Generate secret keys locally

MareSynchronosServer/MareSynchronosAuthService/Controllers/JwtController.cs

@@ -1,4 +1,5 @@
 using MareSynchronos.API.Dto;
+using MareSynchronos.API.Dto.Account;
 using MareSynchronos.API.Routes;
 using MareSynchronosAuthService.Services;
 using MareSynchronosShared;
@@ -146,7 +147,33 @@ public class JwtController : Controller
     {
         var ua = HttpContext.Request.Headers["User-Agent"][0] ?? "-";
         var ip = _accessor.GetIpAddress();
-        return Json(await _accountRegistrationService.RegisterAccountAsync(ua, ip));
+
+        // Legacy endpoint: generate a secret key for the user
+        var computedHash = StringUtils.Sha256String(StringUtils.GenerateRandomString(64) + DateTime.UtcNow.ToString());
+        var hashedKey = StringUtils.Sha256String(computedHash);
+
+        var dto = await _accountRegistrationService.RegisterAccountAsync(ua, ip, hashedKey);
+
+        return Json(new RegisterReplyDto()
+        {
+            Success = dto.Success,
+            ErrorMessage = dto.ErrorMessage,
+            UID = dto.UID,
+            SecretKey = computedHash
+        });
+    }
+
+    [AllowAnonymous]
+    [HttpPost(MareAuth.Auth_RegisterV2)]
+    public async Task<IActionResult> RegisterV2(string hashedSecretKey)
+    {
+        if (string.IsNullOrEmpty(hashedSecretKey)) return BadRequest("No HashedSecretKey");
+        if (hashedSecretKey.Length != 64) return BadRequest("Bad HashedSecretKey");
+        if (!hashedSecretKey.All(char.IsAsciiHexDigitUpper)) return BadRequest("Bad HashedSecretKey");
+
+        var ua = HttpContext.Request.Headers["User-Agent"][0] ?? "-";
+        var ip = _accessor.GetIpAddress();
+        return Json(await _accountRegistrationService.RegisterAccountAsync(ua, ip, hashedSecretKey));
     }
 
     private JwtSecurityToken CreateToken(IEnumerable<Claim> authClaims)

MareSynchronosServer/MareSynchronosAuthService/Services/AccountRegistrationService.cs

@@ -45,9 +45,9 @@ public class AccountRegistrationService
         _serviceScopeFactory = serviceScopeFactory;
     }
 
-    public async Task<RegisterReplyDto> RegisterAccountAsync(string ua, string ip)
+    public async Task<RegisterReplyV2Dto> RegisterAccountAsync(string ua, string ip, string hashedSecretKey)
     {
-		var reply = new RegisterReplyDto();
+		var reply = new RegisterReplyV2Dto();
 
 		if (!_registrationUserAgentRegex.Match(ua).Success)
         {
@@ -99,10 +99,9 @@ public class AccountRegistrationService
 
         user.LastLoggedIn = DateTime.UtcNow;
 
-        var computedHash = StringUtils.Sha256String(StringUtils.GenerateRandomString(64) + DateTime.UtcNow.ToString());
         var auth = new Auth()
         {
-            HashedKey = StringUtils.Sha256String(computedHash),
+            HashedKey = hashedSecretKey,
             User = user,
         };
 
@@ -115,7 +114,6 @@ public class AccountRegistrationService
 
         reply.Success = true;
         reply.UID = user.UID;
-        reply.SecretKey = computedHash;
 
         RecordIpRegistration(ip);