refactor, security updates, cv extraction upgrades

2026-04-11 01:34:32 +02:00
parent 806b200ac5
commit 27fd70a2d7
59 changed files with 6817 additions and 1561 deletions
@@ -0,0 +1,78 @@
+using Microsoft.AspNetCore.Http;
+
+namespace JobTrackerApi.Services;
+
+public static class AuthSessionOptions
+{
+    public const string SessionCookieName = "jobtracker_auth";
+    public const string CsrfCookieName = "XSRF-TOKEN";
+    public const string CsrfHeaderName = "X-CSRF-TOKEN";
+
+    public static CookieOptions BuildSessionCookie(bool persistent, bool secure)
+    {
+        var options = new CookieOptions
+        {
+            HttpOnly = true,
+            IsEssential = true,
+            SameSite = SameSiteMode.Lax,
+            Secure = secure,
+            Path = "/",
+        };
+
+        if (persistent)
+        {
+            options.Expires = DateTimeOffset.UtcNow.AddDays(30);
+            options.MaxAge = TimeSpan.FromDays(30);
+        }
+
+        return options;
+    }
+
+    public static CookieOptions BuildCsrfCookie(bool persistent, bool secure)
+    {
+        var options = new CookieOptions
+        {
+            HttpOnly = false,
+            IsEssential = true,
+            SameSite = SameSiteMode.Lax,
+            Secure = secure,
+            Path = "/",
+        };
+
+        if (persistent)
+        {
+            options.Expires = DateTimeOffset.UtcNow.AddDays(30);
+            options.MaxAge = TimeSpan.FromDays(30);
+        }
+
+        return options;
+    }
+
+    public static CookieOptions BuildExpiredCookie(bool secure)
+    {
+        return new CookieOptions
+        {
+            HttpOnly = true,
+            IsEssential = true,
+            SameSite = SameSiteMode.Lax,
+            Secure = secure,
+            Path = "/",
+            Expires = DateTimeOffset.UnixEpoch,
+            MaxAge = TimeSpan.Zero,
+        };
+    }
+
+    public static CookieOptions BuildExpiredReadableCookie(bool secure)
+    {
+        return new CookieOptions
+        {
+            HttpOnly = false,
+            IsEssential = true,
+            SameSite = SameSiteMode.Lax,
+            Secure = secure,
+            Path = "/",
+            Expires = DateTimeOffset.UnixEpoch,
+            MaxAge = TimeSpan.Zero,
+        };
+    }
+}