Improve nonce caching
This commit is contained in:
parent
6ef5ddb54e
commit
fbe022e4be
1 changed files with 3 additions and 15 deletions
|
|
@ -326,29 +326,17 @@ public class Requests
|
||||||
string plainPass = await Utils.GetPassword(await Utils.IdFromName(username));
|
string plainPass = await Utils.GetPassword(await Utils.IdFromName(username));
|
||||||
foreach (var kvp in nonceHolder) //clearowanie nieuzytych nonce
|
foreach (var kvp in nonceHolder) //clearowanie nieuzytych nonce
|
||||||
{
|
{
|
||||||
/*
|
|
||||||
if (kvp.Key == username)
|
|
||||||
{
|
|
||||||
nonceHolder.TryRemove(kvp.Key, out _);
|
|
||||||
}
|
|
||||||
*/ //tak teraz sobie mysle moze jednak nie usuwac nonce?? bo co jak jakis cep beedzie ciagle komus spamic i
|
|
||||||
//bedzie mial nizszy ping i gosc nie bedzie mogl zadnego req wyslac, a nawet jak ktos bez secret to odczyta
|
|
||||||
//to nic z tym nie zrobi
|
|
||||||
if (kvp.Value.Item2 < DateTimeOffset.UtcNow.AddMinutes(-2))
|
if (kvp.Value.Item2 < DateTimeOffset.UtcNow.AddMinutes(-2))
|
||||||
{
|
{
|
||||||
nonceHolder.TryRemove(kvp.Key, out _);
|
nonceHolder.TryRemove(kvp.Key, out _);
|
||||||
}
|
}
|
||||||
else if (kvp.Key == username)
|
else if (kvp.Key == username)
|
||||||
{
|
{
|
||||||
if (nonceHolder.TryGetValue(kvp.Key, out (string, DateTimeOffset) cachedNonce))
|
await context.Response.WriteAsync(Encryption.Encryption.EncryptString(kvp.Value.Item1,
|
||||||
{
|
|
||||||
await context.Response.WriteAsync(Encryption.Encryption.EncryptString(cachedNonce.Item1,
|
|
||||||
plainPass));
|
plainPass));
|
||||||
|
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
|
||||||
|
|
||||||
string nonce = Encryption.Encryption.GetRandomString(64);
|
string nonce = Encryption.Encryption.GetRandomString(64);
|
||||||
nonceHolder.TryAdd(username, (nonce, DateTimeOffset.UtcNow));
|
nonceHolder.TryAdd(username, (nonce, DateTimeOffset.UtcNow));
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue