refactor: delegate session->user check to service
This commit is contained in:
parent
1d1acd2a40
commit
6db9537206
@ -2,20 +2,15 @@ using Microsoft.AspNetCore.Mvc;
|
|||||||
using Microsoft.AspNetCore.Mvc.RazorPages;
|
using Microsoft.AspNetCore.Mvc.RazorPages;
|
||||||
using OliverBooth.Data.Web;
|
using OliverBooth.Data.Web;
|
||||||
using OliverBooth.Services;
|
using OliverBooth.Services;
|
||||||
using ISession = OliverBooth.Data.Web.ISession;
|
|
||||||
|
|
||||||
namespace OliverBooth.Pages.Admin;
|
namespace OliverBooth.Pages.Admin;
|
||||||
|
|
||||||
public class Index : PageModel
|
public class Index : PageModel
|
||||||
{
|
{
|
||||||
private readonly ILogger<Index> _logger;
|
|
||||||
private readonly IUserService _userService;
|
|
||||||
private readonly ISessionService _sessionService;
|
private readonly ISessionService _sessionService;
|
||||||
|
|
||||||
public Index(ILogger<Index> logger, IUserService userService, ISessionService sessionService)
|
public Index(ISessionService sessionService)
|
||||||
{
|
{
|
||||||
_logger = logger;
|
|
||||||
_userService = userService;
|
|
||||||
_sessionService = sessionService;
|
_sessionService = sessionService;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -23,22 +18,9 @@ public class Index : PageModel
|
|||||||
|
|
||||||
public IActionResult OnGet()
|
public IActionResult OnGet()
|
||||||
{
|
{
|
||||||
if (!_sessionService.TryGetSession(Request, out ISession? session))
|
if (!_sessionService.TryGetCurrentUser(Request, Response, out IUser? user))
|
||||||
{
|
{
|
||||||
_logger.LogDebug("Session not found; redirecting");
|
return RedirectToPage("/admin/login");
|
||||||
return _sessionService.DeleteSessionCookie(Response);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!_sessionService.ValidateSession(Request, session))
|
|
||||||
{
|
|
||||||
_logger.LogDebug("Session invalid; redirecting");
|
|
||||||
return _sessionService.DeleteSessionCookie(Response);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!_userService.TryGetUser(session.UserId, out IUser? user))
|
|
||||||
{
|
|
||||||
_logger.LogDebug("User not found; redirecting");
|
|
||||||
return _sessionService.DeleteSessionCookie(Response);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
CurrentUser = user;
|
CurrentUser = user;
|
||||||
|
@ -5,13 +5,7 @@
|
|||||||
ViewData["Title"] = "Login";
|
ViewData["Title"] = "Login";
|
||||||
}
|
}
|
||||||
|
|
||||||
@section Styles
|
<div class="m-auto" style="max-width: 330px; padding: 1rem;">
|
||||||
{
|
|
||||||
<link rel="stylesheet" href="~/css/admin.min.css" asp-append-version="true">
|
|
||||||
}
|
|
||||||
|
|
||||||
<div class="form-signin m-auto">
|
|
||||||
|
|
||||||
<form method="post" asp-controller="Admin" asp-action="Login">
|
<form method="post" asp-controller="Admin" asp-action="Login">
|
||||||
<h1 class="h3 mb-3 fw-normal">Please sign in</h1>
|
<h1 class="h3 mb-3 fw-normal">Please sign in</h1>
|
||||||
|
|
||||||
@ -26,5 +20,4 @@
|
|||||||
|
|
||||||
<button class="btn btn-primary w-100 py-2" type="submit">Sign in</button>
|
<button class="btn btn-primary w-100 py-2" type="submit">Sign in</button>
|
||||||
</form>
|
</form>
|
||||||
|
|
||||||
</div>
|
</div>
|
@ -1,11 +1,20 @@
|
|||||||
|
using Microsoft.AspNetCore.Mvc;
|
||||||
using Microsoft.AspNetCore.Mvc.RazorPages;
|
using Microsoft.AspNetCore.Mvc.RazorPages;
|
||||||
|
using OliverBooth.Services;
|
||||||
|
|
||||||
namespace OliverBooth.Pages.Admin;
|
namespace OliverBooth.Pages.Admin;
