The next generation of the Teknik Services. Written in ASP.NET. https://www.teknik.io/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

CookieEventHandler.cs 1.2KB

12345678910111213141516171819202122232425262728293031323334353637383940
  1. using Microsoft.AspNetCore.Authentication;
  2. using Microsoft.AspNetCore.Authentication.Cookies;
  3. using Microsoft.AspNetCore.Mvc;
  4. using Microsoft.AspNetCore.Mvc.Routing;
  5. using Microsoft.AspNetCore.Routing;
  6. using System;
  7. using System.Collections.Generic;
  8. using System.Linq;
  9. using System.Threading.Tasks;
  10. using Teknik.Utilities;
  11. namespace Teknik.Security
  12. {
  13. public class CookieEventHandler : CookieAuthenticationEvents
  14. {
  15. public CookieEventHandler(LogoutSessionManager logoutSessions)
  16. {
  17. LogoutSessions = logoutSessions;
  18. }
  19. public LogoutSessionManager LogoutSessions { get; }
  20. public override async Task ValidatePrincipal(CookieValidatePrincipalContext context)
  21. {
  22. if (context.Principal.Identity.IsAuthenticated)
  23. {
  24. var sub = context.Principal.FindFirst("sub")?.Value;
  25. var sid = context.Principal.FindFirst("sid")?.Value;
  26. if (LogoutSessions.IsLoggedOut(sub, sid))
  27. {
  28. context.RejectPrincipal();
  29. await context.HttpContext.SignOutAsync();
  30. // todo: if we have a refresh token, it should be revoked here.
  31. }
  32. }
  33. }
  34. }
  35. }