Removed unused Logout Session manager middleware

Teknik.sln

@@ -17,6 +17,7 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution
 		.gitattributes = .gitattributes
 		.gitignore = .gitignore
 		global.json = global.json
+		Performance1.psess = Performance1.psess
 		README.md = README.md
 	EndProjectSection
 EndProject
@@ -29,6 +30,9 @@ EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "ServiceWorker", "ServiceWorker\ServiceWorker.csproj", "{0B712243-994C-4AC3-893C-B86B59F63F53}"
 EndProject
 Global
+	GlobalSection(Performance) = preSolution
+		HasPerformanceSessions = true
+	EndGlobalSection
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
 		Release|Any CPU = Release|Any CPU

Teknik/Areas/User/Controllers/UserController.cs

@@ -49,11 +49,8 @@ namespace Teknik.Areas.Users.Controllers
         private readonly IHttpContextAccessor _httpContextAccessor;
         private ISession _session => _httpContextAccessor.HttpContext.Session;
 
-        private readonly LogoutSessionManager _logoutSessions;
+        public UserController(ILogger<Logger> logger, Config config, TeknikEntities dbContext, IHttpContextAccessor httpContextAccessor) : base(logger, config, dbContext)
-
-        public UserController(ILogger<Logger> logger, Config config, TeknikEntities dbContext, LogoutSessionManager logoutSessions, IHttpContextAccessor httpContextAccessor) : base(logger, config, dbContext)
         {
-            _logoutSessions = logoutSessions;
             _httpContextAccessor = httpContextAccessor;
         }
 

Teknik/Security/CookieEventHandler.cs

@@ -13,13 +13,10 @@ namespace Teknik.Security
 {
     public class CookieEventHandler : CookieAuthenticationEvents
     {
-        public CookieEventHandler(LogoutSessionManager logoutSessions)
+        public CookieEventHandler()
         {
-            _LogoutSessions = logoutSessions;
         }
-
+        
-        private static LogoutSessionManager _LogoutSessions;
-
         public override async Task RedirectToAccessDenied(RedirectContext<CookieAuthenticationOptions> context)
         {
             context.Response.StatusCode = 403;

Teknik/Security/LogoutSessionManager.cs

@@ -1,36 +0,0 @@
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Threading.Tasks;
-
-namespace Teknik.Security
-{
-    public class LogoutSessionManager
-    {
-        private static List<Session> _sessions = new List<Session>();
-
-        public void Add(string sub, string sid)
-        {
-            _sessions.Add(new Session { Sub = sub, Sid = sid });
-        }
-
-        public bool IsLoggedOut(string sub, string sid)
-        {
-            var matches = _sessions.Any(s => s.IsMatch(sub, sid));
-            return matches;
-        }
-
-        private class Session
-        {
-            public string Sub { get; set; }
-            public string Sid { get; set; }
-
-            public bool IsMatch(string sub, string sid)
-            {
-                return (Sid == sid && Sub == sub) ||
-                       (Sid == sid && Sub == null) ||
-                       (Sid == null && Sub == sub);
-            }
-        }
-    }
-}

Teknik/Startup.cs

@@ -136,7 +136,7 @@ namespace Teknik
             });
 
             // Sessions
-            services.AddResponseCaching();
+            //services.AddResponseCaching();
             services.AddMemoryCache();
             services.AddSession();
 
@@ -153,7 +153,6 @@ namespace Teknik
             services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
 
             services.AddTransient<CookieEventHandler>();
-            services.AddSingleton<LogoutSessionManager>();
 
             services.AddAuthentication(options =>
             {
@@ -285,6 +284,15 @@ namespace Teknik
                 }
             });
 
+            // Compress Reponse
+            //app.UseResponseCompression();
+
+            // Cache Responses
+            //app.UseResponseCaching();
+
+            // Force a HTTPS redirection (301)
+            app.UseHttpsRedirection();
+
             // Use Exception Handling
             app.UseErrorHandler(config);
 
@@ -297,13 +305,7 @@ namespace Teknik
             app.UseCSP();
             app.UseSecurityHeaders();
 
-            // Cache Responses
+            // Setup static files and cache them client side
-            app.UseResponseCaching();
-
-            // Force a HTTPS redirection (301)
-            app.UseHttpsRedirection();
-
-            // Setup static files anc cache them client side
             app.UseStaticFiles(new StaticFileOptions
             {
                 OnPrepareResponse = ctx =>

Utilities/Cryptography/AesCounterMode.cs

@@ -101,6 +101,9 @@ namespace Teknik.Utilities.Cryptography
 
             _SymmetricAlgorithm = symmetricAlgorithm;
 
+            // Initialize the encrypted counter
+            _EncryptedCounter = new byte[_SymmetricAlgorithm.BlockSize / 8];
+
             _IV = new byte[iv.Length];
             iv.CopyTo(_IV, 0);
 
@@ -157,7 +160,7 @@ namespace Teknik.Utilities.Cryptography
         public void EncryptCounter()
         {
             // Clear the encrypted counter
-            _EncryptedCounter = new byte[_SymmetricAlgorithm.BlockSize / 8];
+            Array.Clear(_EncryptedCounter, 0, _EncryptedCounter.Length);
 
             // Encrypt the current counter to the encrypted counter
             _CounterEncryptor.TransformBlock(_Counter, 0, _Counter.Length, _EncryptedCounter, 0);