allow JwtMiddleware to support SecurityStamp

2024-09-17 09:06:49 -04:00 · 2024-09-17 09:06:49 -04:00 · 32d1e08b57
commit 32d1e08b57
parent f78e400918
2 changed files with 12 additions and 13 deletions
--- a/Oqtane.Server/Infrastructure/Middleware/JwtMiddleware.cs
+++ b/Oqtane.Server/Infrastructure/Middleware/JwtMiddleware.cs
@ -3,6 +3,7 @@ using System.Security.Claims;
 using System.Threading.Tasks;
 using Microsoft.AspNetCore.Http;
 using Oqtane.Extensions;
 using Oqtane.Managers;
 using Oqtane.Models;
 using Oqtane.Repository;
 using Oqtane.Security;
@ -59,19 +60,18 @@ namespace Oqtane.Infrastructure
                            if (userid != null && username != null)
                            {
-                                // create user identity
+                                var _users = context.RequestServices.GetService(typeof(IUserManager)) as IUserManager;
-                                var user = new User
+                                var user = _users.GetUser(userid, alias.SiteId); // cached
                                if (user != null && !user.IsDeleted)
                                {
-                                    UserId = int.Parse(userid),
+                                    var claimsidentity = UserSecurity.CreateClaimsIdentity(alias, user);
-                                    Username = username
+                                    context.User = new ClaimsPrincipal(claimsidentity);
-                                };
+                                    logger.Log(alias.SiteId, LogLevel.Information, "TokenValidation", Enums.LogFunction.Security, "Token Validated For User {Username}", user.Username);
-
+                                }
-                                // set claims identity (note jwt already contains the roles - we are reloading to ensure most accurate permissions)
+                                else
-                                var _userRoles = context.RequestServices.GetService(typeof(IUserRoleRepository)) as IUserRoleRepository;
+                                {
-                                var claimsidentity = UserSecurity.CreateClaimsIdentity(alias, user, _userRoles.GetUserRoles(user.UserId, alias.SiteId).ToList());
+                                    logger.Log(alias.SiteId, LogLevel.Error, "TokenValidation", Enums.LogFunction.Security, "Token Validated But User {Username} Does Not Exist Or Is Deleted", user.Username);
-                                context.User = new ClaimsPrincipal(claimsidentity);
+                                }
                                logger.Log(alias.SiteId, LogLevel.Information, "TokenValidation", Enums.LogFunction.Security, "Token Validated For UserId {UserId} And Username {Username}", user.UserId, user.Username);
                            }
                            else
                            {
--- a/Oqtane.Server/Providers/IdentityRevalidatingAuthenticationStateProvider.cs
+++ b/Oqtane.Server/Providers/IdentityRevalidatingAuthenticationStateProvider.cs
@ -10,7 +10,6 @@ using System;
 using Oqtane.Infrastructure;
 using Oqtane.Extensions;
 using Oqtane.Managers;
 using System.Security.Claims;
 namespace Oqtane.Providers
 {