UNOV/mycorerepository
1
0
Fork 0
mirror of https://bitbucket.org/myhomie/mycorerepository.git synced 2025-12-06 09:41:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update token controller for security (in body instead of url)

Browse Source
This commit is contained in:
Thomas Fransolet 2020-03-04 23:13:25 +01:00
parent 45fbed654a
commit 8c0468a22e
5 changed files with 23 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
MyCore/Controllers/OddController.cs
View File

@ -90,7 +90,7 @@ namespace MyCore.Controllers
} }
} }
public async Task<List<OddNice>> GetOddsForCountry(string id, double oddRequest) private async Task<List<OddNice>> GetOddsForCountry(string id, double oddRequest)
{ {
League league = new League(id); League league = new League(id);
var result = await oddService.GetOddsForLeague(league); var result = await oddService.GetOddsForLeague(league);
@ -116,7 +116,7 @@ namespace MyCore.Controllers
} }
return oddToKeep; return oddToKeep;
} }
/*
// POST api/values // POST api/values
[HttpPost] [HttpPost]
public void Post([FromBody] string value) public void Post([FromBody] string value)
@ -136,6 +136,6 @@ namespace MyCore.Controllers
public void Delete(int id) public void Delete(int id)
{ {
// For more information on protecting this API from Cross Site Request Forgery (CSRF) attacks, see https://go.microsoft.com/fwlink/?LinkID=717803 // For more information on protecting this API from Cross Site Request Forgery (CSRF) attacks, see https://go.microsoft.com/fwlink/?LinkID=717803
} }*/
} }
} }

9
MyCore/Controllers/TokenController.cs
View File

@ -10,6 +10,7 @@ using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using Microsoft.IdentityModel.Tokens; using Microsoft.IdentityModel.Tokens;
using MyCore.DTO;
using MyCore.Models; using MyCore.Models;
using MyCore.Services; using MyCore.Services;
@ -31,14 +32,14 @@ namespace MyCore.Controllers
[AllowAnonymous] [AllowAnonymous]
[HttpPost] [HttpPost]
public ActionResult<UserInfo> Create(string email, string password) public ActionResult<UserInfo> ConnectUser([FromBody] TokenDTO tokenDTO)
{ {
//string test = _TokenService.GenerateSHA256String(password); //string test = _TokenService.GenerateSHA256String(password);
if (IsValidUserAndPasswordCombination(email, password)) if (IsValidUserAndPasswordCombination(tokenDTO.Email, tokenDTO.Password))
{ {
UserInfo user = _userService.GetUserByEmail(email); UserInfo user = _userService.GetUserByEmail(tokenDTO.Email);
user.Token = _tokenService.GenerateToken(email).ToString(); user.Token = _tokenService.GenerateToken(tokenDTO.Email).ToString();
return user; return user;
} }

13
MyCore/DTO/TokenDTO.cs Normal file
View File

@ -0,0 +1,13 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
namespace MyCore.DTO
{
public class TokenDTO
{
public string Email { get; set; }
public string Password { get; set; }
}
}

2
MyCore/Startup.cs
View File

@ -30,7 +30,7 @@ namespace MyCore
//MerossService merossService = new MerossService(); //MerossService merossService = new MerossService();
ArloService arloService = new ArloService(); //ArloService arloService = new ArloService();
} }
public IConfiguration Configuration { get; } public IConfiguration Configuration { get; }

2
swagger.json
View File

File diff suppressed because one or more lines are too long