Tweaks (#1890)

* Updated number inputs with a more mobile friendly control * Started writing lots of unit tests on PersonHelper to try and hammer out foreign constraint * Fixes side-nav actionable alignment * Added some unit tests * Buffed out the unit tests * Applied input modes throughout the app * Fixed a small bug in refresh token validation to make it work correctly * Try out a new way to block multithreading from interacting with people during series metadata update. * Fixed the lock code to properly lock, which should help with any constraint issues. * Locking notes * Tweaked locking on people to prevent a constraint issue. This slows down the scanner a bit, but not much. Will tweak after validating on a user's server. * Replaced all DBFactory.Series with SeriesBuilder. * Replaced all DBFactory.Volume() with VolumeBuilder * Replaced SeriesMetadata with Builder * Replaced DBFactory.CollectionTag * Lots of refactoring to streamline entity creation * Fixed one of the unit tests * Refactored all of new Library() * Removed tag and genre * Removed new SeriesMetadata * Refactored new Volume() * MangaFile() * ReadingList() * Refactored all of Chapter and ReadingList * Add title to all event widget flows * Updated Base Url to inform user it doesn't work for docker users with non-root user. * Added unit test coverage to FormatChapterTitle and FormatChapterName. * Started on Unit test for scanner, but need to finish it later. --------- Co-authored-by: Robbie Davis <robbie@therobbiedavis.com>
2023-03-19 12:52:44 -05:00 · 2023-03-19 12:52:44 -05:00 · 385f61f9f0
commit 385f61f9f0
parent eec03d7e96
105 changed files with 2257 additions and 2660 deletions
--- a/API/Services/TokenService.cs
+++ b/API/Services/TokenService.cs
@ -28,6 +28,7 @@ public class TokenService : ITokenService
 {
    private readonly UserManager<AppUser> _userManager;
    private readonly SymmetricSecurityKey _key;
+    private const string RefreshTokenName = "RefreshToken";

    public TokenService(IConfiguration config, UserManager<AppUser> userManager)
    {
@ -65,28 +66,40 @@ public class TokenService : ITokenService

    public async Task<string> CreateRefreshToken(AppUser user)
    {
-        await _userManager.RemoveAuthenticationTokenAsync(user, TokenOptions.DefaultProvider, "RefreshToken");
-        var refreshToken = await _userManager.GenerateUserTokenAsync(user, TokenOptions.DefaultProvider, "RefreshToken");
-        await _userManager.SetAuthenticationTokenAsync(user, TokenOptions.DefaultProvider, "RefreshToken", refreshToken);
+        await _userManager.RemoveAuthenticationTokenAsync(user, TokenOptions.DefaultProvider, RefreshTokenName);
+        var refreshToken = await _userManager.GenerateUserTokenAsync(user, TokenOptions.DefaultProvider, RefreshTokenName);
+        await _userManager.SetAuthenticationTokenAsync(user, TokenOptions.DefaultProvider, RefreshTokenName, refreshToken);
        return refreshToken;
    }

    public async Task<TokenRequestDto?> ValidateRefreshToken(TokenRequestDto request)
    {
-        var tokenHandler = new JwtSecurityTokenHandler();
-        var tokenContent = tokenHandler.ReadJwtToken(request.Token);
-        var username = tokenContent.Claims.FirstOrDefault(q => q.Type == JwtRegisteredClaimNames.NameId)?.Value;
-        if (string.IsNullOrEmpty(username)) return null;
-        var user = await _userManager.FindByNameAsync(username);
-        if (user == null) return null; // This forces a logout
-        await _userManager.VerifyUserTokenAsync(user, TokenOptions.DefaultProvider, "RefreshToken", request.RefreshToken);
-
-        await _userManager.UpdateSecurityStampAsync(user);
-
-        return new TokenRequestDto()
+        try
        {
-            Token = await CreateToken(user),
-            RefreshToken = await CreateRefreshToken(user)
-        };
+            var tokenHandler = new JwtSecurityTokenHandler();
+            var tokenContent = tokenHandler.ReadJwtToken(request.Token);
+            var username = tokenContent.Claims.FirstOrDefault(q => q.Type == JwtRegisteredClaimNames.NameId)?.Value;
+            if (string.IsNullOrEmpty(username)) return null;
+            var user = await _userManager.FindByIdAsync(username);
+            if (user == null) return null; // This forces a logout
+            var validated = await _userManager.VerifyUserTokenAsync(user, TokenOptions.DefaultProvider, RefreshTokenName, request.RefreshToken);
+            if (!validated) return null;
+            await _userManager.UpdateSecurityStampAsync(user);
+
+            return new TokenRequestDto()
+            {
+                Token = await CreateToken(user),
+                RefreshToken = await CreateRefreshToken(user)
+            };
+        } catch (SecurityTokenExpiredException)
+        {
+            // Handle expired token
+            return null;
+        }
+        catch (Exception)
+        {
+            // Handle other exceptions
+            return null;
+        }
    }
 }