Refactor game authentication code to use ASP.NET JWT Authentication (#…

…1135) Previously, the authentication code manually read the ID token and BaaS JWKs and determined its validity using `JsonWebTokenHandler`. It then threw an exception if the token was invalid, and relied on `ExceptionHandlerMiddleware` to return the appropriate status code for the game. When I implemented JWT authentication for the website, I used the in-box ASP.NET `AddJwtBearer` authentication and it greatly simplified matters. I have been meaning to do the same for the game authentication code for a while. I got the final push I needed after #1129 which changed it so that every expired token error was logged as an unhandled exception. This clutters the logs and introduces misleading metrics in Grafana: ![image](https://github.com/user-attachments/assets/6045c18c-3fa0-401a-97a7-e7d5da3e508c) As part of simplifying the authentication code, I have also removed the legacy authentication flow, which the server used in its first weeks being live before BaaS was established. This means we now have a hard dependency on BaaS, but it is now open source and available for anyone to host. This old authentication flow had not been tested in literal years, so there's a good chance it wasn't functional anyway.
SapiensAnatis · Oct 31, 2024 · 7ac43e1 · 7ac43e1
1 parent dd9de22
commit 7ac43e1
Show file tree

Hide file tree

Showing 73 changed files with 3,501 additions and 2,042 deletions.
diff --git a/Aspire/Dawnshard.AppHost/appsettings.json b/Aspire/Dawnshard.AppHost/appsettings.json
@@ -7,6 +7,5 @@
     }
   },
   "EnableStateManager": false,
-  "EnableWebsite": false,
-  "EnableGrafana": false
+  "EnableWebsite": false
 }
diff --git a/DragaliaAPI/DragaliaAPI.Database.Test/Repositories/DeviceAccountRepositoryTest.cs b/DragaliaAPI/DragaliaAPI.Database.Test/Repositories/DeviceAccountRepositoryTest.cs
diff --git a/DragaliaAPI/DragaliaAPI.Database/ApiContext.cs b/DragaliaAPI/DragaliaAPI.Database/ApiContext.cs
@@ -21,10 +21,6 @@ IPlayerIdentityService playerIdentityService
         this.playerIdentityService = playerIdentityService;
     }
 
-#pragma warning disable CS0618 // Type or member is obsolete
-    public DbSet<DbDeviceAccount> DeviceAccounts { get; set; } = null!;
-#pragma warning restore CS0618 // Type or member is obsolete
-
     public DbSet<DbPlayer> Players { get; set; } = null!;
 
     public DbSet<DbPlayerUserData> PlayerUserData { get; set; } = null!;

diff --git a/DragaliaAPI/DragaliaAPI.Database/DatabaseConfiguration.cs b/DragaliaAPI/DragaliaAPI.Database/DatabaseConfiguration.cs
@@ -38,9 +38,6 @@ IConfiguration config
                         .EnableDetailedErrors();
                 }
             )
-#pragma warning disable CS0618 // Type or member is obsolete
-            .AddScoped<IDeviceAccountRepository, DeviceAccountRepository>()
-#pragma warning restore CS0618 // Type or member is obsolete
             .AddScoped<IUserDataRepository, UserDataRepository>()
             .AddScoped<IUnitRepository, UnitRepository>()
             .AddScoped<IInventoryRepository, InventoryRepository>()

diff --git a/DragaliaAPI/DragaliaAPI.Database/Entities/DbDeviceAccount.cs b/DragaliaAPI/DragaliaAPI.Database/Entities/DbDeviceAccount.cs