refactor: delegate session->user check to service

2024-02-25 14:16:55 +00:00 · 2024-02-25 14:16:55 +00:00 · 6db9537206
parent 1d1acd2a40
commit 6db9537206
5 changed files with 64 additions and 32 deletions
--- a/OliverBooth/Pages/Admin/Index.cshtml.cs
+++ b/OliverBooth/Pages/Admin/Index.cshtml.cs
@ -2,20 +2,15 @@ using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Mvc.RazorPages;
 using OliverBooth.Data.Web;
 using OliverBooth.Services;
-using ISession = OliverBooth.Data.Web.ISession;

 namespace OliverBooth.Pages.Admin;

 public class Index : PageModel
 {
-    private readonly ILogger<Index> _logger;
-    private readonly IUserService _userService;
    private readonly ISessionService _sessionService;

-    public Index(ILogger<Index> logger, IUserService userService, ISessionService sessionService)
+    public Index(ISessionService sessionService)
    {
-        _logger = logger;
-        _userService = userService;
        _sessionService = sessionService;
    }

@ -23,22 +18,9 @@ public class Index : PageModel

    public IActionResult OnGet()
    {
-        if (!_sessionService.TryGetSession(Request, out ISession? session))
+        if (!_sessionService.TryGetCurrentUser(Request, Response, out IUser? user))
        {
-            _logger.LogDebug("Session not found; redirecting");
-            return _sessionService.DeleteSessionCookie(Response);
-        }
-
-        if (!_sessionService.ValidateSession(Request, session))
-        {
-            _logger.LogDebug("Session invalid; redirecting");
-            return _sessionService.DeleteSessionCookie(Response);
-        }
-
-        if (!_userService.TryGetUser(session.UserId, out IUser? user))
-        {
-            _logger.LogDebug("User not found; redirecting");
-            return _sessionService.DeleteSessionCookie(Response);
+            return RedirectToPage("/admin/login");
        }

        CurrentUser = user;
--- a/OliverBooth/Pages/Admin/Login.cshtml
+++ b/OliverBooth/Pages/Admin/Login.cshtml
@ -5,13 +5,7 @@
    ViewData["Title"] = "Login";
 }

-@section Styles
-{
-    <link rel="stylesheet" href="~/css/admin.min.css" asp-append-version="true">
-}
-
-<div class="form-signin m-auto">
-
+<div class="m-auto" style="max-width: 330px; padding: 1rem;">
    <form method="post" asp-controller="Admin" asp-action="Login">
        <h1 class="h3 mb-3 fw-normal">Please sign in</h1>

@ -26,5 +20,4 @@

        <button class="btn btn-primary w-100 py-2" type="submit">Sign in</button>
    </form>
-
 </div>
--- a/OliverBooth/Pages/Admin/Login.cshtml.cs
+++ b/OliverBooth/Pages/Admin/Login.cshtml.cs
@ -1,11 +1,20 @@
+using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Mvc.RazorPages;
+using OliverBooth.Services;

 namespace OliverBooth.Pages.Admin;

 public class Login : PageModel
 {
-    public void OnGet()
+    private readonly ISessionService _sessionService;
+
+    public Login(ISessionService sessionService)
    {
-        
+        _sessionService = sessionService;
+    }
+
+    public IActionResult OnGet()
+    {
+        return _sessionService.TryGetCurrentUser(Request, Response, out _) ? RedirectToPage("/admin/index") : Page();
    }
 }
--- a/OliverBooth/Services/ISessionService.cs
+++ b/OliverBooth/Services/ISessionService.cs
@ -45,7 +45,26 @@ public interface ISessionService
    ///     <para><paramref name="session" /> is <see langword="null" />.</para>
    /// </exception>
    void SaveSessionCookie(HttpResponse response, ISession session);
-    
+
+    /// <summary>
+    ///     Attempts to find the user associated with the client's current request.
+    /// </summary>
+    /// <param name="request">The HTTP request.</param>
+    /// <param name="response">The response to edit.</param>
+    /// <param name="user">
+    ///     When this method returns, contains the user with the specified request, if the user is found; otherwise,
+    ///     <see langword="null" />.
+    /// </param>
+    /// <returns>
+    ///     <see langword="true" /> if a user is found; otherwise, <see langword="false" />.
+    /// </returns>
+    /// <exception cref="ArgumentNullException">
+    ///     <para><paramref name="request" /> is <see langword="null" />.</para>
+    ///     -or-
+    ///     <para><paramref name="response" /> is <see langword="null" />.</para>
+    /// </exception>
+    bool TryGetCurrentUser(HttpRequest request, HttpResponse response, [NotNullWhen(true)] out IUser? user);
+
    /// <summary>
    ///     Attempts to find a session with the specified ID.
    /// </summary>
--- a/OliverBooth/Services/SessionService.cs
+++ b/OliverBooth/Services/SessionService.cs
@ -101,6 +101,35 @@ internal sealed class SessionService : BackgroundService, ISessionService
        response.Cookies.Append("sid", Convert.ToBase64String(buffer));
    }

+    /// <inheritdoc />
+    public bool TryGetCurrentUser(HttpRequest request, HttpResponse response, [NotNullWhen(true)] out IUser? user)
+    {
+        user = null;
+        
+        if (!TryGetSession(request, out ISession? session))
+        {
+            _logger.LogDebug("Session not found; redirecting");
+            DeleteSessionCookie(response);
+            return false;
+        }
+
+        if (!ValidateSession(request, session))
+        {
+            _logger.LogDebug("Session invalid; redirecting");
+            DeleteSessionCookie(response);
+            return false;
+        }
+
+        if (!_userService.TryGetUser(session.UserId, out user))
+        {
+            _logger.LogDebug("User not found; redirecting");
+            DeleteSessionCookie(response);
+            return false;
+        }
+
+        return true;
+    }
+
    /// <inheritdoc />
    public bool TryGetSession(Guid sessionId, [NotNullWhen(true)] out ISession? session)
    {