hotfix redirect system

add auth to create posts and redirects
2025-12-11 16:16:26 +02:00 · 2023-12-26 13:16:03 +03:00
parent 38c12ca246
commit b9036e2165
12 changed files with 399 additions and 32 deletions
--- a/Auth/ApiKeyAuthorization.cs
+++ b/Auth/ApiKeyAuthorization.cs
@@ -0,0 +1,73 @@
+using System.Security.Claims;
+using System.Text.Encodings.Web;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.Extensions.Caching.Memory;
+using Microsoft.Extensions.Options;
+using yaflay.ru.Database.Tables;
+using yaflay.ru.Models;
+using yaflay.ru.Models.Tables;
+
+
+namespace yaflay.ru.Auth;
+
+public class ApiKeyAuthantication : AuthenticationHandler<AuthenticationSchemeOptions>
+{
+    private AppDbContext ctx;
+    private IMemoryCache cache;
+    public ApiKeyAuthantication(
+        IOptionsMonitor<AuthenticationSchemeOptions> options,
+        ILoggerFactory logger,
+        UrlEncoder encoder,
+        ISystemClock clock,
+        AppDbContext ctx,
+        IMemoryCache cache
+    ) : base(options, logger, encoder, clock)
+    {
+        this.ctx = ctx;
+        this.cache = cache;
+    }
+
+    protected override async Task<AuthenticateResult> HandleAuthenticateAsync()
+    {
+        if (!Request.Headers.TryGetValue("Authorization", out var apiKeyHeaderValues))
+            return AuthenticateResult.Fail("API Key was not provided.");
+
+        string? providedApiKey = apiKeyHeaderValues.FirstOrDefault()?.Replace("Bearer ", "");
+        Console.WriteLine("APIKEY: " + providedApiKey);
+
+        if (FindApiKey(providedApiKey, out ApiKey? apiKey))
+        {
+            var claims = new[]
+            {
+                new Claim("Bearer", apiKey.Type.ToString())
+            };
+
+            var identity = new ClaimsIdentity(claims, Scheme.Name);
+            var principal = new ClaimsPrincipal(identity);
+            var ticket = new AuthenticationTicket(principal, Scheme.Name);
+
+            return AuthenticateResult.Success(ticket);
+        }
+        Console.WriteLine("im there");
+        return AuthenticateResult.Fail("Invalid API Key provided.");
+    }
+
+    private bool FindApiKey(string? providedApiKey, out ApiKey? apiKey)
+    {
+        var fromCache = cache.Get<ApiKey>($"apiKey-{providedApiKey}");
+        if (fromCache == null)
+        {
+            Console.WriteLine($"Im there: {fromCache}, {providedApiKey}");
+            apiKey = ctx.ApiKeys.Find(providedApiKey);
+            if (apiKey != null)
+            {
+                cache.Set($"apiKey-{providedApiKey}", (object)apiKey, DateTime.Now.AddMinutes(10));
+            }
+        }
+        else
+        {
+            apiKey = fromCache;
+        }
+        return ctx.ApiKeys.Any(k => k.Key == providedApiKey);
+    }
+}
--- a/Auth/ApiKeyTypes.cs
+++ b/Auth/ApiKeyTypes.cs
@@ -0,0 +1,9 @@
+namespace yaflay.ru.Auth
+{
+
+    public enum ApiKeyTypes
+    {
+        Public,
+        Private
+    }
+}