AppStd/EnvelopeGenerator
8
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Refactor receiver roles: rename FullyAuth/PreAuth for clarity

Browse Source 
Renamed receiver roles FullyAuth → Receiver.Full and PreAuth → Receiver.TFA across the codebase for improved clarity and consistency. Updated all usages, [Authorize] attributes, role checks, authentication logic, and authorization policies to use the new role names. Marked old constants as obsolete and pointed them to the new values. This change enhances code readability and groups receiver roles under the Receiver static class.
This commit is contained in:
tekh
2026-02-06 10:49:28 +01:00
parent 0d2425c9cf
commit ebed51b46a
9 changed files with 26 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
EnvelopeGenerator.Web/Controllers/EnvelopeController.cs
View File

@@ -107,7 +107,7 @@ public class EnvelopeController : ViewControllerBase
return this.ViewEnvelopeNotFound();
}
var er_secret = er_secret_res.Data;
await HttpContext.SignInEnvelopeAsync(er_secret, Role.FullyAuth);
await HttpContext.SignInEnvelopeAsync(er_secret, Role.ReceiverFull);
return await CreateShowEnvelopeView(er_secret);
}
#endregion UseAccessCode
@@ -172,7 +172,7 @@ public class EnvelopeController : ViewControllerBase
}
// show envelope if already logged in
if (User.IsInRole(Role.FullyAuth))
if (User.IsInRole(Role.ReceiverFull))
return await CreateShowEnvelopeView(er_secret);
if (auth.HasMulti)
@@ -206,7 +206,7 @@ public class EnvelopeController : ViewControllerBase
.WithData("ErrorMessage", _localizer.WrongEnvelopeReceiverId());
}
await HttpContext.SignInEnvelopeAsync(er_secret, Role.FullyAuth);
await HttpContext.SignInEnvelopeAsync(er_secret, Role.ReceiverFull);
return await CreateShowEnvelopeView(er_secret);
}
@@ -225,9 +225,9 @@ public class EnvelopeController : ViewControllerBase
&& uuidClaim == er.Envelope?.Uuid
&& signatureClaim is not null
&& signatureClaim == er.Receiver?.Signature
&& User.IsInRole(Role.FullyAuth))
&& User.IsInRole(Role.ReceiverFull))
{
await HttpContext.SignInEnvelopeAsync(er, Role.FullyAuth);
await HttpContext.SignInEnvelopeAsync(er, Role.ReceiverFull);
//add PSPDFKit licence key
ViewData["PSPDFKitLicenseKey"] = _configuration["PSPDFKitLicenseKey"];
@@ -262,7 +262,7 @@ public class EnvelopeController : ViewControllerBase
return this.ViewDocumentNotFound();
}
await HttpContext.SignInEnvelopeAsync(er, Role.FullyAuth);
await HttpContext.SignInEnvelopeAsync(er, Role.ReceiverFull);
ViewData["ReadAndConfirm"] = er.Envelope.ReadOnly;
@@ -334,7 +334,7 @@ public class EnvelopeController : ViewControllerBase
await _rcvService.UpdateAsync(rcv);
}
await HttpContext.SignInEnvelopeAsync(er_secret, Role.PreAuth);
await HttpContext.SignInEnvelopeAsync(er_secret, Role.ReceiverTFA);
return await TFAViewAsync(auth.UserSelectSMS, er_secret, envelopeReceiverId);
}
@@ -348,7 +348,7 @@ public class EnvelopeController : ViewControllerBase
if (er_secret.Receiver!.TotpSecretkey is null)
throw new InvalidOperationException($"TotpSecretkey of DTO cannot validate without TotpSecretkey. Dto: {JsonConvert.SerializeObject(er_secret)}");
if (!User.IsInRole(Role.PreAuth) || !_envSmsHandler.VerifyTotp(auth.SmsCode!, er_secret.Receiver.TotpSecretkey))
if (!User.IsInRole(Role.ReceiverTFA) || !_envSmsHandler.VerifyTotp(auth.SmsCode!, er_secret.Receiver.TotpSecretkey))
{
Response.StatusCode = StatusCodes.Status401Unauthorized;
ViewData["ErrorMessage"] = _localizer.WrongAccessCode();
@@ -364,7 +364,7 @@ public class EnvelopeController : ViewControllerBase
if (er_secret.Receiver!.TotpSecretkey is null)
throw new InvalidOperationException($"TotpSecretkey of DTO cannot validate without TotpSecretkey. Dto: {JsonConvert.SerializeObject(er_secret)}");
if (!User.IsInRole(Role.PreAuth) || !_authenticator.VerifyTotp(auth.AuthenticatorCode!, er_secret.Receiver.TotpSecretkey, window: VerificationWindow.RfcSpecifiedNetworkDelay))
if (!User.IsInRole(Role.ReceiverTFA) || !_authenticator.VerifyTotp(auth.AuthenticatorCode!, er_secret.Receiver.TotpSecretkey, window: VerificationWindow.RfcSpecifiedNetworkDelay))
{
Response.StatusCode = StatusCodes.Status401Unauthorized;
ViewData["ErrorMessage"] = _localizer.WrongAccessCode();