fix (token) : invalidation (#124)

Star-Academy · Sep 9, 2024 · 2d49167 · 2d49167
1 parent 5278600
commit 2d49167
Show file tree

Hide file tree

Showing 6 changed files with 13 additions and 9 deletions.
diff --git a/AnalysisData/AnalysisData/Controllers/GraphController/CategoriesController.cs b/AnalysisData/AnalysisData/Controllers/GraphController/CategoriesController.cs
@@ -29,7 +29,7 @@ public async Task<IActionResult> GetCategories(int pageNumber = 0, int pageSize
     public async Task<IActionResult> GetAllCategoriesWithOutPagination()
     {
         var categories = await _categoryService.GetAllCategoriesWithoutPaginationAsync();
-        return Ok(categories);
+        return Ok(categories.Categories);
     }
 
     [Authorize(Policy = "silver")]

diff --git a/AnalysisData/AnalysisData/Dtos/GraphDto/CategoryDto/GetAllCategoryDto.cs b/AnalysisData/AnalysisData/Dtos/GraphDto/CategoryDto/GetAllCategoryDto.cs
@@ -5,4 +5,9 @@ namespace AnalysisData.Dtos.GraphDto.CategoryDto;
 public class GetAllCategoryDto
 {
     public IEnumerable<Category> Categories;
+
+    public GetAllCategoryDto(IEnumerable<Category> categories)
+    {
+        Categories = categories;
+    }
 }
diff --git a/.../Repositories/PasswordResetTokensRepository/Abstraction/IPasswordResetTokensRepository.cs b/.../Repositories/PasswordResetTokensRepository/Abstraction/IPasswordResetTokensRepository.cs
@@ -5,7 +5,7 @@ namespace AnalysisData.Repositories.PasswordResetTokensRepository.Abstraction;
 public interface IPasswordResetTokensRepository
 {
     Task AddToken(PasswordResetToken token);
-    Task<PasswordResetToken> GetToken(Guid guid);
+    Task<PasswordResetToken> GetToken(Guid guid, string token);
     Task SaveChange();
 
 }
diff --git a/.../AnalysisData/Repositories/PasswordResetTokensRepository/PasswordResetTokensRepository.cs b/.../AnalysisData/Repositories/PasswordResetTokensRepository/PasswordResetTokensRepository.cs
@@ -20,10 +20,11 @@ public async Task AddToken(PasswordResetToken token)
         await _context.SaveChangesAsync(); 
     }
 
-    public async Task<PasswordResetToken> GetToken(Guid userId)
+    public async Task<PasswordResetToken> GetToken(Guid userId, string token)
     {
-        return await _context.Tokens.Include(x => x.User).OrderByDescending(x => x.Id)
-            .FirstOrDefaultAsync(x => x.UserId == userId);
+        return await _context.Tokens
+            .Include(x => x.User)
+            .FirstOrDefaultAsync(x => x.UserId == userId && x.Token == token);
     }
 
     public async Task SaveChange()

diff --git a/AnalysisData/AnalysisData/Services/GraphService/CategoryService/CategoryService.cs b/AnalysisData/AnalysisData/Services/GraphService/CategoryService/CategoryService.cs
@@ -36,7 +36,7 @@ public async Task<PaginationCategoryDto> GetAllCategoriesAsync(int pageNumber, i
     public async Task<GetAllCategoryDto> GetAllCategoriesWithoutPaginationAsync()
     {
         var allCategoryDto = await _categoryRepository.GetAllAsync();
-        return new GetAllCategoryDto() { Categories = allCategoryDto};
+        return new GetAllCategoryDto(allCategoryDto);
     }
 
     public async Task AddAsync(NewCategoryDto categoryDto)

diff --git a/AnalysisData/AnalysisData/Services/TokenService/ValidateTokenService.cs b/AnalysisData/AnalysisData/Services/TokenService/ValidateTokenService.cs
@@ -15,11 +15,9 @@ public ValidateTokenService(IPasswordResetTokensRepository resetTokensRepository
 
     public async Task ValidateResetToken(Guid userId, string resetPasswordToken)
     {
-        var resetToken = await _resetTokensRepository.GetToken(userId);
+        var resetToken = await _resetTokensRepository.GetToken(userId,resetPasswordToken);
         if (resetToken == null || resetToken.IsUsed)
             throw new TokenIsInvalidException();
-        if (resetPasswordToken != resetToken.Token)
-            throw new TokenIsInvalidException();
         if (resetToken.Expiration < DateTime.UtcNow)
             throw new TokenExpiredException();