@@ -59,10 +59,13 @@ namespace Teknik.IdentityServer | |||
{ | |||
Environment.EnvironmentName = EnvironmentName.Development; | |||
} | |||
else | |||
{ | |||
Environment.EnvironmentName = EnvironmentName.Production; | |||
} | |||
services.ConfigureApplicationCookie(options => | |||
{ | |||
options.Cookie.Domain = CookieHelper.GenerateCookieDomain(config.UserConfig.IdentityServerConfig.Host, false, Environment.IsDevelopment()); | |||
options.Cookie.Name = "TeknikAuth"; | |||
options.Cookie.SecurePolicy = CookieSecurePolicy.Always; | |||
options.Cookie.SameSite = Microsoft.AspNetCore.Http.SameSiteMode.Strict; | |||
@@ -88,7 +91,6 @@ namespace Teknik.IdentityServer | |||
// Set the anti-forgery cookie name | |||
services.AddAntiforgery(options => | |||
{ | |||
options.Cookie.Domain = CookieHelper.GenerateCookieDomain(config.UserConfig.IdentityServerConfig.Host, false, Environment.IsDevelopment()); | |||
options.Cookie.Name = "TeknikAuthAntiForgery"; | |||
options.Cookie.SecurePolicy = CookieSecurePolicy.Always; | |||
options.Cookie.SameSite = Microsoft.AspNetCore.Http.SameSiteMode.Strict; | |||
@@ -178,7 +180,6 @@ namespace Teknik.IdentityServer | |||
IdleTimeout = TimeSpan.FromMinutes(30), | |||
Cookie = new CookieBuilder() | |||
{ | |||
Domain = CookieHelper.GenerateCookieDomain(config.UserConfig.IdentityServerConfig.Host, false, Environment.IsDevelopment()), | |||
Name = "TeknikAuthSession", | |||
SecurePolicy = CookieSecurePolicy.Always, | |||
SameSite = Microsoft.AspNetCore.Http.SameSiteMode.Strict |
@@ -115,6 +115,8 @@ namespace Teknik.Areas.Paste.Controllers | |||
CachePassword(url, password); | |||
// Read in the file | |||
if (string.IsNullOrEmpty(paste.FileName)) | |||
return new StatusCodeResult(StatusCodes.Status404NotFound); | |||
string subDir = paste.FileName[0].ToString(); | |||
string filePath = Path.Combine(_config.PasteConfig.PasteDirectory, subDir, paste.FileName); | |||
if (!System.IO.File.Exists(filePath)) | |||
@@ -227,8 +229,8 @@ namespace Teknik.Areas.Paste.Controllers | |||
model.DatePosted = paste.DatePosted; | |||
model.Username = paste.User?.Username; | |||
byte[] ivBytes = Encoding.Unicode.GetBytes(paste.IV); | |||
byte[] keyBytes = AesCounterManaged.CreateKey(paste.Key, ivBytes, paste.KeySize); | |||
byte[] ivBytes = (string.IsNullOrEmpty(paste.IV)) ? new byte[paste.BlockSize] : Encoding.Unicode.GetBytes(paste.IV); | |||
byte[] keyBytes = (string.IsNullOrEmpty(paste.Key)) ? new byte[paste.KeySize] : AesCounterManaged.CreateKey(paste.Key, ivBytes, paste.KeySize); | |||
// The paste has a password set | |||
if (!string.IsNullOrEmpty(paste.HashedPassword)) | |||
@@ -265,6 +267,8 @@ namespace Teknik.Areas.Paste.Controllers | |||
CachePassword(url, password); | |||
// Read in the file | |||
if (string.IsNullOrEmpty(paste.FileName)) | |||
return new StatusCodeResult(StatusCodes.Status404NotFound); | |||
string subDir = paste.FileName[0].ToString(); | |||
string filePath = Path.Combine(_config.PasteConfig.PasteDirectory, subDir, paste.FileName); | |||
if (!System.IO.File.Exists(filePath)) | |||
@@ -394,15 +398,15 @@ namespace Teknik.Areas.Paste.Controllers | |||
private void CachePassword(string url, string password) | |||
{ | |||
if (HttpContext != null) | |||
if (HttpContext != null && HttpContext.Session != null) | |||
{ | |||
HttpContext.Session.Set("PastePassword_" + url, password); | |||
HttpContext.Session?.Set("PastePassword_" + url, password); | |||
} | |||
} | |||
private string GetCachedPassword(string url) | |||
{ | |||
if (HttpContext != null) | |||
if (HttpContext != null && HttpContext.Session != null) | |||
{ | |||
return HttpContext.Session.Get<string>("PastePassword_" + url); | |||
} |
@@ -58,6 +58,7 @@ namespace Teknik.Areas.Users.Controllers | |||
} | |||
[HttpGet] | |||
[AllowAnonymous] | |||
public IActionResult Index() | |||
{ | |||
return Redirect(Url.SubRouteUrl("www", "Home.Index")); |
@@ -81,6 +81,10 @@ namespace Teknik | |||
{ | |||
Environment.EnvironmentName = EnvironmentName.Development; | |||
} | |||
else | |||
{ | |||
Environment.EnvironmentName = EnvironmentName.Production; | |||
} | |||
services.AddHttpsRedirection(options => | |||
{ | |||
@@ -169,7 +173,10 @@ namespace Teknik | |||
}) | |||
.AddCookie(options => | |||
{ | |||
options.ExpireTimeSpan = TimeSpan.FromMinutes(60); | |||
options.Cookie.SecurePolicy = CookieSecurePolicy.SameAsRequest; | |||
options.Cookie.SameSite = Microsoft.AspNetCore.Http.SameSiteMode.Strict; | |||
options.Cookie.Expiration = TimeSpan.FromDays(30); | |||
options.ExpireTimeSpan = TimeSpan.FromDays(30); | |||
options.Cookie.Name = "TeknikWebAuth"; | |||
options.Cookie.Domain = CookieHelper.GenerateCookieDomain(config.Host, false, Environment.IsDevelopment()); | |||
@@ -191,7 +198,6 @@ namespace Teknik | |||
options.Scope.Add("openid"); | |||
options.Scope.Add("role"); | |||
options.Scope.Add("account-info"); | |||
options.Scope.Add("security-info"); | |||
options.Scope.Add("teknik-api.read"); | |||
options.Scope.Add("teknik-api.write"); | |||
options.Scope.Add("offline_access"); |