HopFrame.Api/Controller/SecurityController.cs
+++ b/HopFrame.Api/Controller/SecurityController.cs
@@ -1,10 +1,7 @@
-using System.Globalization;
-using System.Text;
 using HopFrame.Api.Logic;
 using HopFrame.Api.Models;
 using HopFrame.Database;
 using HopFrame.Database.Models.Entries;
-using HopFrame.Security;
 using HopFrame.Security.Authentication;
 using HopFrame.Security.Authorization;
 using HopFrame.Security.Claims;
@@ -20,8 +17,6 @@ namespace HopFrame.Api.Controller;
 [Route("authentication")]
 public class SecurityController<TDbContext>(TDbContext context, IUserService users, ITokenContext tokenContext) : ControllerBase where TDbContext : HopDbContextBase {

-    private const string RefreshTokenType = "HopFrame.Security.RefreshToken";
-
    [HttpPut("login")]
    public async Task<ActionResult<SingleValueResult<string>>> Login([FromBody] UserLogin login) {
        var user = await users.GetUserByEmail(login.Email);
@@ -29,8 +24,7 @@ public class SecurityController<TDbContext>(TDbContext context, IUserService use
        if (user is null)
            return LogicResult<SingleValueResult<string>>.NotFound("The provided email address was not found");

-        var hashedPassword = EncryptionManager.Hash(login.Password, Encoding.Default.GetBytes(user.CreatedAt.ToString(CultureInfo.InvariantCulture)));
-        if (hashedPassword != await users.GetUserPassword(user))
+        if (await users.CheckUserPassword(user, login.Password))
            return LogicResult<SingleValueResult<string>>.Forbidden("The provided password is not correct");

        var refreshToken = new TokenEntry {
@@ -46,7 +40,7 @@ public class SecurityController<TDbContext>(TDbContext context, IUserService use
            UserId = user.Id.ToString()
        };
        
-        HttpContext.Response.Cookies.Append(RefreshTokenType, refreshToken.Token, new CookieOptions {
+        HttpContext.Response.Cookies.Append(ITokenContext.RefreshTokenType, refreshToken.Token, new CookieOptions {
            MaxAge = HopFrameAuthentication<TDbContext>.RefreshTokenTime,
            HttpOnly = true,
            Secure = true
@@ -82,21 +76,26 @@ public class SecurityController<TDbContext>(TDbContext context, IUserService use
            UserId = user.Id.ToString()
        };
        
-        HttpContext.Response.Cookies.Append(RefreshTokenType, refreshToken.Token, new CookieOptions {
+        await context.Tokens.AddRangeAsync(refreshToken, accessToken);
+        await context.SaveChangesAsync();
+        
+        HttpContext.Response.Cookies.Append(ITokenContext.RefreshTokenType, refreshToken.Token, new CookieOptions {
            MaxAge = HopFrameAuthentication<TDbContext>.RefreshTokenTime,
            HttpOnly = true,
            Secure = true
        });
-
-        await context.Tokens.AddRangeAsync(refreshToken, accessToken);
-        await context.SaveChangesAsync();
+        HttpContext.Response.Cookies.Append(ITokenContext.AccessTokenType, accessToken.Token, new CookieOptions {
+            MaxAge = HopFrameAuthentication<TDbContext>.AccessTokenTime,
+            HttpOnly = false,
+            Secure = true
+        });

        return LogicResult<SingleValueResult<string>>.Ok(accessToken.Token);
    }

    [HttpGet("authenticate")]
    public async Task<ActionResult<SingleValueResult<string>>> Authenticate() {
-        var refreshToken = HttpContext.Request.Cookies[RefreshTokenType];
+        var refreshToken = HttpContext.Request.Cookies[ITokenContext.RefreshTokenType];
        
        if (string.IsNullOrEmpty(refreshToken))
            return LogicResult<SingleValueResult<string>>.Conflict("Refresh token not provided");
@@ -119,13 +118,19 @@ public class SecurityController<TDbContext>(TDbContext context, IUserService use
        await context.Tokens.AddAsync(accessToken);
        await context.SaveChangesAsync();
        
+        HttpContext.Response.Cookies.Append(ITokenContext.AccessTokenType, accessToken.Token, new CookieOptions {
+            MaxAge = HopFrameAuthentication<TDbContext>.AccessTokenTime,
+            HttpOnly = false,
+            Secure = true
+        });
+        
        return LogicResult<SingleValueResult<string>>.Ok(accessToken.Token);
    }

    [HttpDelete("logout"), Authorized]
    public async Task<ActionResult> Logout() {
        var accessToken = HttpContext.User.GetAccessTokenId();
-        var refreshToken = HttpContext.Request.Cookies[RefreshTokenType];
+        var refreshToken = HttpContext.Request.Cookies[ITokenContext.RefreshTokenType];
        
        if (string.IsNullOrEmpty(accessToken) || string.IsNullOrEmpty(refreshToken))
            return LogicResult.Conflict("access or refresh token not provided");
@@ -142,7 +147,8 @@ public class SecurityController<TDbContext>(TDbContext context, IUserService use
        context.Tokens.Remove(tokenEntries[1]);
        await context.SaveChangesAsync();
        
-        HttpContext.Response.Cookies.Delete(RefreshTokenType);
+        HttpContext.Response.Cookies.Delete(ITokenContext.RefreshTokenType);
+        HttpContext.Response.Cookies.Delete(ITokenContext.AccessTokenType);
        
        return LogicResult.Ok();
    }
@@ -151,13 +157,12 @@ public class SecurityController<TDbContext>(TDbContext context, IUserService use
    public async Task<ActionResult> Delete([FromBody] UserPasswordValidation validation) {
        var user = tokenContext.User;
        
-        var password = EncryptionManager.Hash(validation.Password, Encoding.Default.GetBytes(user.CreatedAt.ToString(CultureInfo.InvariantCulture)));
-        if (await users.GetUserPassword(user) != password)
+        if (await users.CheckUserPassword(user, validation.Password))
            return LogicResult.Forbidden("The provided password is not correct");

        await users.DeleteUser(user);
        
-        HttpContext.Response.Cookies.Delete(RefreshTokenType);
+        HttpContext.Response.Cookies.Delete(ITokenContext.RefreshTokenType);

        return LogicResult.Ok();
    }
--- a/HopFrame.Api/Models/UserLogin.cs
+++ b/HopFrame.Api/Models/UserLogin.cs
@@ -1,6 +0,0 @@
-namespace HopFrame.Api.Models;
-
-public struct UserLogin {
-    public string Email { get; set; }
-    public string Password { get; set; }
-}