fix more shit
This commit is contained in:
Stanley Dimant
@@ -94,7 +94,7 @@ public class Startup
|
|||||||
|
|
||||||
private static void ConfigureAuthorization(IServiceCollection services)
|
private static void ConfigureAuthorization(IServiceCollection services)
|
||||||
{
|
{
|
||||||
services.AddTransient<IAuthorizationHandler, UserRequirementHandler>();
|
services.AddTransient<IAuthorizationHandler, RedisDbUserRequirementHandler>();
|
||||||
services.AddTransient<IAuthorizationHandler, ValidTokenRequirementHandler>();
|
services.AddTransient<IAuthorizationHandler, ValidTokenRequirementHandler>();
|
||||||
services.AddTransient<IAuthorizationHandler, ExistingUserRequirementHandler>();
|
services.AddTransient<IAuthorizationHandler, ExistingUserRequirementHandler>();
|
||||||
|
|
||||||
|
|||||||
@@ -8,9 +8,9 @@ namespace MareSynchronosShared.RequirementHandlers;
|
|||||||
public class ExistingUserRequirementHandler : AuthorizationHandler<ExistingUserRequirement>
|
public class ExistingUserRequirementHandler : AuthorizationHandler<ExistingUserRequirement>
|
||||||
{
|
{
|
||||||
private readonly IDbContextFactory<MareDbContext> _dbContextFactory;
|
private readonly IDbContextFactory<MareDbContext> _dbContextFactory;
|
||||||
private readonly ILogger<UserRequirementHandler> _logger;
|
private readonly ILogger<ExistingUserRequirementHandler> _logger;
|
||||||
|
|
||||||
public ExistingUserRequirementHandler(IDbContextFactory<MareDbContext> dbContext, ILogger<UserRequirementHandler> logger)
|
public ExistingUserRequirementHandler(IDbContextFactory<MareDbContext> dbContext, ILogger<ExistingUserRequirementHandler> logger)
|
||||||
{
|
{
|
||||||
_dbContextFactory = dbContext;
|
_dbContextFactory = dbContext;
|
||||||
_logger = logger;
|
_logger = logger;
|
||||||
|
|||||||
@@ -0,0 +1,54 @@
|
|||||||
|
using Microsoft.AspNetCore.Authorization;
|
||||||
|
using Microsoft.AspNetCore.SignalR;
|
||||||
|
using MareSynchronosShared.Data;
|
||||||
|
using Microsoft.EntityFrameworkCore;
|
||||||
|
using MareSynchronosShared.Utils;
|
||||||
|
using StackExchange.Redis;
|
||||||
|
using Microsoft.Extensions.Logging;
|
||||||
|
|
||||||
|
namespace MareSynchronosShared.RequirementHandlers;
|
||||||
|
|
||||||
|
public class RedisDbUserRequirementHandler : AuthorizationHandler<UserRequirement, HubInvocationContext>
|
||||||
|
{
|
||||||
|
private readonly IDbContextFactory<MareDbContext> _dbContextFactory;
|
||||||
|
private readonly ILogger<RedisDbUserRequirementHandler> _logger;
|
||||||
|
private readonly IDatabase _redis;
|
||||||
|
|
||||||
|
public RedisDbUserRequirementHandler(IDbContextFactory<MareDbContext> dbContextFactory, ILogger<RedisDbUserRequirementHandler> logger, IDatabase redisDb)
|
||||||
|
{
|
||||||
|
_dbContextFactory = dbContextFactory;
|
||||||
|
_logger = logger;
|
||||||
|
_redis = redisDb;
|
||||||
|
}
|
||||||
|
|
||||||
|
protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, UserRequirement requirement, HubInvocationContext resource)
|
||||||
|
{
|
||||||
|
var uid = context.User.Claims.SingleOrDefault(g => string.Equals(g.Type, MareClaimTypes.Uid, StringComparison.Ordinal))?.Value;
|
||||||
|
|
||||||
|
if (uid == null) context.Fail();
|
||||||
|
|
||||||
|
if ((requirement.Requirements & UserRequirements.Identified) is UserRequirements.Identified)
|
||||||
|
{
|
||||||
|
var ident = await _redis.StringGetAsync("UID:" + uid).ConfigureAwait(false);
|
||||||
|
if (ident == RedisValue.EmptyString) context.Fail();
|
||||||
|
}
|
||||||
|
|
||||||
|
if ((requirement.Requirements & UserRequirements.Administrator) is UserRequirements.Administrator)
|
||||||
|
{
|
||||||
|
using var dbContext = await _dbContextFactory.CreateDbContextAsync().ConfigureAwait(false);
|
||||||
|
var user = await dbContext.Users.AsNoTracking().SingleOrDefaultAsync(b => b.UID == uid).ConfigureAwait(false);
|
||||||
|
if (user == null || !user.IsAdmin) context.Fail();
|
||||||
|
_logger.LogInformation("Admin {uid} authenticated", uid);
|
||||||
|
}
|
||||||
|
|
||||||
|
if ((requirement.Requirements & UserRequirements.Moderator) is UserRequirements.Moderator)
|
||||||
|
{
|
||||||
|
using var dbContext = await _dbContextFactory.CreateDbContextAsync().ConfigureAwait(false);
|
||||||
|
var user = await dbContext.Users.AsNoTracking().SingleOrDefaultAsync(b => b.UID == uid).ConfigureAwait(false);
|
||||||
|
if (user == null || !user.IsAdmin && !user.IsModerator) context.Fail();
|
||||||
|
_logger.LogInformation("Admin/Moderator {uid} authenticated", uid);
|
||||||
|
}
|
||||||
|
|
||||||
|
context.Succeed(requirement);
|
||||||
|
}
|
||||||
|
}
|
||||||
@@ -9,7 +9,6 @@ using Microsoft.Extensions.Logging;
|
|||||||
|
|
||||||
namespace MareSynchronosShared.RequirementHandlers;
|
namespace MareSynchronosShared.RequirementHandlers;
|
||||||
|
|
||||||
|
|
||||||
public class UserRequirementHandler : AuthorizationHandler<UserRequirement, HubInvocationContext>
|
public class UserRequirementHandler : AuthorizationHandler<UserRequirement, HubInvocationContext>
|
||||||
{
|
{
|
||||||
private readonly IDbContextFactory<MareDbContext> _dbContextFactory;
|
private readonly IDbContextFactory<MareDbContext> _dbContextFactory;
|
||||||
|
|||||||
Reference in New Issue
Block a user