♻️ Refactored auth service for better security

2025-11-29 18:00:23 +08:00
parent 78f3873a0c
commit 00b3087d6a
13 changed files with 3121 additions and 101 deletions
--- a/DysonNetwork.Pass/Auth/TokenAuthService.cs
+++ b/DysonNetwork.Pass/Auth/TokenAuthService.cs
@@ -88,7 +88,7 @@ public class TokenAuthService(
            session = await db.AuthSessions
                .AsNoTracking()
                .Include(e => e.Challenge)
-                .ThenInclude(e => e.Client)
+                .Include(e => e.Client)
                .Include(e => e.Account)
                .ThenInclude(e => e.Profile)
                .FirstOrDefaultAsync(s => s.Id == sessionId);
@@ -110,7 +110,7 @@ public class TokenAuthService(
                "AuthenticateTokenAsync: DB session loaded (sessionId={SessionId}, accountId={AccountId}, clientId={ClientId}, appId={AppId}, scopes={ScopeCount}, ip={Ip}, uaLen={UaLen})",
                sessionId,
                session.AccountId,
-                session.Challenge?.ClientId,
+                session.ClientId,
                session.AppId,
                session.Challenge?.Scopes.Count,
                session.Challenge?.IpAddress,
@@ -143,7 +143,7 @@ public class TokenAuthService(
                "AuthenticateTokenAsync: success via DB (sessionId={SessionId}, accountId={AccountId}, clientId={ClientId})",
                sessionId,
                session.AccountId,
-                session.Challenge?.ClientId
+                session.ClientId
            );
            return (true, session, null);
        }