Auth optimization

2022-04-04 15:19:58 +02:00
parent 83fb4a3c5e
commit 1513ed9169
8 changed files with 100 additions and 44 deletions
--- a/FoodsharingSiegen.Server/Auth/AuthHelper.cs
+++ b/FoodsharingSiegen.Server/Auth/AuthHelper.cs
@@ -1,133 +0,0 @@
-using System.IdentityModel.Tokens.Jwt;
-using System.Security.Cryptography;
-using System.Text;
-using Microsoft.IdentityModel.Tokens;
-
-namespace FoodsharingSiegen.Server.Auth
-{
-    /// <summary>
-    /// The auth helper class (a. beging, 04.04.2022)
-    /// </summary>
-    public static class AuthHelper
-    {
-        #region Public Method Decrypt
-
-        /// <summary>
-        /// Decrypts the crypted text (a. beging, 04.04.2022)
-        /// </summary>
-        /// <param name="cryptedText">The crypted text</param>
-        /// <returns>The string</returns>
-        public static string Decrypt(string cryptedText)
-        {
-            CreateAlgorithm(out var tripleDes);
-            
-            var toEncryptArray = Convert.FromBase64String(cryptedText);
-
-            
-
-            var cTransform = tripleDes.CreateDecryptor();
-            var resultArray = cTransform.TransformFinalBlock(toEncryptArray, 0, toEncryptArray.Length);
-
-            tripleDes.Clear();
-
-            return Encoding.UTF8.GetString(resultArray);
-        }
-
-        #endregion
-
-        #region Public Method Encrypt
-
-        /// <summary>
-        /// Encrypts the plain text (a. beging, 04.04.2022)
-        /// </summary>
-        /// <param name="plainText">The plain text</param>
-        /// <returns>The string</returns>
-        public static string Encrypt(string plainText)
-        {
-            CreateAlgorithm(out var tripleDes);
-            
-            var toEncryptArray = Encoding.UTF8.GetBytes(plainText );
-            
-            
- 
-            var cTransform = tripleDes.CreateEncryptor();
-
-            var resultArray = cTransform.TransformFinalBlock(toEncryptArray, 0, toEncryptArray.Length);
-
-            tripleDes.Clear();
-
-            return Convert.ToBase64String(resultArray, 0, resultArray.Length);
-        }
-
-        #endregion
-
-        #region Public Method GetSigningKey
-
-        /// <summary>
-        /// Gets the signing key (a. beging, 04.04.2022)
-        /// </summary>
-        /// <returns>The security key</returns>
-        public static SecurityKey GetSigningKey() => new SymmetricSecurityKey(Encoding.ASCII.GetBytes(SigningKey));
-
-        #endregion
-
-        #region Public Method ValidateToken
-
-        /// <summary>
-        /// Validates the token using the specified token (a. beging, 04.04.2022)
-        /// </summary>
-        /// <param name="token">The token</param>
-        /// <returns>A task containing the bool</returns>
-        public static async Task<bool> ValidateToken(string? token)
-        {
-            try
-            {
-                var tokenHandler = new JwtSecurityTokenHandler();
-                var result = await tokenHandler.ValidateTokenAsync(token, new TokenValidationParameters
-                {
-                    ValidateIssuerSigningKey = true,
-                    IssuerSigningKey = GetSigningKey(),
-
-                    ValidateAudience = true,
-                    ValidAudience = "FS-Siegen",
-
-                    ValidateIssuer = true,
-                    ValidIssuer = "FS-Siegen"
-                });
-
-                return result.IsValid;
-            }
-            catch (Exception e)
-            {
-                return false;
-            }
-        }
-
-        #endregion
-
-        #region Private Method CreateAlgorithm
-
-        /// <summary>
-        /// Creates the algorithm using the specified triple des (a. beging, 04.04.2022)
-        /// </summary>
-        /// <param name="tripleDes">The triple des</param>
-        private static void CreateAlgorithm(out TripleDES tripleDes)
-        {
-            var md5 = MD5.Create();
-            var keyArray = md5.ComputeHash(Encoding.UTF8.GetBytes(SigningKey));
-            md5.Clear();
-            
-            tripleDes = TripleDES.Create();
-            tripleDes.Key = keyArray;
-            tripleDes.Mode = CipherMode.ECB;
-            tripleDes.Padding = PaddingMode.PKCS7;
-        }
-
-        #endregion
-
-        /// <summary>
-        /// The signing key
-        /// </summary>
-        public const string SigningKey = "2uasw2§$%1nd47n9s43&%Zs3529s23&/%AW";
-    }
-}
--- a/FoodsharingSiegen.Server/Auth/AuthService.cs
+++ b/FoodsharingSiegen.Server/Auth/AuthService.cs
@@ -5,6 +5,7 @@ using FoodsharingSiegen.Contracts.Entity;
 using FoodsharingSiegen.Server.Data;
 using FoodsharingSiegen.Server.Data.Service;
 using FoodsharingSiegen.Server.Service;
+using FoodsharingSiegen.Shared.Helper;
 using Microsoft.AspNetCore.Components.Authorization;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.IdentityModel.Tokens;
@@ -92,25 +93,7 @@ namespace FoodsharingSiegen.Server.Auth
            
