feat: add password protection to blog posts (WEB-3)

This commit is contained in:
Oliver Booth 2023-09-26 12:46:18 +01:00
parent 40d8052116
commit 1200318326
Signed by: oliverbooth
GPG Key ID: E60B570D1B7557B5
3 changed files with 60 additions and 0 deletions

View File

@ -9,6 +9,7 @@
<ItemGroup> <ItemGroup>
<PackageReference Include="Alexinea.Extensions.Configuration.Toml" Version="7.0.0"/> <PackageReference Include="Alexinea.Extensions.Configuration.Toml" Version="7.0.0"/>
<PackageReference Include="BCrypt.Net-Core" Version="1.6.0"/>
<PackageReference Include="Humanizer.Core" Version="2.14.1"/> <PackageReference Include="Humanizer.Core" Version="2.14.1"/>
<PackageReference Include="MailKit" Version="4.1.0"/> <PackageReference Include="MailKit" Version="4.1.0"/>
<PackageReference Include="MailKitSimplified.Sender" Version="2.5.2"/> <PackageReference Include="MailKitSimplified.Sender" Version="2.5.2"/>

View File

@ -5,6 +5,22 @@
@inject IBlogPostService BlogPostService @inject IBlogPostService BlogPostService
@model Article @model Article
@if (Model.ShowPasswordPrompt)
{
<div class="alert alert-danger" role="alert">
This post is private and can only be viewed by those with the password.
</div>
<form method="post">
<div class="mb-3">
<label for="password" class="form-label">Password</label>
<input type="password" class="form-control" id="password" name="password" required>
</div>
<button type="submit" class="btn btn-primary">Submit</button>
</form>
return;
}
@if (Model.Post is not { } post) @if (Model.Post is not { } post)
{ {
return; return;

View File

@ -1,7 +1,9 @@
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.RazorPages; using Microsoft.AspNetCore.Mvc.RazorPages;
using Microsoft.Extensions.Primitives;
using OliverBooth.Data.Blog; using OliverBooth.Data.Blog;
using OliverBooth.Services; using OliverBooth.Services;
using BC = BCrypt.Net.BCrypt;
namespace OliverBooth.Pages.Blog; namespace OliverBooth.Pages.Blog;
@ -38,6 +40,14 @@ public class Article : PageModel
/// <value>The requested blog post.</value> /// <value>The requested blog post.</value>
public IBlogPost Post { get; private set; } = null!; public IBlogPost Post { get; private set; } = null!;
/// <summary>
/// Gets a value indicating whether to show the password prompt.
/// </summary>
/// <value>
/// <see langword="true" /> if the password prompt should be shown; otherwise, <see langword="false" />.
/// </value>
public bool ShowPasswordPrompt { get; private set; }
public IActionResult OnGet(int year, int month, int day, string slug) public IActionResult OnGet(int year, int month, int day, string slug)
{ {
var date = new DateOnly(year, month, day); var date = new DateOnly(year, month, day);
@ -47,6 +57,39 @@ public class Article : PageModel
return NotFound(); return NotFound();
} }
if (!string.IsNullOrWhiteSpace(post.Password))
{
ShowPasswordPrompt = true;
}
if (post.IsRedirect)
{
return Redirect(post.RedirectUrl!.ToString());
}
Post = post;
return Page();
}
public IActionResult OnPost([FromRoute] int year,
[FromRoute] int month,
[FromRoute] int day,
[FromRoute] string slug)
{
var date = new DateOnly(year, month, day);
if (!_blogPostService.TryGetPost(date, slug, out IBlogPost? post))
{
Response.StatusCode = 404;
return NotFound();
}
ShowPasswordPrompt = true;
if (Request.Form.TryGetValue("password", out StringValues password) && BC.Verify(password, post.Password))
{
ShowPasswordPrompt = false;
}
if (post.IsRedirect) if (post.IsRedirect)
{ {
return Redirect(post.RedirectUrl!.ToString()); return Redirect(post.RedirectUrl!.ToString());