From 9b4ac5f9535c02d1ec8288a2b20bea4fd00ed53d Mon Sep 17 00:00:00 2001 From: Ognjen Cirkovic Date: Tue, 19 Apr 2022 17:53:21 +0200 Subject: Dodato da gost moze da resfresha jwtToken.Gost koristi isti api za refresh tokena kao ulogovan korisnik. --- backend/api/api/Controllers/AuthController.cs | 2 +- backend/api/api/Models/IJwtToken.cs | 2 +- backend/api/api/Models/JwtToken.cs | 20 ++++++++++---------- backend/api/api/Services/AuthService.cs | 2 +- 4 files changed, 13 insertions(+), 13 deletions(-) (limited to 'backend') diff --git a/backend/api/api/Controllers/AuthController.cs b/backend/api/api/Controllers/AuthController.cs index 901454e1..df8a514c 100644 --- a/backend/api/api/Controllers/AuthController.cs +++ b/backend/api/api/Controllers/AuthController.cs @@ -45,7 +45,7 @@ namespace api.Controllers } [HttpPost("renewJwt")] - [Authorize(Roles = "User")] + [Authorize(Roles = "User,Guest")] public async Task> RenewJwt() { var authorization = Request.Headers[HeaderNames.Authorization]; diff --git a/backend/api/api/Models/IJwtToken.cs b/backend/api/api/Models/IJwtToken.cs index 96b96997..5c54e4e3 100644 --- a/backend/api/api/Models/IJwtToken.cs +++ b/backend/api/api/Models/IJwtToken.cs @@ -5,7 +5,7 @@ namespace api.Models public interface IJwtToken { string GenGuestToken(string id); - string GenToken(AuthRequest user); + string GenToken(User user); string RenewToken(string existingToken); string TokenToUsername(string token); public string TokenToId(string token); diff --git a/backend/api/api/Models/JwtToken.cs b/backend/api/api/Models/JwtToken.cs index 3ec75468..20b0bc73 100644 --- a/backend/api/api/Models/JwtToken.cs +++ b/backend/api/api/Models/JwtToken.cs @@ -19,16 +19,17 @@ namespace api.Models } - public string GenToken(AuthRequest user) + public string GenToken(User user) { var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_configuration.GetSection("AppSettings:JwtToken").Value); - var fullUser = _userService.GetUserByUsername(user.UserName); + string role=(user.isPermament)?"User":"Guest"; + string name = (user.isPermament) ? user.Username : ""; var tokenDescriptor = new SecurityTokenDescriptor { - Subject = new ClaimsIdentity(new[] { new Claim("name", fullUser.Username), - new Claim("role", "User"), - new Claim("id",fullUser._id)}), + Subject = new ClaimsIdentity(new[] { new Claim("name", name), + new Claim("role", role), + new Claim("id",user._id)}), Expires = DateTime.UtcNow.AddMinutes(20), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }; @@ -39,13 +40,12 @@ namespace api.Models public string RenewToken(string existingToken) { - var userName = TokenToUsername(existingToken); - if (userName == null) + var id = TokenToId(existingToken); + if (id == null) return null; - var authUser = new AuthRequest(); - authUser.UserName = userName; + var user = _userService.GetUserById(id); - return GenToken(authUser); + return GenToken(user); } diff --git a/backend/api/api/Services/AuthService.cs b/backend/api/api/Services/AuthService.cs index 7fd0c59f..2d7d753d 100644 --- a/backend/api/api/Services/AuthService.cs +++ b/backend/api/api/Services/AuthService.cs @@ -25,7 +25,7 @@ namespace api.Services return "Username doesn't exist"; if (!PasswordCrypt.checkPassword(user.Password, u.Password)) return "Wrong password"; - return _jwt.GenToken(user); + return _jwt.GenToken(u); } public string Register(RegisterRequest user) -- cgit v1.2.3