refactor: delegate session->user check to service

This commit is contained in:
Oliver Booth 2024-02-25 14:16:55 +00:00
parent 1d1acd2a40
commit 6db9537206
Signed by: oliverbooth
GPG Key ID: E60B570D1B7557B5
5 changed files with 64 additions and 32 deletions

View File

@ -2,20 +2,15 @@ using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.RazorPages; using Microsoft.AspNetCore.Mvc.RazorPages;
using OliverBooth.Data.Web; using OliverBooth.Data.Web;
using OliverBooth.Services; using OliverBooth.Services;
using ISession = OliverBooth.Data.Web.ISession;
namespace OliverBooth.Pages.Admin; namespace OliverBooth.Pages.Admin;
public class Index : PageModel public class Index : PageModel
{ {
private readonly ILogger<Index> _logger;
private readonly IUserService _userService;
private readonly ISessionService _sessionService; private readonly ISessionService _sessionService;
public Index(ILogger<Index> logger, IUserService userService, ISessionService sessionService) public Index(ISessionService sessionService)
{ {
_logger = logger;
_userService = userService;
_sessionService = sessionService; _sessionService = sessionService;
} }
@ -23,22 +18,9 @@ public class Index : PageModel
public IActionResult OnGet() public IActionResult OnGet()
{ {
if (!_sessionService.TryGetSession(Request, out ISession? session)) if (!_sessionService.TryGetCurrentUser(Request, Response, out IUser? user))
{ {
_logger.LogDebug("Session not found; redirecting"); return RedirectToPage("/admin/login");
return _sessionService.DeleteSessionCookie(Response);
}
if (!_sessionService.ValidateSession(Request, session))
{
_logger.LogDebug("Session invalid; redirecting");
return _sessionService.DeleteSessionCookie(Response);
}
if (!_userService.TryGetUser(session.UserId, out IUser? user))
{
_logger.LogDebug("User not found; redirecting");
return _sessionService.DeleteSessionCookie(Response);
} }
CurrentUser = user; CurrentUser = user;

View File

@ -5,13 +5,7 @@
ViewData["Title"] = "Login"; ViewData["Title"] = "Login";
} }
@section Styles <div class="m-auto" style="max-width: 330px; padding: 1rem;">
{
<link rel="stylesheet" href="~/css/admin.min.css" asp-append-version="true">
}
<div class="form-signin m-auto">
<form method="post" asp-controller="Admin" asp-action="Login"> <form method="post" asp-controller="Admin" asp-action="Login">
<h1 class="h3 mb-3 fw-normal">Please sign in</h1> <h1 class="h3 mb-3 fw-normal">Please sign in</h1>
@ -26,5 +20,4 @@
<button class="btn btn-primary w-100 py-2" type="submit">Sign in</button> <button class="btn btn-primary w-100 py-2" type="submit">Sign in</button>
</form> </form>
</div> </div>

View File

@ -1,11 +1,20 @@
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.RazorPages; using Microsoft.AspNetCore.Mvc.RazorPages;
using OliverBooth.Services;
namespace OliverBooth.Pages.Admin; namespace OliverBooth.Pages.Admin;
public class Login : PageModel public class Login : PageModel
{ {
public void OnGet() private readonly ISessionService _sessionService;
{
public Login(ISessionService sessionService)
{
_sessionService = sessionService;
}
public IActionResult OnGet()
{
return _sessionService.TryGetCurrentUser(Request, Response, out _) ? RedirectToPage("/admin/index") : Page();
} }
} }

View File

@ -46,6 +46,25 @@ public interface ISessionService
/// </exception> /// </exception>
void SaveSessionCookie(HttpResponse response, ISession session); void SaveSessionCookie(HttpResponse response, ISession session);
/// <summary>
/// Attempts to find the user associated with the client's current request.
/// </summary>
/// <param name="request">The HTTP request.</param>
/// <param name="response">The response to edit.</param>
/// <param name="user">
/// When this method returns, contains the user with the specified request, if the user is found; otherwise,
/// <see langword="null" />.
/// </param>
/// <returns>
/// <see langword="true" /> if a user is found; otherwise, <see langword="false" />.
/// </returns>
/// <exception cref="ArgumentNullException">
/// <para><paramref name="request" /> is <see langword="null" />.</para>
/// -or-
/// <para><paramref name="response" /> is <see langword="null" />.</para>
/// </exception>
bool TryGetCurrentUser(HttpRequest request, HttpResponse response, [NotNullWhen(true)] out IUser? user);
/// <summary> /// <summary>
/// Attempts to find a session with the specified ID. /// Attempts to find a session with the specified ID.
/// </summary> /// </summary>

View File

@ -101,6 +101,35 @@ internal sealed class SessionService : BackgroundService, ISessionService
response.Cookies.Append("sid", Convert.ToBase64String(buffer)); response.Cookies.Append("sid", Convert.ToBase64String(buffer));
} }
/// <inheritdoc />
public bool TryGetCurrentUser(HttpRequest request, HttpResponse response, [NotNullWhen(true)] out IUser? user)
{
user = null;
if (!TryGetSession(request, out ISession? session))
{
_logger.LogDebug("Session not found; redirecting");
DeleteSessionCookie(response);
return false;
}
if (!ValidateSession(request, session))
{
_logger.LogDebug("Session invalid; redirecting");
DeleteSessionCookie(response);
return false;
}
if (!_userService.TryGetUser(session.UserId, out user))
{
_logger.LogDebug("User not found; redirecting");
DeleteSessionCookie(response);
return false;
}
return true;
}
/// <inheritdoc /> /// <inheritdoc />
public bool TryGetSession(Guid sessionId, [NotNullWhen(true)] out ISession? session) public bool TryGetSession(Guid sessionId, [NotNullWhen(true)] out ISession? session)
{ {