Update auth service

kuro-vale · Sep 4, 2022 · 20cd121 · 20cd121
1 parent a9b0887
commit 20cd121
Show file tree

Hide file tree

Showing 11 changed files with 56 additions and 87 deletions.
diff --git a/.dockerignore b/.dockerignore
diff --git a/Controllers/AuthController.cs b/Controllers/AuthController.cs
@@ -68,6 +68,25 @@ public IActionResult Login([FromBody] LoginRequest loginRequest)
         return Ok(token);
     }
 
+    /// <summary>
+    /// Get logged user
+    /// </summary>
+    /// <response code="200">Success</response>
+    /// <response code="401">Unatuhorized</response>
+    [HttpGet("current")]
+    public IActionResult GetCurrentUser()
+    {
+        var user = (User?)HttpContext.Items["User"];
+
+        if (user == null)
+        {
+            return Unauthorized("Please login to do this");
+        }
+
+        user.Password = "HIDDEN";
+        return Ok(user);
+    }
+
     /// <summary>
     /// Update your user
     /// </summary>

diff --git a/Dockerfile b/Dockerfile
diff --git a/Pages/Auth/CreateAddress.razor b/Pages/Auth/CreateAddress.razor
@@ -51,6 +51,10 @@
         if (firstRender)
         {
             _token = await JsRuntime.InvokeAsync<string?>("ReadCookie.ReadCookie", "token");
+            if (_token == "")
+            {
+                NavigationManager.NavigateTo("/", forceLoad:true);
+            }
             StateHasChanged();
         }
     }

diff --git a/Pages/Auth/EditAddress.razor b/Pages/Auth/EditAddress.razor
@@ -56,6 +56,10 @@
         if (firstRender)
         {
             _token = await JsRuntime.InvokeAsync<string?>("ReadCookie.ReadCookie", "token");
+            if (_token == "")
+            {
+                NavigationManager.NavigateTo("/", forceLoad:true);
+            }
             HttpClient.DefaultRequestHeaders.Authorization = AuthenticationHeaderValue.Parse(_token);
             _fetchedAddress = await HttpClient.GetFromJsonAsync<Address>($"{NavigationManager.BaseUri}api/addresses/{Id}");
             _address.City = _fetchedAddress!.City;

diff --git a/Pages/Auth/Profile.razor b/Pages/Auth/Profile.razor
@@ -73,6 +73,10 @@
         if (firstRender)
         {
             _token = await JsRuntime.InvokeAsync<string?>("ReadCookie.ReadCookie", "token");
+            if (_token == "")
+            {
+                NavigationManager.NavigateTo("/", forceLoad:true);
+            }
             StateHasChanged();
         }
     }

diff --git a/Pages/Checkout.razor b/Pages/Checkout.razor
@@ -35,7 +35,9 @@
                     <td>@i</td>
                     <td>@order.Dessert!.Name</td>
                     <td>@order.Flavor!.Name</td>
-                    <td><button class="btn btn-sm btn-danger rounded-circle" @onclick="() => RemoveOrder(order)">Remove</button></td>
+                    <td>
+                        <button class="btn btn-sm btn-danger rounded-circle" @onclick="() => RemoveOrder(order)">Remove</button>
+                    </td>
                     <td>@order.GetDessertPrice().ToString("C")</td>
                 </tr>
                 i += 1;
@@ -96,6 +98,10 @@ else
         if (firstRender)
         {
             _token = await JsRuntime.InvokeAsync<string?>("ReadCookie.ReadCookie", "token");
+            if (_token == "")
+            {
+                NavigationManager.NavigateTo("/", forceLoad:true);
+            }
             HttpClient.DefaultRequestHeaders.Authorization = AuthenticationHeaderValue.Parse(_token);
             try
             {
@@ -134,7 +140,11 @@ else
         };
         HttpClient.DefaultRequestHeaders.Authorization = AuthenticationHeaderValue.Parse(_token);
         await HttpClient.PostAsJsonAsync($"{NavigationManager.BaseUri}api/checkout", checkoutRequest);
-        NavigationManager.NavigateTo("/", forceLoad: true);
+        CartService.Cart = new Cart
+        {
+            Orders = new List<Order>()
+        };
+        NavigationManager.NavigateTo("/orders");
     }
 
