feat(client): update AuthService to use encrypted login
This commit is contained in:
Joseph Doherty
@@ -1,74 +1,66 @@
|
||||
using System.Net.Http.Json;
|
||||
using JdeScoping.Client.Auth;
|
||||
using JdeScoping.Client.Models;
|
||||
using JdeScoping.Core.Models.Auth;
|
||||
|
||||
namespace JdeScoping.Client.Services;
|
||||
|
||||
/// <summary>
|
||||
/// Handles authentication via API calls with cookie-based auth.
|
||||
/// Handles authentication via encrypted API calls with cookie-based auth.
|
||||
/// </summary>
|
||||
public class AuthService : IAuthService
|
||||
{
|
||||
private readonly HttpClient _httpClient;
|
||||
private readonly ICryptoService _cryptoService;
|
||||
private readonly AuthStateProvider _authStateProvider;
|
||||
|
||||
public AuthService(
|
||||
HttpClient httpClient,
|
||||
ICryptoService cryptoService,
|
||||
AuthStateProvider authStateProvider)
|
||||
{
|
||||
_httpClient = httpClient;
|
||||
_cryptoService = cryptoService;
|
||||
_authStateProvider = authStateProvider;
|
||||
}
|
||||
|
||||
public async Task<AuthResult> LoginAsync(LoginModel model)
|
||||
public async Task<LoginResultModel> LoginAsync(LoginModel model)
|
||||
{
|
||||
try
|
||||
{
|
||||
var response = await _httpClient.PostAsJsonAsync("api/auth/login", new
|
||||
// Encrypt credentials
|
||||
var encryptedData = await _cryptoService.EncryptLoginAsync(model);
|
||||
var request = new EncryptedLoginRequest(encryptedData);
|
||||
|
||||
// Send encrypted request
|
||||
var response = await _httpClient.PostAsJsonAsync("api/auth/login", request);
|
||||
|
||||
var result = await response.Content.ReadFromJsonAsync<LoginResultModel>();
|
||||
if (result is null)
|
||||
{
|
||||
model.Username,
|
||||
model.Password
|
||||
});
|
||||
|
||||
if (response.IsSuccessStatusCode)
|
||||
{
|
||||
// API returns UserInfo and sets auth cookie
|
||||
var userInfo = await response.Content.ReadFromJsonAsync<UserInfoViewModel>();
|
||||
if (userInfo != null)
|
||||
{
|
||||
// Notify auth state provider of the login
|
||||
await _authStateProvider.MarkUserAsAuthenticated(userInfo);
|
||||
|
||||
return new AuthResult
|
||||
{
|
||||
Success = true,
|
||||
User = userInfo
|
||||
};
|
||||
}
|
||||
|
||||
return new AuthResult
|
||||
{
|
||||
Success = false,
|
||||
ErrorMessage = "Invalid response from server"
|
||||
};
|
||||
return new LoginResultModel(false, "Invalid response from server", null);
|
||||
}
|
||||
|
||||
var errorContent = await response.Content.ReadAsStringAsync();
|
||||
return new AuthResult
|
||||
if (result.Success && result.User is not null)
|
||||
{
|
||||
Success = false,
|
||||
ErrorMessage = string.IsNullOrEmpty(errorContent)
|
||||
? "Login failed. Please check your credentials."
|
||||
: errorContent
|
||||
};
|
||||
// Notify auth state provider of the login
|
||||
var userViewModel = new UserInfoViewModel
|
||||
{
|
||||
Username = result.User.Username,
|
||||
FirstName = result.User.FirstName,
|
||||
LastName = result.User.LastName,
|
||||
DisplayName = result.User.DisplayName,
|
||||
EmailAddress = result.User.EmailAddress,
|
||||
Title = result.User.Title
|
||||
};
|
||||
await _authStateProvider.MarkUserAsAuthenticated(userViewModel);
|
||||
}
|
||||
|
||||
return result;
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
return new AuthResult
|
||||
{
|
||||
Success = false,
|
||||
ErrorMessage = $"Login failed: {ex.Message}"
|
||||
};
|
||||
return new LoginResultModel(false, $"Login failed: {ex.Message}", null);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -76,7 +68,6 @@ public class AuthService : IAuthService
|
||||
{
|
||||
try
|
||||
{
|
||||
// Call logout endpoint to clear server-side cookie
|
||||
await _httpClient.PostAsync("api/auth/logout", null);
|
||||
}
|
||||
catch
|
||||
|
||||
Reference in New Issue
Block a user