From 4dc832856e88033559790a2d543bf21441137945 Mon Sep 17 00:00:00 2001
From: ChronosX88 <chronosx88@gmail.com>
Date: Sat, 10 Oct 2020 23:50:29 +0400
Subject: [PATCH] Make token validation on each request (auth provider should
 take care for caching)

---
 src/Zirconium/Core/Models/Session.cs |  1 -
 src/Zirconium/Core/Router.cs         | 50 ++++++++++++----------------
 2 files changed, 22 insertions(+), 29 deletions(-)

diff --git a/src/Zirconium/Core/Models/Session.cs b/src/Zirconium/Core/Models/Session.cs
index 9218184..414f03a 100644
--- a/src/Zirconium/Core/Models/Session.cs
+++ b/src/Zirconium/Core/Models/Session.cs
@@ -4,7 +4,6 @@ namespace Zirconium.Core.Models
 {
     public class Session
     {
-        public string LastTokenHash { get; set; }
         public SessionAuthData LastTokenPayload { get; set; }
         public IPAddress ClientAddress { get; set; }
         public ConnectionHandler ConnectionHandler { get; set; }
diff --git a/src/Zirconium/Core/Router.cs b/src/Zirconium/Core/Router.cs
index a969d8e..b13d597 100644
--- a/src/Zirconium/Core/Router.cs
+++ b/src/Zirconium/Core/Router.cs
@@ -45,37 +45,28 @@ namespace Zirconium.Core
             {
                 if (h.IsAuthorizationRequired())
                 {
-                    string hash;
-                    using (SHA512 shaM = new SHA512Managed())
+                    SessionAuthData tokenPayload;
+                    try
                     {
-                        hash = shaM.ComputeHash(message.AuthToken.ToByteArray()).ConvertToString();
+                        tokenPayload = _app.AuthManager.ValidateToken(message.AuthToken);
                     }
-                    if (session.LastTokenHash != hash)
+                    catch (Exception e)
                     {
-                        SessionAuthData tokenPayload;
-                        try
-                        {
-                            tokenPayload = _app.AuthManager.ValidateToken(message.AuthToken);
-                        }
-                        catch (Exception e)
-                        {
-                            Log.Warning(e.Message);
-                            var errorMsg = OtherUtils.GenerateProtocolError(
-                                                                message,
-                                                                "unauthorized",
-                                                                "Unauthorized access",
-                                                                new Dictionary<string, object>()
-                                                            );
-                            errorMsg.From = _app.Config.ServerID;
-                            var serializedMsg = JsonConvert.SerializeObject(errorMsg);
+                        Log.Warning(e.Message);
+                        var errorMsg = OtherUtils.GenerateProtocolError(
+                                                            message,
+                                                            "unauthorized",
+                                                            "Unauthorized access",
+                                                            new Dictionary<string, object>()
+                                                        );
+                        errorMsg.From = _app.Config.ServerID;
+                        var serializedMsg = JsonConvert.SerializeObject(errorMsg);
 
-                            session.ConnectionHandler.SendMessage(serializedMsg);
-                            return;
-                        }
-
-                        session.LastTokenHash = hash;
-                        session.LastTokenPayload = tokenPayload;
+                        session.LastTokenPayload = null;
+                        session.ConnectionHandler.SendMessage(serializedMsg);
+                        return;
                     }
+                    session.LastTokenPayload = tokenPayload;
                 }
 
                 var task = Task.Run(() =>
@@ -85,9 +76,12 @@ namespace Zirconium.Core
                 });
                 handlerTasks.Add(task);
             }
-            try {
+            try
+            {
                 Task.WaitAll(handlerTasks.ToArray());
-            } catch (Exception e) {
+            }
+            catch (Exception e)
+            {
                 Log.Error(e.ToString());
             }
         }