admin/raven
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Browse Source
This commit is contained in:
John Cardinal
2018-11-01 14:46:40 +00:00
parent 66180cdc1c
commit 788e101a3f
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
server/AyaNova/Controllers/AuthController.cs
View File

@@ -130,6 +130,10 @@ namespace AyaNova.Api.Controllers
//issue tokens as well, but it looked cmplex and this works so unless need to remove in future keeping it. //issue tokens as well, but it looked cmplex and this works so unless need to remove in future keeping it.
string token = Jose.JWT.Encode(payload, secretKey, Jose.JwsAlgorithm.HS256); string token = Jose.JWT.Encode(payload, secretKey, Jose.JwsAlgorithm.HS256);
//TODO: Before release double check that security of JWT is still ok:
//https://assets.pentesterlab.com/jwt_security_cheatsheet/jwt_security_cheatsheet.pdf
//https://github.com/ticarpi/jwt_tool
log.LogDebug($"User number \"{u.Id}\" logged in from \"{Util.StringUtil.MaskIPAddress(HttpContext.Connection.RemoteIpAddress.ToString())}\" ok"); log.LogDebug($"User number \"{u.Id}\" logged in from \"{Util.StringUtil.MaskIPAddress(HttpContext.Connection.RemoteIpAddress.ToString())}\" ok");
metrics.Measure.Meter.Mark(MetricsRegistry.SuccessfulLoginMeter); metrics.Measure.Meter.Mark(MetricsRegistry.SuccessfulLoginMeter);