From 308c1faa5130913428b7348f78fe0fe2c406a63d Mon Sep 17 00:00:00 2001 From: 杨宇千 Date: Thu, 1 Aug 2019 22:32:40 +0800 Subject: Add token expire time. --- Timeline/Controllers/TokenController.cs | 24 +++++++++++++--- Timeline/Entities/Http/Token.cs | 2 ++ Timeline/Migrations/20190412144150_AddAdminUser.cs | 2 +- Timeline/Services/Clock.cs | 32 ++++++++++++++++++++++ Timeline/Services/JwtService.cs | 8 ++++-- Timeline/Services/UserService.cs | 7 +++-- Timeline/Startup.cs | 1 + 7 files changed, 65 insertions(+), 11 deletions(-) create mode 100644 Timeline/Services/Clock.cs diff --git a/Timeline/Controllers/TokenController.cs b/Timeline/Controllers/TokenController.cs index 66c97b59..f9dcfd76 100644 --- a/Timeline/Controllers/TokenController.cs +++ b/Timeline/Controllers/TokenController.cs @@ -1,6 +1,7 @@ using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Microsoft.Extensions.Logging; +using System; using System.Threading.Tasks; using Timeline.Entities.Http; using Timeline.Services; @@ -23,6 +24,7 @@ namespace Timeline.Controllers { public const int Create_UserNotExist = -1001; public const int Create_BadPassword = -1002; + public const int Create_BadExpireOffset = -1003; public const int Verify_BadToken = -2001; public const int Verify_UserNotExist = -2002; @@ -32,28 +34,42 @@ namespace Timeline.Controllers private readonly IUserService _userService; private readonly ILogger _logger; + private readonly IClock _clock; - public TokenController(IUserService userService, ILogger logger) + public TokenController(IUserService userService, ILogger logger, IClock clock) { _userService = userService; _logger = logger; + _clock = clock; } [HttpPost("create")] [AllowAnonymous] public async Task Create([FromBody] CreateTokenRequest request) { + TimeSpan? expireOffset = null; + if (request.ExpireOffset != null) + { + if (request.ExpireOffset.Value <= 0.0) + { + var code = ErrorCodes.Create_BadExpireOffset; + _logger.LogInformation(LoggingEventIds.LogInFailed, "Attemp to login failed because expire time offset is bad. Code: {} Username: {} Password: {} Bad Expire Offset: {}.", code, request.Username, request.Password, request.ExpireOffset); + return BadRequest(new CommonResponse(code, "Expire time is not bigger than 0.")); + } + expireOffset = TimeSpan.FromDays(request.ExpireOffset.Value); + } + try { - var result = await _userService.CreateToken(request.Username, request.Password); - _logger.LogInformation(LoggingEventIds.LogInSucceeded, "Login succeeded. Username: {} .", request.Username); + var result = await _userService.CreateToken(request.Username, request.Password, expireOffset == null ? null : (DateTime?)(_clock.GetCurrentTime() + expireOffset.Value)); + _logger.LogInformation(LoggingEventIds.LogInSucceeded, "Login succeeded. Username: {} Expire Time Offset: {} days.", request.Username, request.ExpireOffset); return Ok(new CreateTokenResponse { Token = result.Token, User = result.User }); } - catch(UserNotExistException e) + catch (UserNotExistException e) { var code = ErrorCodes.Create_UserNotExist; _logger.LogInformation(LoggingEventIds.LogInFailed, e, "Attemp to login failed because user does not exist. Code: {} Username: {} Password: {} .", code, request.Username, request.Password); diff --git a/Timeline/Entities/Http/Token.cs b/Timeline/Entities/Http/Token.cs index aeb9fbf2..8a02ed2e 100644 --- a/Timeline/Entities/Http/Token.cs +++ b/Timeline/Entities/Http/Token.cs @@ -4,6 +4,8 @@ { public string Username { get; set; } public string Password { get; set; } + // in day + public double? ExpireOffset { get; set; } } public class CreateTokenResponse diff --git a/Timeline/Migrations/20190412144150_AddAdminUser.cs b/Timeline/Migrations/20190412144150_AddAdminUser.cs index 9fac05ff..1b3f14b7 100644 --- a/Timeline/Migrations/20190412144150_AddAdminUser.cs +++ b/Timeline/Migrations/20190412144150_AddAdminUser.cs @@ -8,7 +8,7 @@ namespace Timeline.Migrations protected override void Up(MigrationBuilder migrationBuilder) { migrationBuilder.InsertData("user", new string[] { "name", "password", "roles" }, - new string[] { "crupest", new PasswordService(null).HashPassword("yang0101"), "user,admin" }); + new string[] { "crupest", new PasswordService().HashPassword("yang0101"), "user,admin" }); } protected override void Down(MigrationBuilder migrationBuilder) diff --git a/Timeline/Services/Clock.cs b/Timeline/Services/Clock.cs new file mode 100644 index 00000000..98451ad9 --- /dev/null +++ b/Timeline/Services/Clock.cs @@ -0,0 +1,32 @@ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Threading.Tasks; + +namespace Timeline.Services +{ + /// + /// Convenient for unit test. + /// + public interface IClock + { + /// + /// Get current time. + /// + /// Current time. + DateTime GetCurrentTime(); + } + + public class Clock : IClock + { + public Clock() + { + + } + + public DateTime GetCurrentTime() + { + return DateTime.Now; + } + } +} diff --git a/Timeline/Services/JwtService.cs b/Timeline/Services/JwtService.cs index f3416cce..52e892f6 100644 --- a/Timeline/Services/JwtService.cs +++ b/Timeline/Services/JwtService.cs @@ -94,10 +94,12 @@ namespace Timeline.Services private readonly IOptionsMonitor _jwtConfig; private readonly JwtSecurityTokenHandler _tokenHandler = new JwtSecurityTokenHandler(); + private readonly IClock _clock; - public JwtService(IOptionsMonitor jwtConfig) + public JwtService(IOptionsMonitor jwtConfig, IClock clock) { _jwtConfig = jwtConfig; + _clock = clock; } public string GenerateJwtToken(TokenInfo tokenInfo, DateTime? expires = null) @@ -118,8 +120,8 @@ namespace Timeline.Services Audience = config.Audience, SigningCredentials = new SigningCredentials( new SymmetricSecurityKey(Encoding.ASCII.GetBytes(config.SigningKey)), SecurityAlgorithms.HmacSha384), - IssuedAt = DateTime.Now, - Expires = expires.GetValueOrDefault(DateTime.Now.AddSeconds(config.DefaultExpireOffset)) + IssuedAt = _clock.GetCurrentTime(), + Expires = expires.GetValueOrDefault(_clock.GetCurrentTime().AddSeconds(config.DefaultExpireOffset)) }; var token = _tokenHandler.CreateToken(tokenDescriptor); diff --git a/Timeline/Services/UserService.cs b/Timeline/Services/UserService.cs index 3164a645..328dbff0 100644 --- a/Timeline/Services/UserService.cs +++ b/Timeline/Services/UserService.cs @@ -58,11 +58,12 @@ namespace Timeline.Services /// /// The username of the user to anthenticate. /// The password of the user to anthenticate. + /// The expired time point. Null then use default. See for what is default. /// An containing the created token and user info. /// Thrown when or is null. /// Thrown when the user with given username does not exist. /// Thrown when password is wrong. - Task CreateToken(string username, string password); + Task CreateToken(string username, string password, DateTime? expires = null); /// /// Verify the given token. @@ -170,7 +171,7 @@ namespace Timeline.Services _memoryCache.Remove(GenerateCacheKeyByUserId(id)); } - public async Task CreateToken(string username, string password) + public async Task CreateToken(string username, string password, DateTime? expires) { if (username == null) throw new ArgumentNullException(nameof(username)); @@ -198,7 +199,7 @@ namespace Timeline.Services { Id = user.Id, Version = user.Version - }); + }, expires); return new CreateTokenResult { Token = token, diff --git a/Timeline/Startup.cs b/Timeline/Startup.cs index a6965190..8f702da5 100644 --- a/Timeline/Startup.cs +++ b/Timeline/Startup.cs @@ -51,6 +51,7 @@ namespace Timeline services.AddScoped(); services.AddScoped(); services.AddTransient(); + services.AddTransient(); var databaseConfig = Configuration.GetSection(nameof(DatabaseConfig)).Get(); -- cgit v1.2.3