Moonlight-Panel/Servers
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Improved jwt handling for node access tokens. Switched to di plugin system

Browse Source
This commit is contained in:
ChiaraBm
2025-02-24 21:03:23 +01:00
parent 67efe71247
commit a8d867c3c7
11 changed files with 101 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
MoonlightServers.ApiServer/Http/Controllers/Users/ServerPowerController.cs
View File

@@ -4,6 +4,7 @@ using Microsoft.EntityFrameworkCore;
using MoonCore.Exceptions;
using MoonCore.Extended.Abstractions;
using MoonCore.Extensions;
using MoonCore.Helpers;
using MoonlightServers.ApiServer.Database.Entities;
using MoonlightServers.ApiServer.Services;
@@ -117,7 +118,9 @@ public class ServerPowerController : Controller
if (server.OwnerId == userId) // The current user is the owner
return server;
if (User.HasPermission("admin.servers.get")) // The current user is an admin
var permissions = User.Claims.First(x => x.Type == "permissions").Value.Split(";", StringSplitOptions.RemoveEmptyEntries);
if (PermissionHelper.HasPermission(permissions, "admin.servers.get")) // The current user is an admin
return server;
throw new HttpApiException("No server with this id found", 404);

5
MoonlightServers.ApiServer/Http/Controllers/Users/ServersController.cs
View File

@@ -5,6 +5,7 @@ using MoonCore.Extended.PermFilter;
using MoonCore.Exceptions;
using MoonCore.Extended.Abstractions;
using MoonCore.Extensions;
using MoonCore.Helpers;
using MoonCore.Models;
using Moonlight.ApiServer.Database.Entities;
using MoonlightServers.ApiServer.Database.Entities;
@@ -198,7 +199,9 @@ public class ServersController : Controller
if (server.OwnerId == userId) // The current user is the owner
return server;
if (User.HasPermission("admin.servers.get")) // The current user is an admin
var permissions = User.Claims.First(x => x.Type == "permissions").Value.Split(";", StringSplitOptions.RemoveEmptyEntries);
if (PermissionHelper.HasPermission(permissions, "admin.servers.get")) // The current user is an admin
return server;
throw new HttpApiException("No server with this id found", 404);

39
MoonlightServers.ApiServer/Services/NodeService.cs
View File

@@ -1,3 +1,7 @@
using System.IdentityModel.Tokens.Jwt;
using System.Security.Claims;
using System.Text;
using Microsoft.IdentityModel.Tokens;
using MoonCore.Attributes;
using MoonCore.Extended.Helpers;
using MoonCore.Helpers;
@@ -20,20 +24,43 @@ public class NodeService
url += "http://";
url += $"{node.Fqdn}:{node.HttpPort}/";
var httpClient = new HttpClient()
{
BaseAddress = new Uri(url)
};
httpClient.DefaultRequestHeaders.Add("Authorization", $"Bearer {node.Token}");
return new HttpApiClient(httpClient);
}
public string CreateAccessToken(Node node, Action<Dictionary<string, object>> parameters, TimeSpan duration)
=> JwtHelper.Encode(node.Token, parameters, duration);
{
var claims = new Dictionary<string, object>();
parameters.Invoke(claims);
var jwtSecurityTokenHandler = new JwtSecurityTokenHandler();
var securityTokenDescriptor = new SecurityTokenDescriptor()
{
Expires = DateTime.UtcNow.Add(duration),
NotBefore = DateTime.UtcNow.AddSeconds(-1),
Claims = claims,
IssuedAt = DateTime.UtcNow,
SigningCredentials = new SigningCredentials(
new SymmetricSecurityKey(Encoding.UTF8.GetBytes(
node.Token
)),
SecurityAlgorithms.HmacSha256
)
};
var securityToken = jwtSecurityTokenHandler.CreateJwtSecurityToken(securityTokenDescriptor);
return jwtSecurityTokenHandler.WriteToken(securityToken);
}
public async Task<SystemStatusResponse> GetSystemStatus(Node node)
{
using var apiClient = await CreateApiClient(node);
@@ -47,13 +74,13 @@ public class NodeService
using var apiClient = await CreateApiClient(node);
return await apiClient.GetJson<StatisticsApplicationResponse>("api/statistics/application");
}
public async Task<StatisticsHostResponse> GetHostStatistics(Node node)
{
using var apiClient = await CreateApiClient(node);
return await apiClient.GetJson<StatisticsHostResponse>("api/statistics/host");
}
public async Task<StatisticsDockerResponse> GetDockerStatistics(Node node)
{
using var apiClient = await CreateApiClient(node);

15
MoonlightServers.ApiServer/Startup/DatabaseStartup.cs
View File

@@ -1,15 +0,0 @@
using Moonlight.ApiServer.Helpers;
using Moonlight.ApiServer.Interfaces.Startup;
using MoonlightServers.ApiServer.Database;
namespace MoonlightServers.ApiServer.Startup;
public class DatabaseStartup : IDatabaseStartup
{
public Task ConfigureDatabase(DatabaseContextCollection collection)
{
collection.Add<ServersDataContext>();
return Task.CompletedTask;
}
}

18
MoonlightServers.ApiServer/Startup/PluginStartup.cs
View File

@@ -1,10 +1,12 @@
using MoonCore.Extensions;
using Moonlight.ApiServer.Helpers;
using Moonlight.ApiServer.Interfaces.Startup;
using Moonlight.ApiServer.Services;
using MoonlightServers.ApiServer.Database;
namespace MoonlightServers.ApiServer.Startup;
public class PluginStartup : IAppStartup
public class PluginStartup : IPluginStartup
{
private readonly BundleService BundleService;
@@ -13,19 +15,27 @@ public class PluginStartup : IAppStartup
BundleService = bundleService;
}
public Task BuildApp(IHostApplicationBuilder builder)
public Task BuildApplication(IHostApplicationBuilder builder)
{
// Scan the current plugin assembly for di services
builder.Services.AutoAddServices<PluginStartup>();
BundleService.BundleCss("css/MoonlightServers.min.css");
BundleService.BundleCss("css/XtermBlazor.min.css");
return Task.CompletedTask;
}
public Task ConfigureApp(IApplicationBuilder app)
public Task ConfigureApplication(IApplicationBuilder app)
=> Task.CompletedTask;
public Task ConfigureDatabase(DatabaseContextCollection collection)
{
collection.Add<ServersDataContext>();
return Task.CompletedTask;
}
public Task ConfigureEndpoints(IEndpointRouteBuilder routeBuilder)
=> Task.CompletedTask;
}