Проведен аудит. Добавлено переключение треков

2026-05-21 20:49:55 +03:00
parent 38af6174fa
commit 9139d8ecfe
23 changed files with 351 additions and 222 deletions
--- a/PlaylistShared.Api/Services/JwtService.cs
+++ b/PlaylistShared.Api/Services/JwtService.cs
@@ -1,4 +1,5 @@
-using Microsoft.AspNetCore.Identity;
+using Microsoft.AspNetCore.DataProtection;
+using Microsoft.AspNetCore.Identity;
 using Microsoft.IdentityModel.Tokens;
 using PlaylistShared.Api.Entities;
 using System.IdentityModel.Tokens.Jwt;
@@ -11,11 +12,15 @@ public class JwtService
 {
    private readonly IConfiguration _configuration;
    private readonly UserManager<ApplicationUser> _userManager;
+    private readonly ITimeLimitedDataProtector _playTokenProtector;

-    public JwtService(IConfiguration configuration, UserManager<ApplicationUser> userManager)
+    public JwtService(IConfiguration configuration, UserManager<ApplicationUser> userManager, IDataProtectionProvider dataProtectionProvider)
    {
        _configuration = configuration;
        _userManager = userManager;
+        _playTokenProtector = dataProtectionProvider
+            .CreateProtector("AudioPlayToken")
+            .ToTimeLimitedDataProtector();
    }

    public async Task<(string Token, string RefreshToken, DateTime Expiration)> GenerateTokenAsync(ApplicationUser user)
@@ -71,4 +76,20 @@ public class JwtService
            return null;
        }
    }
-}
+
+    public string CreatePlayToken(Guid userId) =>
+        _playTokenProtector.Protect(userId.ToString(), TimeSpan.FromMinutes(5));
+
+    public Guid? ValidatePlayToken(string token)
+    {
+        try
+        {
+            var userId = _playTokenProtector.Unprotect(token);
+            return Guid.Parse(userId);
+        }
+        catch
+        {
+            return null;
+        }
+    }
+}