diff --git a/Aspnet/Controllers/LoginController.cs b/Aspnet/Controllers/LoginController.cs index 38abacc..706d6cd 100644 --- a/Aspnet/Controllers/LoginController.cs +++ b/Aspnet/Controllers/LoginController.cs @@ -21,17 +21,29 @@ public class LoginController: ControllerBase string tokenString = GenerarToken(loginDto); RepositorioUsuarios.Singleton.GuardarToken(loginDto, tokenString); - return Ok( new {Email = loginDto.Email, Token = tokenString, Redirect = "/Menu"}); + var cookieOptions = new CookieOptions + { + HttpOnly = true, + Secure = true, + //SameSite = SameSiteMode.Strict, + Expires = DateTimeOffset.UtcNow.AddHours(1) + }; + + Response.Cookies.Append("token", tokenString, cookieOptions); + return Ok( new {Email = loginDto.Email, Redirect = "/Menu"}); } [HttpPost("api/login/validar")] - public IActionResult Verificar([FromBody] TokenDto tokenRequest){ - if (tokenRequest.Email == String.Empty ||tokenRequest.Token == string.Empty ||tokenRequest.Redirect == string.Empty) + public IActionResult Verificar([FromBody] AccessDto request){ + + Request.Cookies.TryGetValue("token", out var token); + + if (request.Email == String.Empty || token == null ||request.Redirect == string.Empty) { return Unauthorized(new { esValido = false}); } - bool esValido = RepositorioUsuarios.Singleton.CheckToken(tokenRequest); + bool esValido = RepositorioUsuarios.Singleton.CheckToken(request.Email, token); return (esValido) ? Ok( new { esValido = true}) : Unauthorized( new {esValido = false}); } diff --git a/Aspnet/Program.cs b/Aspnet/Program.cs index e0bdaac..e83391e 100644 --- a/Aspnet/Program.cs +++ b/Aspnet/Program.cs @@ -11,9 +11,10 @@ builder.Services.AddCors(options => options.AddPolicy("AllowSvelteApp", builder => { - builder.AllowAnyOrigin() + builder.WithOrigins("http://localhost:5173") .AllowAnyHeader() - .AllowAnyMethod(); + .AllowAnyMethod() + .AllowCredentials(); }); }); diff --git a/Entidades/Dto/TokenDto.cs b/Entidades/Dto/AccessDto.cs similarity index 63% rename from Entidades/Dto/TokenDto.cs rename to Entidades/Dto/AccessDto.cs index fcba11c..2753f4d 100644 --- a/Entidades/Dto/TokenDto.cs +++ b/Entidades/Dto/AccessDto.cs @@ -1,7 +1,6 @@ namespace Entidades.Dto; -public class TokenDto{ +public class AccessDto { public string Email { get; set; } = null!; - public string Token {get; set;} = String.Empty; public string Redirect { get; set; } = String.Empty; } diff --git a/Front/src/lib/RutaProtegida.svelte b/Front/src/lib/RutaProtegida.svelte index 6ab0b5d..5c8e8ef 100644 --- a/Front/src/lib/RutaProtegida.svelte +++ b/Front/src/lib/RutaProtegida.svelte @@ -10,7 +10,7 @@ export let component; let redirect = window.location.pathname; - const token = localStorage.getItem('token'); + const email = localStorage.getItem('email'); const handleAccess = async () => { @@ -20,7 +20,8 @@ headers: { 'Content-Type': 'application/json', }, - body: JSON.stringify( {email, token, redirect} ), + body: JSON.stringify( {email, redirect} ), + credentials: "include" }); if (response.ok) { diff --git a/Front/src/lib/login.svelte b/Front/src/lib/login.svelte index 36a395f..fa8a526 100644 --- a/Front/src/lib/login.svelte +++ b/Front/src/lib/login.svelte @@ -18,7 +18,8 @@ headers: { 'Content-Type': 'application/json' }, - body: JSON.stringify(data) + body: JSON.stringify(data), + credentials: "include" }); if (!response.ok){ @@ -30,7 +31,6 @@ const ret = await response.json(); localStorage.clear(); - localStorage.setItem('token', ret.token); localStorage.setItem('email', ret.email); //setTimeout(() => console.log("50ms") ,50); navigate(ret.redirect); diff --git a/Modelo/RepositorioBase.cs b/Modelo/RepositorioBase.cs index 875dedf..2315c13 100644 --- a/Modelo/RepositorioBase.cs +++ b/Modelo/RepositorioBase.cs @@ -7,22 +7,19 @@ namespace Modelo; public abstract class RepositorioBase where S : new() { - protected AlquilaFacilContext Context { get; set; } = new AlquilaFacilContext(); - + protected AlquilaFacilContext Context { get{ return new AlquilaFacilContext();}} private static readonly S