Removed unused Logout Session manager middleware

2023-08-02 14:16:22 +02:00 · 2019-01-31 22:56:12 -08:00 · 2019-01-31 22:56:12 -08:00 · 0597455180
commit 0597455180
parent a867b433f7
6 changed files with 22 additions and 55 deletions
--- a/Teknik.sln
+++ b/Teknik.sln
@ -17,6 +17,7 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution
 		.gitattributes = .gitattributes
 		.gitignore = .gitignore
 		global.json = global.json
+		Performance1.psess = Performance1.psess
 		README.md = README.md
 	EndProjectSection
 EndProject
@ -29,6 +30,9 @@ EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "ServiceWorker", "ServiceWorker\ServiceWorker.csproj", "{0B712243-994C-4AC3-893C-B86B59F63F53}"
 EndProject
 Global
+	GlobalSection(Performance) = preSolution
+		HasPerformanceSessions = true
+	EndGlobalSection
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
 		Release|Any CPU = Release|Any CPU
--- a/Teknik/Areas/User/Controllers/UserController.cs
+++ b/Teknik/Areas/User/Controllers/UserController.cs
@ -49,11 +49,8 @@ namespace Teknik.Areas.Users.Controllers
        private readonly IHttpContextAccessor _httpContextAccessor;
        private ISession _session => _httpContextAccessor.HttpContext.Session;

-        private readonly LogoutSessionManager _logoutSessions;
-
-        public UserController(ILogger<Logger> logger, Config config, TeknikEntities dbContext, LogoutSessionManager logoutSessions, IHttpContextAccessor httpContextAccessor) : base(logger, config, dbContext)
+        public UserController(ILogger<Logger> logger, Config config, TeknikEntities dbContext, IHttpContextAccessor httpContextAccessor) : base(logger, config, dbContext)
        {
-            _logoutSessions = logoutSessions;
            _httpContextAccessor = httpContextAccessor;
        }

--- a/Teknik/Security/CookieEventHandler.cs
+++ b/Teknik/Security/CookieEventHandler.cs
@ -13,13 +13,10 @@ namespace Teknik.Security
 {
    public class CookieEventHandler : CookieAuthenticationEvents
    {
-        public CookieEventHandler(LogoutSessionManager logoutSessions)
+        public CookieEventHandler()
        {
-            _LogoutSessions = logoutSessions;
        }
        
-        private static LogoutSessionManager _LogoutSessions;
-
        public override async Task RedirectToAccessDenied(RedirectContext<CookieAuthenticationOptions> context)
        {
            context.Response.StatusCode = 403;
--- a/Teknik/Security/LogoutSessionManager.cs
+++ b/Teknik/Security/LogoutSessionManager.cs
@ -1,36 +0,0 @@
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Threading.Tasks;
-
-namespace Teknik.Security
-{
-    public class LogoutSessionManager
-    {
-        private static List<Session> _sessions = new List<Session>();
-
-        public void Add(string sub, string sid)
-        {
-            _sessions.Add(new Session { Sub = sub, Sid = sid });
-        }
-
-        public bool IsLoggedOut(string sub, string sid)
-        {
-            var matches = _sessions.Any(s => s.IsMatch(sub, sid));
-            return matches;
-        }
-
-        private class Session
-        {
-            public string Sub { get; set; }
-            public string Sid { get; set; }
-
-            public bool IsMatch(string sub, string sid)
-            {
-                return (Sid == sid && Sub == sub) ||
-                       (Sid == sid && Sub == null) ||
-                       (Sid == null && Sub == sub);
-            }
-        }
-    }
-}
--- a/Teknik/Startup.cs
+++ b/Teknik/Startup.cs
@ -136,7 +136,7 @@ namespace Teknik
            });

            // Sessions
-            services.AddResponseCaching();
+            //services.AddResponseCaching();
            services.AddMemoryCache();
            services.AddSession();

@ -153,7 +153,6 @@ namespace Teknik
            services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);

            services.AddTransient<CookieEventHandler>();
-            services.AddSingleton<LogoutSessionManager>();

            services.AddAuthentication(options =>
            {
@ -285,6 +284,15 @@ namespace Teknik
                }
            });

+            // Compress Reponse
+            //app.UseResponseCompression();
+
+            // Cache Responses
+            //app.UseResponseCaching();
+
+            // Force a HTTPS redirection (301)
+            app.UseHttpsRedirection();
+
            // Use Exception Handling
            app.UseErrorHandler(config);

@ -297,13 +305,7 @@ namespace Teknik
            app.UseCSP();
            app.UseSecurityHeaders();

-            // Cache Responses
-            app.UseResponseCaching();
-
-            // Force a HTTPS redirection (301)
-            app.UseHttpsRedirection();
-
-            // Setup static files anc cache them client side
+            // Setup static files and cache them client side
            app.UseStaticFiles(new StaticFileOptions
            {
                OnPrepareResponse = ctx =>
--- a/Utilities/Cryptography/AesCounterMode.cs
+++ b/Utilities/Cryptography/AesCounterMode.cs
@ -101,6 +101,9 @@ namespace Teknik.Utilities.Cryptography

            _SymmetricAlgorithm = symmetricAlgorithm;

+            // Initialize the encrypted counter
+            _EncryptedCounter = new byte[_SymmetricAlgorithm.BlockSize / 8];
+
            _IV = new byte[iv.Length];
            iv.CopyTo(_IV, 0);

@ -157,7 +160,7 @@ namespace Teknik.Utilities.Cryptography
        public void EncryptCounter()
        {
            // Clear the encrypted counter
-            _EncryptedCounter = new byte[_SymmetricAlgorithm.BlockSize / 8];
+            Array.Clear(_EncryptedCounter, 0, _EncryptedCounter.Length);

            // Encrypt the current counter to the encrypted counter
            _CounterEncryptor.TransformBlock(_Counter, 0, _Counter.Length, _EncryptedCounter, 0);