friendlynamazu/server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
7fce4880a4f49d035c5247fe18e21a234cca8ba2
server/MareSynchronosServer/MareSynchronosAuthService/Controllers/JwtController.cs
Stanley Dimant 2f4aa1b396 add speedtest stuff or so
2024-11-11 12:45:52 +01:00

89 lines
3.6 KiB
C#
Raw Blame History

using MareSynchronos.API.Routes;
using MareSynchronosAuthService.Services;
using MareSynchronosShared;
using MareSynchronosShared.Data;
using MareSynchronosShared.Services;
using MareSynchronosShared.Utils;
using MareSynchronosShared.Utils.Configuration;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.EntityFrameworkCore;
using StackExchange.Redis.Extensions.Core.Abstractions;
namespace MareSynchronosAuthService.Controllers;
[Route(MareAuth.Auth)]
public class JwtController : AuthControllerBase
{
public JwtController(ILogger<JwtController> logger,
IHttpContextAccessor accessor, IDbContextFactory<MareDbContext> mareDbContextFactory,
SecretKeyAuthenticatorService secretKeyAuthenticatorService,
IConfigurationService<AuthServiceConfiguration> configuration,
IRedisDatabase redisDb, GeoIPService geoIPProvider)
: base(logger, accessor, mareDbContextFactory, secretKeyAuthenticatorService,
configuration, redisDb, geoIPProvider)
{
}
[AllowAnonymous]
[HttpPost(MareAuth.Auth_CreateIdent)]
public async Task<IActionResult> CreateToken(string auth, string charaIdent)
{
using var dbContext = await MareDbContextFactory.CreateDbContextAsync();
return await AuthenticateInternal(dbContext, auth, charaIdent).ConfigureAwait(false);
}
[Authorize(Policy = "Authenticated")]
[HttpGet(MareAuth.Auth_RenewToken)]
public async Task<IActionResult> RenewToken()
{
using var dbContext = await MareDbContextFactory.CreateDbContextAsync();
try
{
var uid = HttpContext.User.Claims.Single(p => string.Equals(p.Type, MareClaimTypes.Uid, StringComparison.Ordinal))!.Value;
var ident = HttpContext.User.Claims.Single(p => string.Equals(p.Type, MareClaimTypes.CharaIdent, StringComparison.Ordinal))!.Value;
var alias = HttpContext.User.Claims.SingleOrDefault(p => string.Equals(p.Type, MareClaimTypes.Alias))?.Value ?? string.Empty;
if (await dbContext.Auth.Where(u => u.UserUID == uid || u.PrimaryUserUID == uid).AnyAsync(a => a.MarkForBan))
{
var userAuth = await dbContext.Auth.SingleAsync(u => u.UserUID == uid);
await EnsureBan(uid, userAuth.PrimaryUserUID, ident);
return Unauthorized("Your Mare account is banned.");
}
if (await IsIdentBanned(dbContext, ident))
{
return Unauthorized("Your XIV service account is banned from using the service.");
}
Logger.LogInformation("RenewToken:SUCCESS:{id}:{ident}", uid, ident);
return await CreateJwtFromId(uid, ident, alias);
}
catch (Exception ex)
{
Logger.LogError(ex, "RenewToken:FAILURE");
return Unauthorized("Unknown error while renewing authentication token");
}
}
protected async Task<IActionResult> AuthenticateInternal(MareDbContext dbContext, string auth, string charaIdent)
{
try
{
if (string.IsNullOrEmpty(auth)) return BadRequest("No Authkey");
if (string.IsNullOrEmpty(charaIdent)) return BadRequest("No CharaIdent");
var ip = HttpAccessor.GetIpAddress();
var authResult = await SecretKeyAuthenticatorService.AuthorizeAsync(ip, auth);
return await GenericAuthResponse(dbContext, charaIdent, authResult);
}
catch (Exception ex)
{
Logger.LogWarning(ex, "Authenticate:UNKNOWN");
return Unauthorized("Unknown internal server error during authentication");
}
}
}
Reference in New Issue View Git Blame Copy Permalink