Oda/managing-apps
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix jwt token

Browse Source
This commit is contained in:
cryptooda
2025-08-05 04:51:24 +07:00
parent 2f1abb3f05
commit 4d63b9e970
3 changed files with 66 additions and 60 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
src/Managing.Api/Authorization/JwtMiddleware.cs
View File

@@ -1,40 +0,0 @@
using Managing.Application.Abstractions.Services;
namespace Managing.Api.Authorization;
public class JwtMiddleware
{
private readonly RequestDelegate _next;
public JwtMiddleware(RequestDelegate next, IConfiguration config)
{
_next = next;
}
public async Task Invoke(HttpContext context, IUserService userService, IJwtUtils jwtUtils)
{
if (context.Request.Path.StartsWithSegments("/User/create-token") ||
context.Request.Path.StartsWithSegments("/swagger") ||
context.Request.Path.StartsWithSegments("/health"))
{
await _next(context);
return;
}
var token = context.Request.Headers["Authorization"].FirstOrDefault()?.Split(" ").Last();
if (string.IsNullOrEmpty(token))
{
throw new UnauthorizedAccessException("Authorization token is missing");
}
var userId = jwtUtils.ValidateJwtToken(token);
if (userId != null)
{
// attach user to context on successful jwt validation
context.Items["User"] = await userService.GetUserByAddressAsync(userId);
}
await _next(context);
}
}

2
src/Managing.Api/Controllers/DataController.cs
View File

@@ -554,7 +554,6 @@ public class DataController : ControllerBase
} }
/// <summary> /// <summary>
/// Retrieves a paginated list of agent summaries for the agent index page /// Retrieves a paginated list of agent summaries for the agent index page
/// </summary> /// </summary>
@@ -564,6 +563,7 @@ public class DataController : ControllerBase
/// <param name="sortOrder">Sort order - "asc" or "desc" (defaults to "desc")</param> /// <param name="sortOrder">Sort order - "asc" or "desc" (defaults to "desc")</param>
/// <param name="agentNames">Optional comma-separated list of agent names to filter by</param> /// <param name="agentNames">Optional comma-separated list of agent names to filter by</param>
/// <returns>A paginated list of agent summaries sorted by the specified field</returns> /// <returns>A paginated list of agent summaries sorted by the specified field</returns>
[AllowAnonymous]
[HttpGet("GetAgentIndexPaginated")] [HttpGet("GetAgentIndexPaginated")]
public async Task<ActionResult<PaginatedAgentIndexResponse>> GetAgentIndexPaginated( public async Task<ActionResult<PaginatedAgentIndexResponse>> GetAgentIndexPaginated(
int page = 1, int page = 1,

84
src/Managing.Api/Program.cs
View File

@@ -1,9 +1,11 @@
using System.Security.Claims;
using System.Text; using System.Text;
using System.Text.Json.Serialization; using System.Text.Json.Serialization;
using HealthChecks.UI.Client; using HealthChecks.UI.Client;
using Managing.Api.Authorization; using Managing.Api.Authorization;
using Managing.Api.Filters; using Managing.Api.Filters;
using Managing.Api.HealthChecks; using Managing.Api.HealthChecks;
using Managing.Application.Abstractions.Services;
using Managing.Application.Hubs; using Managing.Application.Hubs;
using Managing.Bootstrap; using Managing.Bootstrap;
using Managing.Common; using Managing.Common;
@@ -155,20 +157,70 @@ builder.Services.Configure<PrivySettings>(builder.Configuration.GetSection(Const
builder.Services.AddControllers().AddJsonOptions(options => builder.Services.AddControllers().AddJsonOptions(options =>
options.JsonSerializerOptions.Converters.Add(new JsonStringEnumConverter())); options.JsonSerializerOptions.Converters.Add(new JsonStringEnumConverter()));
builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme).AddJwtBearer(o => builder.Services
{ .AddAuthentication(options =>
o.SaveToken = true;
o.TokenValidationParameters = new TokenValidationParameters
{ {
ValidIssuer = builder.Configuration["Authentication:Schemes:Bearer:ValidIssuer"], options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
ValidAudience = builder.Configuration["Authentication:Schemes:Bearer:ValidAudiences"], options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
IssuerSigningKey = new SymmetricSecurityKey })
(Encoding.UTF8.GetBytes(builder.Configuration["Jwt:Secret"])), .AddJwtBearer(o =>
ValidateIssuer = false, {
ValidateAudience = false, o.SaveToken = true;
ValidateIssuerSigningKey = true o.TokenValidationParameters = new TokenValidationParameters
}; {
}); ValidIssuer = builder.Configuration["Authentication:Schemes:Bearer:ValidIssuer"],
ValidAudience = builder.Configuration["Authentication:Schemes:Bearer:ValidAudiences"],
IssuerSigningKey = new SymmetricSecurityKey
(Encoding.UTF8.GetBytes(builder.Configuration["Jwt:Secret"])),
ValidateIssuer = false,
ValidateAudience = false,
ValidateIssuerSigningKey = true
};
o.Events = new JwtBearerEvents
{
OnMessageReceived = context =>
{
// If you want to get the token from a custom header or query string
// var accessToken = context.Request.Query["access_token"];
// if (!string.IsNullOrEmpty(accessToken) &&
// context.HttpContext.Request.Path.StartsWithSegments("/hub"))
// {
// context.Token = accessToken;
// }
return Task.CompletedTask;
},
OnAuthenticationFailed = context =>
{
if (context.Exception.GetType() == typeof(SecurityTokenExpiredException))
{
context.Response.Headers.Add("Token-Expired", "true");
}
return Task.CompletedTask;
},
// --- IMPORTANT: Attach User to Context Here ---
OnTokenValidated = async context =>
{
var userService = context.HttpContext.RequestServices.GetRequiredService<IUserService>();
// Assuming your JWT token contains a 'nameid' claim (or similar) for the user ID
var userId = context.Principal.FindFirst(ClaimTypes.NameIdentifier)?.Value;
if (!string.IsNullOrEmpty(userId))
{
// Fetch the full user object from your service
var user = await userService.GetUserByAddressAsync(userId);
if (user != null)
{
// Attach the user object to HttpContext.Items
context.HttpContext.Items["User"] = user;
}
}
await Task.CompletedTask;
}
// --- END IMPORTANT ---
};
});
builder.Services.AddCors(o => o.AddPolicy("CorsPolicy", builder => builder.Services.AddCors(o => o.AddPolicy("CorsPolicy", builder =>
{ {
@@ -251,14 +303,9 @@ app.UseSentryDiagnostics();
// Using shared GlobalErrorHandlingMiddleware from core project // Using shared GlobalErrorHandlingMiddleware from core project
app.UseMiddleware<GlobalErrorHandlingMiddleware>(); app.UseMiddleware<GlobalErrorHandlingMiddleware>();
app.UseMiddleware<JwtMiddleware>();
app.UseHttpsRedirection(); app.UseHttpsRedirection();
app.UseRouting(); app.UseRouting();
app.UseAuthentication(); app.UseAuthentication();
app.UseAuthorization(); app.UseAuthorization();
app.UseEndpoints(endpoints => app.UseEndpoints(endpoints =>
@@ -280,5 +327,4 @@ app.UseEndpoints(endpoints =>
}); });
}); });
app.Run(); app.Run();