Add cookie/JWT-based authentication and user context headers
Introduce a new authentication mechanism using JWT tokens stored in cookies, with a custom CookieAuthHandler for API request authentication. Add AuthServiceSettings for configuration and UserHeaderHandler to propagate user context in outgoing HTTP requests. Update service registrations and configuration files to support the new authentication flow. Refactor CurrentUserService for simplicity. This enables stateless, cookie-based authentication and consistent user context across API calls.
This commit is contained in:
OlgunR
@@ -21,7 +21,18 @@ var appSettings = builder.Configuration.Get<AppSettings>() ?? new AppSettings();
|
||||
|
||||
// Alle API-Clients teilen sich denselben scoped CookieContainer (pro Blazor-Circuit),
|
||||
// damit das Auth-Cookie nach dem Login automatisch an alle Folgeanfragen angehängt wird.
|
||||
static HttpClient CreateHttpClientWithCookies(CookieContainer cookieContainer, string? baseUrl)
|
||||
// Der UserHeaderHandler ergänzt automatisch den X-Authenticated-User-Header.
|
||||
static HttpClient CreateApiHttpClient(CookieContainer cookieContainer, AuthService authService, string? baseUrl)
|
||||
{
|
||||
var inner = new HttpClientHandler { UseCookies = false };
|
||||
var handler = new UserHeaderHandler(authService) { InnerHandler = inner };
|
||||
var client = new HttpClient(handler);
|
||||
if (!string.IsNullOrWhiteSpace(baseUrl))
|
||||
client.BaseAddress = new Uri(baseUrl);
|
||||
return client;
|
||||
}
|
||||
|
||||
static HttpClient CreateAuthHttpClient(CookieContainer cookieContainer, string? baseUrl)
|
||||
{
|
||||
var handler = new HttpClientHandler { CookieContainer = cookieContainer, UseCookies = true };
|
||||
var client = new HttpClient(handler);
|
||||
@@ -36,7 +47,7 @@ builder.Services.AddScoped<IAuthApiClient>(sp =>
|
||||
var authBaseUrl = !string.IsNullOrWhiteSpace(appSettings.AuthService.BaseUrl)
|
||||
? appSettings.AuthService.BaseUrl
|
||||
: appSettings.BaseUrl;
|
||||
var client = CreateHttpClientWithCookies(cc, authBaseUrl);
|
||||
var client = CreateAuthHttpClient(cc, authBaseUrl);
|
||||
return new AuthApiClient(client, sp.GetRequiredService<AuthService>(), cc);
|
||||
});
|
||||
|
||||
@@ -45,16 +56,28 @@ var apiDefaultUrl = !string.IsNullOrWhiteSpace(appSettings.ApiDefaultUrl)
|
||||
: appSettings.BaseUrl;
|
||||
|
||||
builder.Services.AddScoped<ICatalogApiClient>(sp =>
|
||||
new CatalogApiClient(CreateHttpClientWithCookies(sp.GetRequiredService<CookieContainer>(), apiDefaultUrl)));
|
||||
new CatalogApiClient(CreateApiHttpClient(
|
||||
sp.GetRequiredService<CookieContainer>(),
|
||||
sp.GetRequiredService<AuthService>(),
|
||||
apiDefaultUrl)));
|
||||
|
||||
builder.Services.AddScoped<IDashboardApiClient>(sp =>
|
||||
new DashboardApiClient(CreateHttpClientWithCookies(sp.GetRequiredService<CookieContainer>(), apiDefaultUrl)));
|
||||
new DashboardApiClient(CreateApiHttpClient(
|
||||
sp.GetRequiredService<CookieContainer>(),
|
||||
sp.GetRequiredService<AuthService>(),
|
||||
apiDefaultUrl)));
|
||||
|
||||
builder.Services.AddScoped<IMassDataApiClient>(sp =>
|
||||
new MassDataApiClient(CreateHttpClientWithCookies(sp.GetRequiredService<CookieContainer>(), apiDefaultUrl)));
|
||||
new MassDataApiClient(CreateApiHttpClient(
|
||||
sp.GetRequiredService<CookieContainer>(),
|
||||
sp.GetRequiredService<AuthService>(),
|
||||
apiDefaultUrl)));
|
||||
|
||||
builder.Services.AddScoped<ILayoutApiClient>(sp =>
|
||||
new LayoutApiClient(CreateHttpClientWithCookies(sp.GetRequiredService<CookieContainer>(), apiDefaultUrl)));
|
||||
new LayoutApiClient(CreateApiHttpClient(
|
||||
sp.GetRequiredService<CookieContainer>(),
|
||||
sp.GetRequiredService<AuthService>(),
|
||||
apiDefaultUrl)));
|
||||
|
||||
var app = builder.Build();
|
||||
|
||||
|
||||
Reference in New Issue
Block a user