instance = new(); public static S Singleton { get{return instance;}} - public bool Guardar(){ + public bool Guardar(AlquilaFacilContext context){ bool ret = false; try { - Context.SaveChanges(); - Context.Dispose(); - Context = new AlquilaFacilContext(); + context.SaveChanges(); + context.Dispose(); ret = true; } catch (DbUpdateException ex) { - Context = new AlquilaFacilContext(); Console.Error.WriteLine(ex.Message); } return ret; diff --git a/Modelo/RepositorioInquilinos.cs b/Modelo/RepositorioInquilinos.cs deleted file mode 100644 index dcf89c9..0000000 --- a/Modelo/RepositorioInquilinos.cs +++ /dev/null @@ -1,6 +0,0 @@ -using Modelo; - -public class RepositorioInquilinos: RepositorioBase -{ - -} \ No newline at end of file diff --git a/Modelo/RepositorioPropiedades.cs b/Modelo/RepositorioPropiedades.cs new file mode 100644 index 0000000..b911e46 --- /dev/null +++ b/Modelo/RepositorioPropiedades.cs @@ -0,0 +1,9 @@ +using Modelo; + +public class RepositorioPropiedades: RepositorioBase +{ + + public bool AñadirPropiedad(){ + return false; + } +} \ No newline at end of file diff --git a/Modelo/RepositorioUsuarios.cs b/Modelo/RepositorioUsuarios.cs index 9196ec0..dfc4701 100644 --- a/Modelo/RepositorioUsuarios.cs +++ b/Modelo/RepositorioUsuarios.cs @@ -3,55 +3,46 @@ using System.Security.Cryptography; using System.Text; using Entidades.Dto; using Entidades; +using System.Reflection.Metadata.Ecma335; namespace Modelo; public class RepositorioUsuarios: RepositorioBase { public bool AltaCliente(CrearClienteDto cid){ - var usu = new Usuario { - email = cid.email, - contraseña = Encoding.UTF8.GetBytes(HacerHash(cid.contraseña)) - }; - var cli = new Cliente { - dni = cid.dni, - nombre = cid.nombre, - domicilio = cid.domicilio, - apellido = cid.apellido, - celular = cid.celular + Dni = cid.dni, + Nombre = cid.nombre, + Domicilio = cid.domicilio, + Apellido = cid.apellido, + Celular = cid.celular, + Email = cid.email, + Contraseña = Encoding.UTF8.GetBytes(HacerHash(cid.contraseña)) }; - - var cant = Context.Usuarios - .GroupBy(u => u.id) - .Select(x => x.Count()) - .ToList(); - if (cant.Count < 1) return false; - - usu.id = cant.Count() + 1; - cli.idusuario = cant.Count() + 1; - - var grupo = Context.Grupos.Find(2); - if (grupo == null || grupo.id == 0) return false; + var con = Context; + var grupo = con.Grupos.Find(2); + if (grupo == null || grupo.Id == 0) return false; - Context.Usuarios.Add(usu); - Guardar(); + con.Clientes.Add(cli); + Guardar(con); + + con = Context; + cli = con.Clientes.Find(cli.Dni) ?? new(); + if (cli.Dni == 0) return false; + + cli.Idgrupos.Add(grupo); + return Guardar(con); - var usut = Context.Usuarios.Find(usu.id); - usut.idgrupos.Add(grupo); - Guardar(); - Context.Clientes.Add(cli); - return Guardar(); } public bool CheckUsuario(LoginDto logindto) { string Contraseña = HacerHash(logindto.Contraseña); - Usuario? usu = Context.Usuarios.FirstOrDefault(a => a.email == logindto.Email); + Cliente? usu = Context.Clientes.FirstOrDefault(a => a.Email == logindto.Email); if (usu == null) return false; - string hashdb = Encoding.UTF8.GetString(usu.contraseña); + string hashdb = Encoding.UTF8.GetString(usu.Contraseña); if (hashdb == Contraseña) return true; return false; @@ -62,20 +53,20 @@ public class RepositorioUsuarios: RepositorioBase return BitConverter.ToString(buf).Replace("-",""); } - public bool CheckToken(TokenDto token){ - var usu = Context.Usuarios.FirstOrDefault(x => x.email == token.Email); + public bool CheckToken(string email, string token){ + var usu = Context.Clientes.FirstOrDefault(x => x.Email == email); if (usu == null) return false; - return usu.token == token.Token; - + return usu.Token == token; } public void GuardarToken(LoginDto login, string tokenString) { - var usu = Context.Usuarios.FirstOrDefault(x => x.email == login.Email); + var con = Context; + var usu = con.Clientes.FirstOrDefault(x => x.Email == login.Email); if (usu == null) return; - usu.token = tokenString; - Guardar(); + usu.Token = tokenString; + Guardar(con); } }