Fixed simultaneous signing from multiple browsers

web-eid · Apr 26, 2024 · 3717807 · 3717807
1 parent e03dddf
commit 3717807
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 6 deletions.
diff --git a/src/WebEid.AspNetCore.Example/Controllers/Api/AuthController.cs b/src/WebEid.AspNetCore.Example/Controllers/Api/AuthController.cs
@@ -66,6 +66,10 @@ await HttpContext.SignInAsync(
                 CookieAuthenticationDefaults.AuthenticationScheme,
                 new ClaimsPrincipal(claimsIdentity),
                 authProperties);
+
+            // Assign a unique ID within the session to enable the use of a unique temporary container name across successive requests.
+            // A unique temporary container name is required to facilitate simultaneous signing from multiple browsers.
+            SetUniqueIdInSession();
         }
 
         [HttpGet]

diff --git a/src/WebEid.AspNetCore.Example/Controllers/Api/BaseController.cs b/src/WebEid.AspNetCore.Example/Controllers/Api/BaseController.cs
@@ -19,22 +19,32 @@
 
 namespace WebEid.AspNetCore.Example.Controllers.Api
 {
-    using System.Security;
-    using System.Security.Claims;
+    using System;
+    using Microsoft.AspNetCore.Http;
     using Microsoft.AspNetCore.Mvc;
 
     public abstract class BaseController : ControllerBase
     {
+        const string uniqueIdKey = "UniqueId";
+
         protected void RemoveUserContainerFile()
         {
             System.IO.File.Delete(GetUserContainerName());
         }
 
+        protected void SetUniqueIdInSession() 
+        {
+            HttpContext.Session.SetString(uniqueIdKey, Guid.NewGuid().ToString());
+        }
+
+        private string GetUniqueIdFromSession() 
+        {
+            return HttpContext.Session.GetString(uniqueIdKey);
+        }
+
         protected string GetUserContainerName()
         {
-            var identity = (ClaimsIdentity)this.HttpContext.User?.Identity ??
-                           throw new SecurityException("User is not logged in");
-            return identity.GetIdCode();
+            return $"container_{GetUniqueIdFromSession()}";
         }
     }
 }
diff --git a/src/WebEid.AspNetCore.Example/Controllers/Api/SignController.cs b/src/WebEid.AspNetCore.Example/Controllers/Api/SignController.cs
@@ -22,7 +22,6 @@
     using System;
     using System.Security.Claims;
     using System.Threading.Tasks;
-    using Microsoft.AspNetCore.Authorization;
     using Microsoft.AspNetCore.Mvc;
     using Microsoft.Extensions.Logging;
     using Services;