This commit is contained in:
@@ -121,8 +121,9 @@ namespace AyaNova.Api.Controllers
|
||||
{
|
||||
{ "iat", iat.ToUnixTimeSeconds().ToString() },
|
||||
{ "exp", exp.ToUnixTimeSeconds().ToString() },//in payload exp must be in unix epoch time per standard
|
||||
{ "iss", "AyaNova" },
|
||||
{ "id", u.Id.ToString() }
|
||||
{ "iss", "ayanova.com" },
|
||||
{ "id", u.Id.ToString() },
|
||||
{ "ayanova/roles", ((int)u.Roles).ToString() }
|
||||
};
|
||||
|
||||
|
||||
@@ -137,6 +138,9 @@ namespace AyaNova.Api.Controllers
|
||||
|
||||
log.LogDebug($"User number \"{u.Id}\" logged in from \"{Util.StringUtil.MaskIPAddress(HttpContext.Connection.RemoteIpAddress.ToString())}\" ok");
|
||||
metrics.Measure.Meter.Mark(MetricsRegistry.SuccessfulLoginMeter);
|
||||
|
||||
//TODO: This needs to return the authorization roles of the user in the payload and it should all be in the token
|
||||
//and remove the issued, expires id etc so that all that is returned is an encoded token with that info in it
|
||||
return Ok(new ApiOkResponse(new
|
||||
{
|
||||
ok = 1,
|
||||
|
||||
@@ -234,13 +234,13 @@ namespace AyaNova
|
||||
RequireSignedTokens = true,
|
||||
IssuerSigningKey = signingKey,
|
||||
ValidateIssuer = true,
|
||||
ValidIssuer = "AyaNova",
|
||||
ValidIssuer = "ayanova.com",
|
||||
ValidateAudience = false,
|
||||
//ValidAudience = "http://localhost:7575/"
|
||||
|
||||
// Token will only be valid if not expired yet, with 5 minutes clock skew.
|
||||
ValidateLifetime = true,
|
||||
RequireExpirationTime = true,
|
||||
RequireExpirationTime = true,
|
||||
ClockSkew = new TimeSpan(0, 5, 0),
|
||||
};
|
||||
});
|
||||
|
||||
Reference in New Issue
Block a user