ASC.Web.Api: Authentication: Setting cookies based on the session parameter

2023-07-04 14:21:19 +03:00 · 2023-07-04 14:21:19 +03:00 · 157605bc0b
commit 157605bc0b
parent 289ff439e1
1 changed files with 14 additions and 7 deletions
--- a/web/ASC.Web.Api/Api/AuthenticationController.cs
+++ b/web/ASC.Web.Api/Api/AuthenticationController.cs
@ -225,6 +225,7 @@ public class AuthenticationController : ControllerBase
        var wrapper = await GetUser(inDto);
        var viaEmail = wrapper.ViaEmail;
        var user = wrapper.UserInfo;
+        var session = inDto.Session;

        if (user == null || Equals(user, Constants.LostUser))
        {
@ -275,16 +276,22 @@ public class AuthenticationController : ControllerBase
        try
        {
            var action = viaEmail ? MessageAction.LoginSuccessViaApi : MessageAction.LoginSuccessViaApiSocialAccount;
-            var token = _cookiesManager.AuthenticateMeAndSetCookies(user.Tenant, user.Id, action);
+            var token = _cookiesManager.AuthenticateMeAndSetCookies(user.Tenant, user.Id, action, session);

-            var tenant = _tenantManager.GetCurrentTenant().Id;
-            var expires = _tenantCookieSettingsHelper.GetExpiresTime(tenant);
-
-            return new AuthenticationTokenDto
+            var outDto = new AuthenticationTokenDto
            {
-                Token = token,
-                Expires = new ApiDateTime(_tenantManager, _timeZoneConverter, expires)
+                Token = token
            };
+
+            if (!session)
+            {
+                var tenant = _tenantManager.GetCurrentTenant().Id;
+                var expires = _tenantCookieSettingsHelper.GetExpiresTime(tenant);
+
+                outDto.Expires = new ApiDateTime(_tenantManager, _timeZoneConverter, expires);
+            }
+
+            return outDto;
        }
        catch (Exception ex)
        {