Merge pull request #126 from nullinside-development-group/feat/oauth

feat: adding refresh token and expiring for oauth

Author: ProgrammingByPermutation

src/Nullinside.Api.Common.AspNetCore/Middleware/BasicAuthenticationHandler.cs

@@ -61,7 +61,8 @@ protected override async Task<AuthenticateResult> HandleAuthenticateAsync() {
         .AsNoTracking()
         .FirstOrDefaultAsync(u => !string.IsNullOrWhiteSpace(u.Token) &&
                                   u.Token == token &&
-                                  !u.IsBanned).ConfigureAwait(false);
+                                  !u.IsBanned)
+        .ConfigureAwait(false);
 
       if (null == dbUser) {
         return AuthenticateResult.Fail("Invalid token");

src/Nullinside.Api.Common/Auth/AuthUtils.cs

@@ -7,12 +7,10 @@ namespace Nullinside.Api.Common.Auth;
 /// </summary>
 public static class AuthUtils {
   /// <summary>
-  ///   Generates a new unique bearer token.
+  ///   Generates a new unique token.
   /// </summary>
-  /// <returns>A bearer token.</returns>
-  public static string GenerateBearerToken() {
-    // This method is trash but it doesn't matter. We should be doing real OAuth tokens with expirations and
-    // renewals. Right now nothing that exists on the site requires this level of sophistication.
+  /// <returns>A token.</returns>
+  public static string GenerateToken() {
     string allowed = "ABCDEFGHIJKLMONOPQRSTUVWXYZabcdefghijklmonopqrstuvwxyz0123456789";
     int strlen = 255; // Or whatever
     char[] randomChars = new char[strlen];

src/Nullinside.Api.Model/Ddl/User.cs

@@ -27,6 +27,16 @@ public class User : ITableModel {
   ///   The user's auth token for interacting with the site's API.
   /// </summary>
   public string? Token { get; set; }
+  
+  /// <summary>
+  ///   The user's auth token for interacting with the site's API.
+  /// </summary>
+  public string? RefreshToken { get; set; }
+  
+  /// <summary>
+  ///   The user's auth token for interacting with the site's API.
+  /// </summary>
+  public DateTime? TokenExpires { get; set; }
 
   /// <summary>
   ///   The id of the user on twitch.
@@ -95,6 +105,8 @@ public void OnModelCreating(ModelBuilder modelBuilder) {
         .HasMaxLength(255);
       entity.Property(e => e.Token)
         .HasMaxLength(255);
+      entity.Property(e => e.RefreshToken)
+        .HasMaxLength(255);
       entity.Property(e => e.UpdatedOn)
         .IsRowVersion();
       // TODO: Add the other strings in this file with lengths