     void RemoveOrder(Order order)

diff --git a/Pages/Orders.razor b/Pages/Orders.razor
@@ -58,6 +58,10 @@
         if (firstRender)
         {
             var token = await JsRuntime.InvokeAsync<string?>("ReadCookie.ReadCookie", "token");
+            if (token == "")
+            {
+                NavigationManager.NavigateTo("/", forceLoad:true);
+            }
             HttpClient.DefaultRequestHeaders.Authorization = AuthenticationHeaderValue.Parse(token);
             try
             {

diff --git a/Services/AuthService.cs b/Services/AuthService.cs
@@ -1,50 +1,19 @@
-using System.IdentityModel.Tokens.Jwt;
-using System.Text;
-using kuro_desserts.Data;
+using System.Net.Http.Headers;
 using kuro_desserts.Models;
 using Microsoft.AspNetCore.Components;
-using Microsoft.IdentityModel.Tokens;
 using Microsoft.JSInterop;
 
 namespace kuro_desserts.Services;
 
 public class AuthService
 {
-    private readonly Context _db;
-    public User? LoggedUser;
+    public User? LoggedUser { get; private set; }
     public bool ShowingLogoutModal { get; private set; }
 
-    public AuthService(Context db)
+    public async Task SetUser(string token, HttpClient client, NavigationManager navigationManager)
     {
-        _db = db;
-    }
-
-    public void SetUser(string token)
-    {
-        try
-        {
-            var tokenHandler = new JwtSecurityTokenHandler();
-            var key = Encoding.UTF8.GetBytes(Environment.GetEnvironmentVariable("JWT_KEY")!);
-            tokenHandler.ValidateToken(token, new TokenValidationParameters
-            {
-                ValidateIssuerSigningKey = true,
-                IssuerSigningKey = new SymmetricSecurityKey(key),
-                ValidateIssuer = false,
-                ValidateAudience = false
-            }, out var validatedToken);
-
-            var jwtToken = (JwtSecurityToken)validatedToken;
-            var userId = Guid.Parse(jwtToken.Claims.First(x => x.Type == "sub").Value);
-
-            var user = _db.Users.Find(userId);
-            if (user!.IsDeleted) return;
-
-            LoggedUser = user;
-        }
-        catch
-        {
-            // do nothing if jwt validation fails
-        }
+        client.DefaultRequestHeaders.Authorization = AuthenticationHeaderValue.Parse(token);
+        LoggedUser = await client.GetFromJsonAsync<User>($"{navigationManager.BaseUri}api/auth/current");
     }
 
     public static async void ClearToken(JSRuntime jsRuntime, NavigationManager navigationManager)

diff --git a/Services/CartService.cs b/Services/CartService.cs
@@ -7,9 +7,8 @@ public class CartService
     public bool DessertModalShowed { get; private set; }
     public Order? Order { get; private set; }
 
-    public Cart Cart { get; } = new()
+    public Cart Cart { get; set; } = new()
     {
-        Id = Guid.NewGuid(),
         Orders = new List<Order>()
     };
 

diff --git a/Shared/NavMenu.razor b/Shared/NavMenu.razor
@@ -2,6 +2,7 @@
 @using kuro_desserts.Models
 @inject IJSRuntime JsRuntime;
 @inject AuthService AuthService
+@inject HttpClient HttpClient
 @inject NavigationManager NavigationManager
 @inject CartService CartService
 @inject MessageService MessageService
@@ -61,9 +62,9 @@
         if (firstRender)
         {
             var token = await JsRuntime.InvokeAsync<string?>("ReadCookie.ReadCookie", "token");
-            if (token != null)
+            if (token != "")
             {
-                AuthService.SetUser(token);
+                await AuthService.SetUser(token!, HttpClient, NavigationManager);
             }
             StateHasChanged();
         }