|
||||||
|
|
||||||
public class Login : PageModel
|
public class Login : PageModel
|
||||||
{
|
{
|
||||||
public void OnGet()
|
private readonly ISessionService _sessionService;
|
||||||
{
|
|
||||||
|
|
||||||
|
public Login(ISessionService sessionService)
|
||||||
|
{
|
||||||
|
_sessionService = sessionService;
|
||||||
|
}
|
||||||
|
|
||||||
|
public IActionResult OnGet()
|
||||||
|
{
|
||||||
|
return _sessionService.TryGetCurrentUser(Request, Response, out _) ? RedirectToPage("/admin/index") : Page();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -46,6 +46,25 @@ public interface ISessionService
|
|||||||
/// </exception>
|
/// </exception>
|
||||||
void SaveSessionCookie(HttpResponse response, ISession session);
|
void SaveSessionCookie(HttpResponse response, ISession session);
|
||||||
|
|
||||||
|
/// <summary>
|
||||||
|
/// Attempts to find the user associated with the client's current request.
|
||||||
|
/// </summary>
|
||||||
|
/// <param name="request">The HTTP request.</param>
|
||||||
|
/// <param name="response">The response to edit.</param>
|
||||||
|
/// <param name="user">
|
||||||
|
/// When this method returns, contains the user with the specified request, if the user is found; otherwise,
|
||||||
|
/// <see langword="null" />.
|
||||||
|
/// </param>
|
||||||
|
/// <returns>
|
||||||
|
/// <see langword="true" /> if a user is found; otherwise, <see langword="false" />.
|
||||||
|
/// </returns>
|
||||||
|
/// <exception cref="ArgumentNullException">
|
||||||
|
/// <para><paramref name="request" /> is <see langword="null" />.</para>
|
||||||
|
/// -or-
|
||||||
|
/// <para><paramref name="response" /> is <see langword="null" />.</para>
|
||||||
|
/// </exception>
|
||||||
|
bool TryGetCurrentUser(HttpRequest request, HttpResponse response, [NotNullWhen(true)] out IUser? user);
|
||||||
|
|
||||||
/// <summary>
|
/// <summary>
|
||||||
/// Attempts to find a session with the specified ID.
|
/// Attempts to find a session with the specified ID.
|
||||||
/// </summary>
|
/// </summary>
|
||||||
|
@ -101,6 +101,35 @@ internal sealed class SessionService : BackgroundService, ISessionService
|
|||||||
response.Cookies.Append("sid", Convert.ToBase64String(buffer));
|
response.Cookies.Append("sid", Convert.ToBase64String(buffer));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/// <inheritdoc />
|
||||||
|
public bool TryGetCurrentUser(HttpRequest request, HttpResponse response, [NotNullWhen(true)] out IUser? user)
|
||||||
|
{
|
||||||
|
user = null;
|
||||||
|
|
||||||
|
if (!TryGetSession(request, out ISession? session))
|
||||||
|
{
|
||||||
|
_logger.LogDebug("Session not found; redirecting");
|
||||||
|
DeleteSessionCookie(response);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!ValidateSession(request, session))
|
||||||
|
{
|
||||||
|
_logger.LogDebug("Session invalid; redirecting");
|
||||||
|
DeleteSessionCookie(response);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!_userService.TryGetUser(session.UserId, out user))
|
||||||
|
{
|
||||||
|
_logger.LogDebug("User not found; redirecting");
|
||||||
|
DeleteSessionCookie(response);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
/// <inheritdoc />
|
/// <inheritdoc />
|
||||||
public bool TryGetSession(Guid sessionId, [NotNullWhen(true)] out ISession? session)
|
public bool TryGetSession(Guid sessionId, [NotNullWhen(true)] out ISession? session)
|
||||||
{
|
{
|
||||||
|
Loading…
Reference in New Issue
Block a user