Aktualisierte EnvelopeClaims

2024-05-24 11:39:12 +02:00 · 2024-05-24 11:39:12 +02:00 · b60ae62779
commit b60ae62779
parent 7863e861c7
8 changed files with 46 additions and 4 deletions
--- a/EnvelopeGenerator.Application/Resources/Resource.de-DE.resx
+++ b/EnvelopeGenerator.Application/Resources/Resource.de-DE.resx
@ -141,4 +141,10 @@
  <data name="LockedTitle" xml:space="preserve">
    <value>Dokument erfordert einen Zugriffscode</value>
  </data>
  <data name="UnexpectedError" xml:space="preserve">
    <value>Ein unerwarteter Fehler ist aufgetreten.</value>
  </data>
  <data name="WrongAccessCode" xml:space="preserve">
    <value>Ungültiger Zugangscode.</value>
  </data>
 </root>
--- a/EnvelopeGenerator.Application/Resources/Resource.en-US.resx
+++ b/EnvelopeGenerator.Application/Resources/Resource.en-US.resx
@ -141,4 +141,10 @@
  <data name="LockedTitle" xml:space="preserve">
    <value>Document requires an access code</value>
  </data>
  <data name="UnexpectedError" xml:space="preserve">
    <value>An unexpected error has occurred.</value>
  </data>
  <data name="WrongAccessCode" xml:space="preserve">
    <value>Invalid access code.</value>
  </data>
 </root>
--- a/EnvelopeGenerator.Web/Controllers/HomeController.cs
+++ b/EnvelopeGenerator.Web/Controllers/HomeController.cs
@ -154,10 +154,18 @@ namespace EnvelopeGenerator.Web.Controllers
                                            return this.ViewDocumentNotFound();
                                        }
-                                        var claims = new List<Claim> { new(ClaimTypes.NameIdentifier, uuid), new(ClaimTypes.Hash, signature) };
+                                        var claims = new List<Claim> { 
                                            new(ClaimTypes.NameIdentifier, uuid),
                                            new(ClaimTypes.Hash, signature),
                                            new(ClaimTypes.Name, er.Name ?? string.Empty),
                                            new(ClaimTypes.Email, er.Receiver.EmailAddress),
                                            new(EnvelopeClaimTypes.Title, er.Envelope.Title)
                                        };
                                        var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
-                                        var authProperties = new AuthenticationProperties { };
+                                        var authProperties = new AuthenticationProperties {
                                            AllowRefresh = false
                                        };
                                        await HttpContext.SignInAsync(
                                            CookieAuthenticationDefaults.AuthenticationScheme,
--- a/EnvelopeGenerator.Web/EnvelopeClaimTypes.cs
+++ b/EnvelopeGenerator.Web/EnvelopeClaimTypes.cs
@ -0,0 +1,13 @@
 namespace EnvelopeGenerator.Web
 {
    /// <summary>
    /// Provides custom claim types for envelope-related information.
    /// </summary>
    public static class EnvelopeClaimTypes
    {
        /// <summary>
        /// Claim type for the title of an envelope.
        /// </summary>
        public static readonly string Title = $"Envelope{nameof(Title)}";
    }
 }
--- a/EnvelopeGenerator.Web/Program.cs
+++ b/EnvelopeGenerator.Web/Program.cs
@ -129,7 +129,8 @@ try
        options.Cookie.HttpOnly = true;         // Makes the cookie inaccessible to client-side scripts for security
        options.Cookie.SecurePolicy = CookieSecurePolicy.SameAsRequest; // Ensures cookies are sent over HTTPS only
        options.Cookie.SameSite = SameSiteMode.Strict; // Protects against CSRF attacks by restricting how cookies are sent with requests from external sites
-    
+        options.ExpireTimeSpan = TimeSpan.FromMinutes(5);
        options.Events = new CookieAuthenticationEvents
        {
            OnRedirectToLogin = context =>
--- a/EnvelopeGenerator.Web/Views/Shared/_Layout.cshtml
+++ b/EnvelopeGenerator.Web/Views/Shared/_Layout.cshtml
@ -22,6 +22,7 @@
    <script src="~/lib/pspdfkit/pspdfkit.js" asp-append-version="true"></script>
    <script src="~/lib/bootstrap-cookie-consent-settings-main/bootstrap-cookie-consent-settings.js" asp-append-version="true"></script>
    <script src="~/js/util.js" asp-append-version="true"></script>
    <script src="~/js/api.js" asp-append-version="true"></script>
    @await RenderSectionAsync("Scripts", required: false)
    <main role="main">
        <partial name="_CookieConsentPartial" />
--- a/EnvelopeGenerator.Web/wwwroot/js/api.js
+++ b/EnvelopeGenerator.Web/wwwroot/js/api.js
@ -0,0 +1,7 @@
 const submitForm = async form => await fetch(form.action, {
    method: form.method,
    body: new FormData(form),
    headers: {
        "X-Requested-With": "XMLHttpRequest"
    }
 })
--- a/EnvelopeGenerator.Web/wwwroot/js/ui.js
+++ b/EnvelopeGenerator.Web/wwwroot/js/ui.js
@ -123,4 +123,4 @@
    return annotationPresets
  }
-}
+}