Browse Source

Fixed pastes, user logout endpoint, and auth cookie

master
Teknikode 7 months ago
parent
commit
f15fb73094

+ 4
- 3
IdentityServer/Startup.cs View File

@@ -59,10 +59,13 @@ namespace Teknik.IdentityServer
{
Environment.EnvironmentName = EnvironmentName.Development;
}
else
{
Environment.EnvironmentName = EnvironmentName.Production;
}

services.ConfigureApplicationCookie(options =>
{
options.Cookie.Domain = CookieHelper.GenerateCookieDomain(config.UserConfig.IdentityServerConfig.Host, false, Environment.IsDevelopment());
options.Cookie.Name = "TeknikAuth";
options.Cookie.SecurePolicy = CookieSecurePolicy.Always;
options.Cookie.SameSite = Microsoft.AspNetCore.Http.SameSiteMode.Strict;
@@ -88,7 +91,6 @@ namespace Teknik.IdentityServer
// Set the anti-forgery cookie name
services.AddAntiforgery(options =>
{
options.Cookie.Domain = CookieHelper.GenerateCookieDomain(config.UserConfig.IdentityServerConfig.Host, false, Environment.IsDevelopment());
options.Cookie.Name = "TeknikAuthAntiForgery";
options.Cookie.SecurePolicy = CookieSecurePolicy.Always;
options.Cookie.SameSite = Microsoft.AspNetCore.Http.SameSiteMode.Strict;
@@ -178,7 +180,6 @@ namespace Teknik.IdentityServer
IdleTimeout = TimeSpan.FromMinutes(30),
Cookie = new CookieBuilder()
{
Domain = CookieHelper.GenerateCookieDomain(config.UserConfig.IdentityServerConfig.Host, false, Environment.IsDevelopment()),
Name = "TeknikAuthSession",
SecurePolicy = CookieSecurePolicy.Always,
SameSite = Microsoft.AspNetCore.Http.SameSiteMode.Strict

+ 9
- 5
Teknik/Areas/Paste/Controllers/PasteController.cs View File

@@ -115,6 +115,8 @@ namespace Teknik.Areas.Paste.Controllers
CachePassword(url, password);

// Read in the file
if (string.IsNullOrEmpty(paste.FileName))
return new StatusCodeResult(StatusCodes.Status404NotFound);
string subDir = paste.FileName[0].ToString();
string filePath = Path.Combine(_config.PasteConfig.PasteDirectory, subDir, paste.FileName);
if (!System.IO.File.Exists(filePath))
@@ -227,8 +229,8 @@ namespace Teknik.Areas.Paste.Controllers
model.DatePosted = paste.DatePosted;
model.Username = paste.User?.Username;

byte[] ivBytes = Encoding.Unicode.GetBytes(paste.IV);
byte[] keyBytes = AesCounterManaged.CreateKey(paste.Key, ivBytes, paste.KeySize);
byte[] ivBytes = (string.IsNullOrEmpty(paste.IV)) ? new byte[paste.BlockSize] : Encoding.Unicode.GetBytes(paste.IV);
byte[] keyBytes = (string.IsNullOrEmpty(paste.Key)) ? new byte[paste.KeySize] : AesCounterManaged.CreateKey(paste.Key, ivBytes, paste.KeySize);

// The paste has a password set
if (!string.IsNullOrEmpty(paste.HashedPassword))
@@ -265,6 +267,8 @@ namespace Teknik.Areas.Paste.Controllers
CachePassword(url, password);

// Read in the file
if (string.IsNullOrEmpty(paste.FileName))
return new StatusCodeResult(StatusCodes.Status404NotFound);
string subDir = paste.FileName[0].ToString();
string filePath = Path.Combine(_config.PasteConfig.PasteDirectory, subDir, paste.FileName);
if (!System.IO.File.Exists(filePath))
@@ -394,15 +398,15 @@ namespace Teknik.Areas.Paste.Controllers

private void CachePassword(string url, string password)
{
if (HttpContext != null)
if (HttpContext != null && HttpContext.Session != null)
{
HttpContext.Session.Set("PastePassword_" + url, password);
HttpContext.Session?.Set("PastePassword_" + url, password);
}
}

private string GetCachedPassword(string url)
{
if (HttpContext != null)
if (HttpContext != null && HttpContext.Session != null)
{
return HttpContext.Session.Get<string>("PastePassword_" + url);
}

+ 1
- 0
Teknik/Areas/User/Controllers/UserController.cs View File

@@ -58,6 +58,7 @@ namespace Teknik.Areas.Users.Controllers
}

[HttpGet]
[AllowAnonymous]
public IActionResult Index()
{
return Redirect(Url.SubRouteUrl("www", "Home.Index"));

+ 8
- 2
Teknik/Startup.cs View File

@@ -81,6 +81,10 @@ namespace Teknik
{
Environment.EnvironmentName = EnvironmentName.Development;
}
else
{
Environment.EnvironmentName = EnvironmentName.Production;
}

services.AddHttpsRedirection(options =>
{
@@ -169,7 +173,10 @@ namespace Teknik
})
.AddCookie(options =>
{
options.ExpireTimeSpan = TimeSpan.FromMinutes(60);
options.Cookie.SecurePolicy = CookieSecurePolicy.SameAsRequest;
options.Cookie.SameSite = Microsoft.AspNetCore.Http.SameSiteMode.Strict;
options.Cookie.Expiration = TimeSpan.FromDays(30);
options.ExpireTimeSpan = TimeSpan.FromDays(30);
options.Cookie.Name = "TeknikWebAuth";
options.Cookie.Domain = CookieHelper.GenerateCookieDomain(config.Host, false, Environment.IsDevelopment());

@@ -191,7 +198,6 @@ namespace Teknik
options.Scope.Add("openid");
options.Scope.Add("role");
options.Scope.Add("account-info");
options.Scope.Add("security-info");
options.Scope.Add("teknik-api.read");
options.Scope.Add("teknik-api.write");
options.Scope.Add("offline_access");

Loading…
Cancel
Save