            if (User != null)
            {
-                
-                
-                // Daten korrekt
-                var tokenHandler = new JwtSecurityTokenHandler();
-                var tokenDescriptor = new SecurityTokenDescriptor
-                {
-                    Subject = new ClaimsIdentity(new[]
-                    {
-                        new Claim(ClaimTypes.NameIdentifier, User.Id.ToString()),
-                    }),
-                    Expires = DateTime.UtcNow.AddDays(30),
-                    Issuer = "FS-Siegen",
-                    Audience = "FS-Siegen",
-                    SigningCredentials = new SigningCredentials(AuthHelper.GetSigningKey(), SecurityAlgorithms.HmacSha256Signature)
-                };
-                
-                var token = tokenHandler.CreateToken(tokenDescriptor);
-                var serializedToken = tokenHandler.WriteToken(token);
-                
+                var serializedToken = AuthHelper.CreateToken(User.Id);
                await _localStorageService.SetItem(StorageKeys.TokenKey, serializedToken);

                return new OperationResult();
--- a/FoodsharingSiegen.Server/Auth/TokenAuthStateProvider.cs
+++ b/FoodsharingSiegen.Server/Auth/TokenAuthStateProvider.cs
@@ -1,6 +1,7 @@
 using System.Security.Claims;
 using FoodsharingSiegen.Contracts;
 using FoodsharingSiegen.Server.Auth;
+using FoodsharingSiegen.Shared.Helper;
 using Microsoft.AspNetCore.Components.Authorization;

 namespace FoodsharingSiegen.Server.Service
--- a/FoodsharingSiegen.Server/Data/Service/ProspectService.cs
+++ b/FoodsharingSiegen.Server/Data/Service/ProspectService.cs
@@ -35,7 +35,8 @@ namespace FoodsharingSiegen.Server.Data.Service
                if (targetProspect == null) return new OperationResult<Interaction>(new Exception("Invalid prospect id"));
                
                interaction.ProspectId = Guid.Empty;
-                
+                interaction.Created = DateTime.UtcNow;
+
                targetProspect.Interactions.Add(interaction);
                
                await Context.SaveChangesAsync();
@@ -111,7 +112,7 @@ namespace FoodsharingSiegen.Server.Data.Service
        {
            try
            {
-                var prospects = await Context.Prospects.AsNoTracking().Include(x => x.Interactions).ThenInclude(x => x.User).OrderBy(x => x.Name).ToListAsync();
+                var prospects = await Context.Prospects.AsNoTracking().Include(x => x.Interactions.OrderBy(i => i.Date)).ThenInclude(x => x.User).OrderBy(x => x.Name).ToListAsync();
                return new OperationResult<List<Prospect>>(prospects);
            }
            catch (Exception e)
--- a/FoodsharingSiegen.Server/Dialogs/AddInteractionModal.razor
+++ b/FoodsharingSiegen.Server/Dialogs/AddInteractionModal.razor
@@ -1,20 +1,28 @@
@using FoodsharingSiegen.Contracts.Entity

 <Modal @ref="ModalReference">
-    <ModalContent Centered Size="ModalSize.Small">
+    <ModalContent Centered Size="ModalSize.Default">
        <ModalHeader>
            <h6>@_header</h6>
            <CloseButton/>
        </ModalHeader>
        <ModalBody>
-            <Field>
-                <Select TValue="Guid" @bind-SelectedValue="SelectedUser">
-                    @foreach (var user in Users ?? new List<User>())
-                    {
-                        <SelectItem Value="@user.Id">@user.Name</SelectItem>
-                    }
-                </Select>
-            </Field>
+            <div class="row">
+                <div class="col">
+                    <label for="aim-userselect">Benutzer</label>
+                    <Select TValue="Guid" @bind-SelectedValue="SelectedUser" id="aim-userselect">
+                        @foreach (var user in Users ?? new List<User>())
+                        {
+                            <SelectItem Value="@user.Id">@user.Name</SelectItem>
+                        }
+                    </Select>
+                </div>
+                <div class="col">
+                    <label for="aim-datepicker">Datum</label>
+                    <DatePicker TValue="DateTime" @bind-Date="Interaction.Date" ElementId="aim-datepicker" Max="DateTime.UtcNow.AddDays(7)"/>
+                </div>
+            </div>
+
            @if (_showInfo)
            {
                <Field>