nns/food-market
1
0
Fork 0
Code Issues Pull requests Actions 1 Packages Projects Releases Wiki Activity
food-market/.gitignore
nurdotnet b07232521b fix(auth): return 401 instead of 302 for API challenges; persist dev signing key across restarts 
Root cause of the 404 on /api/admin/moysklad/test (and /api/me):
- AddIdentity<> sets DefaultChallengeScheme = IdentityConstants.ApplicationScheme
  (cookies), so unauthorized API calls got 302 → /Account/Login → 404 instead of 401.
- Ephemeral OpenIddict keys (AddEphemeralSigningKey) regenerated on every API
  restart, silently invalidating any JWT already stored in the browser.

Fixes:
- Explicitly set DefaultScheme / DefaultAuthenticateScheme / DefaultChallengeScheme
  to OpenIddictValidationAspNetCoreDefaults.AuthenticationScheme so [Authorize]
  challenges now return 401 (axios interceptor can react + retry or redirect).
- Replace ephemeral RSA keys with a persistent dev RSA key stored in
  src/food-market.api/App_Data/openiddict-dev-key.xml (gitignored). Generated on
  first run, reused on subsequent starts. Dev tokens now survive API restarts.
  Production must register proper X509 certificates via configuration.
- .gitignore: add App_Data/, *.pem, openiddict-dev-key.xml patterns.
- Web axios: on hard 401 with failed refresh, redirect to /login rather than
  leaving the user stuck on a protected screen.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-21 21:42:53 +05:00

93 lines
1.1 KiB
Plaintext
Raw Blame History

## .NET
bin/
obj/
out/
publish/
*.user
*.suo
*.userosscache
*.sln.docstates
*.pidb
*.svclog
.vs/
.vscode/
!.vscode/launch.json
!.vscode/settings.json
!.vscode/extensions.json
*.rsuser
*.userprefs
project.lock.json
project.fragment.lock.json
artifacts/
*.pubxml
*.publishproj
PublishScripts/
*.VisualState.xml
TestResult.xml
nunit-*.xml
[Dd]ebug/
[Dd]ebugPublic/
[Rr]elease/
[Rr]eleases/
x64/
x86/
[Ww][Ii][Nn]32/
[Aa][Rr][Mm]/
[Aa][Rr][Mm]64/
bld/
[Bb]in/
[Oo]bj/
[Ll]og/
[Ll]ogs/
.idea/
*.iml
.DS_Store
Thumbs.db
## Node / web
node_modules/
dist/
dist-ssr/
.vite/
.turbo/
.next/
.nuxt/
.cache/
coverage/
*.local
.env
.env.*
!.env.example
npm-debug.log*
yarn-debug.log*
yarn-error.log*
pnpm-debug.log*
## Secrets
*.pfx
*.snk
*.pem
secrets.json
appsettings.Development.local.json
appsettings.Production.local.json
## OpenIddict dev keys (local only, never commit)
src/food-market.api/App_Data/
**/App_Data/openiddict-dev-key.xml
## Docker / local
.docker-data/
postgres-data/
*.sqlite
*.db
*.db-journal
## OS / editors
*.swp
*.swo
*~
.vscode-test/
## Claude Code personal settings
.claude/settings.local.json
Reference in a new issue View git blame Copy permalink