diff options
| author | Syndamia <kamen.d.mladenov@protonmail.com> | 2021-01-15 12:00:22 +0200 |
|---|---|---|
| committer | Syndamia <kamen.d.mladenov@protonmail.com> | 2021-01-15 12:00:22 +0200 |
| commit | 63feab3523b99a8cd8fe30571b5f71f741d81f8f (patch) | |
| tree | b29e6572b357dd0e4758fe447e3bb76919d95971 | |
| parent | 6a24665e0b010811df7c1c58ea675503aa0f9237 (diff) | |
| download | DevHive-63feab3523b99a8cd8fe30571b5f71f741d81f8f.tar DevHive-63feab3523b99a8cd8fe30571b5f71f741d81f8f.tar.gz DevHive-63feab3523b99a8cd8fe30571b5f71f741d81f8f.zip | |
JWT stores User ID, instead of username
| -rw-r--r-- | src/DevHive.Services/Services/UserService.cs | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/src/DevHive.Services/Services/UserService.cs b/src/DevHive.Services/Services/UserService.cs index 44cb0e2..6619f60 100644 --- a/src/DevHive.Services/Services/UserService.cs +++ b/src/DevHive.Services/Services/UserService.cs @@ -55,7 +55,7 @@ namespace DevHive.Services.Services if (user.PasswordHash != GeneratePasswordHash(loginModel.Password)) throw new ArgumentException("Incorrect password!"); - return new TokenModel(WriteJWTSecurityToken(user.UserName, user.Roles)); + return new TokenModel(WriteJWTSecurityToken(user.Id, user.Roles)); } public async Task<TokenModel> RegisterUser(RegisterServiceModel registerModel) @@ -79,7 +79,7 @@ namespace DevHive.Services.Services await this._userRepository.AddAsync(user); - return new TokenModel(WriteJWTSecurityToken(user.UserName, user.Roles)); + return new TokenModel(WriteJWTSecurityToken(user.Id, user.Roles)); } #endregion @@ -273,16 +273,16 @@ namespace DevHive.Services.Services // There is authorization name in the beginning, i.e. "Bearer eyJh..." var jwt = new JwtSecurityTokenHandler().ReadJwtToken(rawTokenData.Remove(0, 7)); - string jwtUserName = this.GetClaimTypeValues("unique_name", jwt.Claims)[0]; + Guid jwtUserID = new Guid(this.GetClaimTypeValues("ID", jwt.Claims)[0]); List<string> jwtRoleNames = this.GetClaimTypeValues("role", jwt.Claims); - User user = await this._userRepository.GetByUsernameAsync(jwtUserName) + User user = await this._userRepository.GetByIdAsync(jwtUserID) ?? throw new ArgumentException("User does not exist!"); - /* Username check, only when user isn't admin */ + /* Check if user is trying to do something to himself, unless he's an admin */ if (!jwtRoleNames.Contains(Role.AdminRole)) - if (!this._userRepository.DoesUserHaveThisUsername(id, jwtUserName)) + if (user.Id != id) return false; /* Check roles */ @@ -312,13 +312,13 @@ namespace DevHive.Services.Services return toReturn; } - private string WriteJWTSecurityToken(string userName, IList<Role> roles) + private string WriteJWTSecurityToken(Guid userId, IList<Role> roles) { byte[] signingKey = Encoding.ASCII.GetBytes(_jwtOptions.Secret); List<Claim> claims = new() { - new Claim(ClaimTypes.Name, userName), + new Claim("ID", $"{userId}"), }; foreach (var role in roles) |