Removed old manual access token checking and switched to asp.net jwt handling. Removed old console subscriber handling and switched to full signal r solution + asp.net core auth

2025-04-13 00:09:06 +02:00
parent ec0c336825
commit 36cbc83c63
15 changed files with 181 additions and 380 deletions
--- a/MoonlightServers.Daemon/Http/Controllers/Servers/DownloadController.cs
+++ b/MoonlightServers.Daemon/Http/Controllers/Servers/DownloadController.cs
@@ -2,66 +2,34 @@ using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using MoonCore.Exceptions;
 using MoonlightServers.Daemon.Configuration;
-using MoonlightServers.Daemon.Helpers;
 using MoonlightServers.Daemon.Services;

 namespace MoonlightServers.Daemon.Http.Controllers.Servers;

-[AllowAnonymous]
 [ApiController]
 [Route("api/servers/download")]
+[Authorize(AuthenticationSchemes = "accessToken", Policy = "serverDownload")]
 public class DownloadController : Controller
 {
-    private readonly AccessTokenHelper AccessTokenHelper;
-    private readonly AppConfiguration Configuration;
    private readonly ServerService ServerService;

-    public DownloadController(
-        AccessTokenHelper accessTokenHelper,
-        ServerService serverService,
-        AppConfiguration configuration
-    )
+    public DownloadController(ServerService serverService)
    {
-        AccessTokenHelper = accessTokenHelper;
        ServerService = serverService;
-        Configuration = configuration;
    }

    [HttpGet]
-    public async Task Download([FromQuery] string token)
+    public async Task Download()
    {
-        #region Token validation
-
-        if (!AccessTokenHelper.Process(token, out var claims))
-            throw new HttpApiException("Invalid access token provided", 401);
-
-        var typeClaim = claims.FirstOrDefault(x => x.Type == "type");
-
-        if (typeClaim == null || typeClaim.Value != "download")
-            throw new HttpApiException("Invalid access token provided: Missing or invalid type", 401);
-
-        var serverIdClaim = claims.FirstOrDefault(x => x.Type == "serverId");
-
-        if (serverIdClaim == null || !int.TryParse(serverIdClaim.Value, out var serverId))
-            throw new HttpApiException("Invalid access token provided: Missing or invalid server id", 401);
-
-        var pathClaim = claims.FirstOrDefault(x => x.Type == "path");
-        
-        if(pathClaim == null || string.IsNullOrEmpty(pathClaim.Value))
-            throw new HttpApiException("Invalid access token provided: Missing or invalid path", 401);
-
-        #endregion
+        var serverId = int.Parse(User.Claims.First(x => x.Type == "serverId").Value);
+        var path = User.Claims.First(x => x.Type == "path").Value;

        var server = ServerService.GetServer(serverId);

        if (server == null)
            throw new HttpApiException("No server with this id found", 404);

-        var path = pathClaim.Value;
-
-        await server.FileSystem.Read(path, async dataStream =>
-        {
-            await Results.File(dataStream).ExecuteAsync(HttpContext);
-        });
+        await server.FileSystem.Read(path,
+            async dataStream => { await Results.File(dataStream).ExecuteAsync(HttpContext); });
    }
 }
--- a/MoonlightServers.Daemon/Http/Controllers/Servers/UploadController.cs
+++ b/MoonlightServers.Daemon/Http/Controllers/Servers/UploadController.cs
@@ -9,30 +9,26 @@ using MoonlightServers.Daemon.Services;
 namespace MoonlightServers.Daemon.Http.Controllers.Servers;

 [ApiController]
-[AllowAnonymous]
 [Route("api/servers/upload")]
+[Authorize(AuthenticationSchemes = "accessToken", Policy = "serverUpload")]
 public class UploadController : Controller
 {
-    private readonly AccessTokenHelper AccessTokenHelper;
    private readonly AppConfiguration Configuration;
    private readonly ServerService ServerService;

    private readonly long ChunkSize = ByteConverter.FromMegaBytes(20).Bytes; // TODO config

    public UploadController(
-        AccessTokenHelper accessTokenHelper,
        ServerService serverService,
        AppConfiguration configuration
    )
    {
-        AccessTokenHelper = accessTokenHelper;
        ServerService = serverService;
        Configuration = configuration;
    }

    [HttpPost]
    public async Task Upload(
-        [FromQuery] string token,
        [FromQuery] long totalSize, // TODO: Add limit in config
        [FromQuery] int chunkId,
        [FromQuery] string path
@@ -50,22 +46,7 @@ public class UploadController : Controller

        #endregion

-        #region Token validation
-
-        if (!AccessTokenHelper.Process(token, out var claims))
-            throw new HttpApiException("Invalid access token provided", 401);
-
-        var typeClaim = claims.FirstOrDefault(x => x.Type == "type");
-
-        if (typeClaim == null || typeClaim.Value != "upload")
-            throw new HttpApiException("Invalid access token provided: Missing or invalid type", 401);
-
-        var serverIdClaim = claims.FirstOrDefault(x => x.Type == "serverId");
-
-        if (serverIdClaim == null || !int.TryParse(serverIdClaim.Value, out var serverId))
-            throw new HttpApiException("Invalid access token provided: Missing or invalid server id", 401);
-
-        #endregion
+        var serverId = int.Parse(User.Claims.First(x => x.Type == "serverId").Value);

        #region Chunk calculation and validation