8000 fix DeleteUserAsync to remove user roles before delete to avoid db fk… · devel0/example-webapp-with-auth@a02bb35 · GitHub
[go: up one dir, main page]
Skip to content

Commit a02bb35

Browse files
devel0devel0
committed
fix DeleteUserAsync to remove user roles before delete to avoid db fk on roles
1 parent 493886e commit a02bb35

File tree

1 file changed

+9
-7
lines changed

1 file changed

+9
-7
lines changed

src/backend/Services/Implementations/Auth/AuthService.cs

Lines changed: 9 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -6,16 +6,16 @@ public class AuthService : IAuthService
66
readonly RoleManager<IdentityRole> roleManager;
77
readonly SignInManager<ApplicationUser> signInManager;
88
readonly IJWTService jwtService;
9-
readonly IHttpContextAccessor httpContextAccessor;
9+
readonly IHttpContextAccessor httpContextAccessor;
1010
readonly ILogger<AuthService> logger;
11-
readonly IConfiguration configuration;
11+
readonly IConfiguration configuration;
1212

1313
public AuthService(
1414
UserManager<ApplicationUser> userManager,
1515
RoleManager<IdentityRole> roleManager,
1616
SignInManager<ApplicationUser> signInManager,
1717
IJWTService jwtService,
18-
IHttpContextAccessor httpContextAccessor,
18+
IHttpContextAccessor httpContextAccessor,
1919
ILogger<AuthService> logger,
2020
IConfiguration configuration
2121
)
@@ -24,9 +24,9 @@ IConfiguration configuration
2424
this.roleManager = roleManager;
2525
this.signInManager = signInManager;
2626
this.jwtService = jwtService;
27-
this.httpContextAccessor = httpContextAccessor;
27+
this.httpContextAccessor = httpContextAccessor;
2828
this.logger = logger;
29-
this.configuration = configuration;
29+
this.configuration = configuration;
3030
}
3131

3232
public AuthOptions AuthOptions()
@@ -151,7 +151,7 @@ public async Task<LoginResponseDto> LoginAsync(
151151
UserName = userName,
152152
Email = user.Email!,
153153
Roles = roles,
154-
Permissions = PermissionsFromRoles(roles.ToHashSet()),
154+
Permissions = PermissionsFromRoles(roles.ToHashSet()),
155155
RefreshTokenExpiration = refreshTokenNfo.Expiration
156156
};
157157
}
@@ -259,7 +259,7 @@ public async Task<RenewAccessTokenResponse> RenewCurrentUserAccessTokenAsync(Can
259259
var quser = httpContext.User;
260260

261261
if (quser is not null)
262-
{
262+
{
263263
var refreshToken = jwtService.GetRefreshTokenFromHttpRequest(httpContext.Request);
264264
if (refreshToken is null)
265265
return new RenewAccessTokenResponse { Status = RenewAccessTokenStatus.InvalidRefreshToken };
@@ -429,6 +429,8 @@ public async Task<DeleteUserResponseDto> DeleteUserAsync(
429429
Errors = [$"Can't delete user (role:{editExistingUserMaxRole})."]
430430
};
431431

432+
await userManager.RemoveFromRolesAsync(userToDelete, await userManager.GetRolesAsync(userToDelete));
433+
432434
var deleteRes = await userManager.DeleteAsync(userToDelete);
433435
if (!deleteRes.Succeeded)
434436
return new DeleteUserResponseDto

0 commit comments

Comments
 (0)
0