From 6db9537206b626336430628069ee7671b2f084a2 Mon Sep 17 00:00:00 2001
From: Oliver Booth <git@olivr.me>
Date: Sun, 25 Feb 2024 14:16:55 +0000
Subject: [PATCH] refactor: delegate session->user check to service

---
 OliverBooth/Pages/Admin/Index.cshtml.cs | 24 +++-----------------
 OliverBooth/Pages/Admin/Login.cshtml    |  9 +-------
 OliverBooth/Pages/Admin/Login.cshtml.cs | 13 +++++++++--
 OliverBooth/Services/ISessionService.cs | 21 +++++++++++++++++-
 OliverBooth/Services/SessionService.cs  | 29 +++++++++++++++++++++++++
 5 files changed, 64 insertions(+), 32 deletions(-)

diff --git a/OliverBooth/Pages/Admin/Index.cshtml.cs b/OliverBooth/Pages/Admin/Index.cshtml.cs
index f3af901..d13264d 100644
--- a/OliverBooth/Pages/Admin/Index.cshtml.cs
+++ b/OliverBooth/Pages/Admin/Index.cshtml.cs
@@ -2,20 +2,15 @@ using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Mvc.RazorPages;
 using OliverBooth.Data.Web;
 using OliverBooth.Services;
-using ISession = OliverBooth.Data.Web.ISession;
 
 namespace OliverBooth.Pages.Admin;
 
 public class Index : PageModel
 {
-    private readonly ILogger<Index> _logger;
-    private readonly IUserService _userService;
     private readonly ISessionService _sessionService;
 
-    public Index(ILogger<Index> logger, IUserService userService, ISessionService sessionService)
+    public Index(ISessionService sessionService)
     {
-        _logger = logger;
-        _userService = userService;
         _sessionService = sessionService;
     }
 
@@ -23,22 +18,9 @@ public class Index : PageModel
 
     public IActionResult OnGet()
     {
-        if (!_sessionService.TryGetSession(Request, out ISession? session))
+        if (!_sessionService.TryGetCurrentUser(Request, Response, out IUser? user))
         {
-            _logger.LogDebug("Session not found; redirecting");
-            return _sessionService.DeleteSessionCookie(Response);
-        }
-
-        if (!_sessionService.ValidateSession(Request, session))
-        {
-            _logger.LogDebug("Session invalid; redirecting");
-            return _sessionService.DeleteSessionCookie(Response);
-        }
-
-        if (!_userService.TryGetUser(session.UserId, out IUser? user))
-        {
-            _logger.LogDebug("User not found; redirecting");
-            return _sessionService.DeleteSessionCookie(Response);
+            return RedirectToPage("/admin/login");
         }
 
         CurrentUser = user;
diff --git a/OliverBooth/Pages/Admin/Login.cshtml b/OliverBooth/Pages/Admin/Login.cshtml
index 267dd40..6eeb75a 100644
--- a/OliverBooth/Pages/Admin/Login.cshtml
+++ b/OliverBooth/Pages/Admin/Login.cshtml
@@ -5,13 +5,7 @@
     ViewData["Title"] = "Login";
 }
 
-@section Styles
-{
-    <link rel="stylesheet" href="~/css/admin.min.css" asp-append-version="true">
-}
-
-<div class="form-signin m-auto">
-
+<div class="m-auto" style="max-width: 330px; padding: 1rem;">
     <form method="post" asp-controller="Admin" asp-action="Login">
         <h1 class="h3 mb-3 fw-normal">Please sign in</h1>
 
@@ -26,5 +20,4 @@
 
         <button class="btn btn-primary w-100 py-2" type="submit">Sign in</button>
     </form>
-
 </div>
\ No newline at end of file
diff --git a/OliverBooth/Pages/Admin/Login.cshtml.cs b/OliverBooth/Pages/Admin/Login.cshtml.cs
index b4a6bfc..6033f27 100644
--- a/OliverBooth/Pages/Admin/Login.cshtml.cs
+++ b/OliverBooth/Pages/Admin/Login.cshtml.cs
@@ -1,11 +1,20 @@
+using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Mvc.RazorPages;
+using OliverBooth.Services;
 
 namespace OliverBooth.Pages.Admin;
 
 public class Login : PageModel
 {
-    public void OnGet()
+    private readonly ISessionService _sessionService;
+
+    public Login(ISessionService sessionService)
     {
-        
+        _sessionService = sessionService;
+    }
+
+    public IActionResult OnGet()
+    {
+        return _sessionService.TryGetCurrentUser(Request, Response, out _) ? RedirectToPage("/admin/index") : Page();
     }
 }
diff --git a/OliverBooth/Services/ISessionService.cs b/OliverBooth/Services/ISessionService.cs
index 99bce13..4d55c8c 100644
--- a/OliverBooth/Services/ISessionService.cs
+++ b/OliverBooth/Services/ISessionService.cs
@@ -45,7 +45,26 @@ public interface ISessionService
     ///     <para><paramref name="session" /> is <see langword="null" />.</para>
     /// </exception>
     void SaveSessionCookie(HttpResponse response, ISession session);
-    
+
+    /// <summary>
+    ///     Attempts to find the user associated with the client's current request.
+    /// </summary>
+    /// <param name="request">The HTTP request.</param>
+    /// <param name="response">The response to edit.</param>
+    /// <param name="user">
+    ///     When this method returns, contains the user with the specified request, if the user is found; otherwise,
+    ///     <see langword="null" />.
+    /// </param>
+    /// <returns>
+    ///     <see langword="true" /> if a user is found; otherwise, <see langword="false" />.
+    /// </returns>
+    /// <exception cref="ArgumentNullException">
+    ///     <para><paramref name="request" /> is <see langword="null" />.</para>
+    ///     -or-
+    ///     <para><paramref name="response" /> is <see langword="null" />.</para>
+    /// </exception>
+    bool TryGetCurrentUser(HttpRequest request, HttpResponse response, [NotNullWhen(true)] out IUser? user);
+
     /// <summary>
     ///     Attempts to find a session with the specified ID.
     /// </summary>
diff --git a/OliverBooth/Services/SessionService.cs b/OliverBooth/Services/SessionService.cs
index b726af4..7a0bb32 100644
--- a/OliverBooth/Services/SessionService.cs
+++ b/OliverBooth/Services/SessionService.cs
@@ -101,6 +101,35 @@ internal sealed class SessionService : BackgroundService, ISessionService
         response.Cookies.Append("sid", Convert.ToBase64String(buffer));
     }
 
+    /// <inheritdoc />
+    public bool TryGetCurrentUser(HttpRequest request, HttpResponse response, [NotNullWhen(true)] out IUser? user)
+    {
+        user = null;
+        
+        if (!TryGetSession(request, out ISession? session))
+        {
+            _logger.LogDebug("Session not found; redirecting");
+            DeleteSessionCookie(response);
+            return false;
+        }
+
+        if (!ValidateSession(request, session))
+        {
+            _logger.LogDebug("Session invalid; redirecting");
+            DeleteSessionCookie(response);
+            return false;
+        }
+
+        if (!_userService.TryGetUser(session.UserId, out user))
+        {
+            _logger.LogDebug("User not found; redirecting");
+            DeleteSessionCookie(response);
+            return false;
+        }
+
+        return true;
+    }
+
     /// <inheritdoc />
     public bool TryGetSession(Guid sessionId, [NotNullWhen(true)] out ISession? session)
     {