diff --git a/server/AyaNova/Controllers/AttachmentController.cs b/server/AyaNova/Controllers/AttachmentController.cs index 62932833..75fe7f56 100644 --- a/server/AyaNova/Controllers/AttachmentController.cs +++ b/server/AyaNova/Controllers/AttachmentController.cs @@ -209,7 +209,7 @@ namespace AyaNova.Api.Controllers List FileData = new List(); if ( - !uploadFormData.FormFieldData.ContainsKey("FileData") || + !uploadFormData.FormFieldData.ContainsKey("FileData") || !uploadFormData.FormFieldData.ContainsKey("AttachToObjectType") || !uploadFormData.FormFieldData.ContainsKey("AttachToObjectId")) { @@ -439,6 +439,8 @@ namespace AyaNova.Api.Controllers } + //this is necessary because they might have an expired JWT but this would just keep on working without a date check + //the default is the same timespan as the jwt so it's all good var utcNow = new DateTimeOffset(DateTime.Now.ToUniversalTime(), TimeSpan.Zero); if (DownloadUser.DlKeyExpire < utcNow.DateTime) { diff --git a/server/AyaNova/Controllers/AuthController.cs b/server/AyaNova/Controllers/AuthController.cs index 241eab95..535fd010 100644 --- a/server/AyaNova/Controllers/AuthController.cs +++ b/server/AyaNova/Controllers/AuthController.cs @@ -115,9 +115,7 @@ namespace AyaNova.Api.Controllers { "iat", iat.ToUnixTimeSeconds().ToString() }, { "exp", exp.ToUnixTimeSeconds().ToString() },//in payload exp must be in unix epoch time per standard { "iss", Issuer }, - { "id", "1" }, - { "name","Manager Account - TESTING"}, - { "ayanova/roles", "0" } + { "id", "1" } }; string TestToken = Jose.JWT.Encode(payload, secretKey, Algorithm); @@ -139,7 +137,9 @@ namespace AyaNova.Api.Controllers return Ok(ApiOkResponse.Response(new { - token = TestToken + token = TestToken, + name = "Manager Account - TESTING", + roles = "0" }, true)); } @@ -201,11 +201,7 @@ namespace AyaNova.Api.Controllers { "iat", iat.ToUnixTimeSeconds().ToString() }, { "exp", exp.ToUnixTimeSeconds().ToString() },//in payload exp must be in unix epoch time per standard { "iss", "ayanova.com" }, - { "id", u.Id.ToString() }, - { "name", u.Name}, - { "usertype", u.UserType}, - { "ayanova/roles", ((int)u.Roles).ToString()}, - { "dlt", DownloadToken } + { "id", u.Id.ToString() } }; @@ -220,16 +216,13 @@ namespace AyaNova.Api.Controllers log.LogDebug($"User number \"{u.Id}\" logged in from \"{Util.StringUtil.MaskIPAddress(HttpContext.Connection.RemoteIpAddress.ToString())}\" ok"); metrics.Measure.Meter.Mark(MetricsRegistry.SuccessfulLoginMeter); - //TODO: This needs to return the authorization roles of the user in the payload and it should all be in the token - //and remove the issued, expires id etc so that all that is returned is an encoded token with that info in it return Ok(ApiOkResponse.Response(new { - // ok = 1, - // issued = iat, - // expires = exp, - token = token - //, - //id = u.Id + token = token, + name = u.Name, + usertype = u.UserType, + roles = ((int)u.Roles).ToString(), + dlt = DownloadToken }, true)); } }