refactor: delegate session->user check to service
This commit is contained in:
parent
1d1acd2a40
commit
6db9537206
|
@ -2,20 +2,15 @@ using Microsoft.AspNetCore.Mvc;
|
|||
using Microsoft.AspNetCore.Mvc.RazorPages;
|
||||
using OliverBooth.Data.Web;
|
||||
using OliverBooth.Services;
|
||||
using ISession = OliverBooth.Data.Web.ISession;
|
||||
|
||||
namespace OliverBooth.Pages.Admin;
|
||||
|
||||
public class Index : PageModel
|
||||
{
|
||||
private readonly ILogger<Index> _logger;
|
||||
private readonly IUserService _userService;
|
||||
private readonly ISessionService _sessionService;
|
||||
|
||||
public Index(ILogger<Index> logger, IUserService userService, ISessionService sessionService)
|
||||
public Index(ISessionService sessionService)
|
||||
{
|
||||
_logger = logger;
|
||||
_userService = userService;
|
||||
_sessionService = sessionService;
|
||||
}
|
||||
|
||||
|
@ -23,22 +18,9 @@ public class Index : PageModel
|
|||
|
||||
public IActionResult OnGet()
|
||||
{
|
||||
if (!_sessionService.TryGetSession(Request, out ISession? session))
|
||||
if (!_sessionService.TryGetCurrentUser(Request, Response, out IUser? user))
|
||||
{
|
||||
_logger.LogDebug("Session not found; redirecting");
|
||||
return _sessionService.DeleteSessionCookie(Response);
|
||||
}
|
||||
|
||||
if (!_sessionService.ValidateSession(Request, session))
|
||||
{
|
||||
_logger.LogDebug("Session invalid; redirecting");
|
||||
return _sessionService.DeleteSessionCookie(Response);
|
||||
}
|
||||
|
||||
if (!_userService.TryGetUser(session.UserId, out IUser? user))
|
||||
{
|
||||
_logger.LogDebug("User not found; redirecting");
|
||||
return _sessionService.DeleteSessionCookie(Response);
|
||||
return RedirectToPage("/admin/login");
|
||||
}
|
||||
|
||||
CurrentUser = user;
|
||||
|
|
|
@ -5,13 +5,7 @@
|
|||
ViewData["Title"] = "Login";
|
||||
}
|
||||
|
||||
@section Styles
|
||||
{
|
||||
<link rel="stylesheet" href="~/css/admin.min.css" asp-append-version="true">
|
||||
}
|
||||
|
||||
<div class="form-signin m-auto">
|
||||
|
||||
<div class="m-auto" style="max-width: 330px; padding: 1rem;">
|
||||
<form method="post" asp-controller="Admin" asp-action="Login">
|
||||
<h1 class="h3 mb-3 fw-normal">Please sign in</h1>
|
||||
|
||||
|
@ -26,5 +20,4 @@
|
|||
|
||||
<button class="btn btn-primary w-100 py-2" type="submit">Sign in</button>
|
||||
</form>
|
||||
|
||||
</div>
|
|
@ -1,11 +1,20 @@
|
|||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.AspNetCore.Mvc.RazorPages;
|
||||
using OliverBooth.Services;
|
||||
|
||||
namespace OliverBooth.Pages.Admin;
|
||||
|
||||
public class Login : PageModel
|
||||
{
|
||||
public void OnGet()
|
||||
{
|
||||
private readonly ISessionService _sessionService;
|
||||
|
||||
public Login(ISessionService sessionService)
|
||||
{
|
||||
_sessionService = sessionService;
|
||||
}
|
||||
|
||||
public IActionResult OnGet()
|
||||
{
|
||||
return _sessionService.TryGetCurrentUser(Request, Response, out _) ? RedirectToPage("/admin/index") : Page();
|
||||
}
|
||||
}
|
||||
|
|
|
@ -46,6 +46,25 @@ public interface ISessionService
|
|||
/// </exception>
|
||||
void SaveSessionCookie(HttpResponse response, ISession session);
|
||||
|
||||
/// <summary>
|
||||
/// Attempts to find the user associated with the client's current request.
|
||||
/// </summary>
|
||||
/// <param name="request">The HTTP request.</param>
|
||||
/// <param name="response">The response to edit.</param>
|
||||
/// <param name="user">
|
||||
/// When this method returns, contains the user with the specified request, if the user is found; otherwise,
|
||||
/// <see langword="null" />.
|
||||
/// </param>
|
||||
/// <returns>
|
||||
/// <see langword="true" /> if a user is found; otherwise, <see langword="false" />.
|
||||
/// </returns>
|
||||
/// <exception cref="ArgumentNullException">
|
||||
/// <para><paramref name="request" /> is <see langword="null" />.</para>
|
||||
/// -or-
|
||||
/// <para><paramref name="response" /> is <see langword="null" />.</para>
|
||||
/// </exception>
|
||||
bool TryGetCurrentUser(HttpRequest request, HttpResponse response, [NotNullWhen(true)] out IUser? user);
|
||||
|
||||
/// <summary>
|
||||
/// Attempts to find a session with the specified ID.
|
||||
/// </summary>
|
||||
|
|
|
@ -101,6 +101,35 @@ internal sealed class SessionService : BackgroundService, ISessionService
|
|||
response.Cookies.Append("sid", Convert.ToBase64String(buffer));
|
||||
}
|
||||
|
||||
/// <inheritdoc />
|
||||
public bool TryGetCurrentUser(HttpRequest request, HttpResponse response, [NotNullWhen(true)] out IUser? user)
|
||||
{
|
||||
user = null;
|
||||
|
||||
if (!TryGetSession(request, out ISession? session))
|
||||
{
|
||||
_logger.LogDebug("Session not found; redirecting");
|
||||
DeleteSessionCookie(response);
|
||||
return false;
|
||||
}
|
||||
|
||||
if (!ValidateSession(request, session))
|
||||
{
|
||||
_logger.LogDebug("Session invalid; redirecting");
|
||||
DeleteSessionCookie(response);
|
||||
return false;
|
||||
}
|
||||
|
||||
if (!_userService.TryGetUser(session.UserId, out user))
|
||||
{
|
||||
_logger.LogDebug("User not found; redirecting");
|
||||
DeleteSessionCookie(response);
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
/// <inheritdoc />
|
||||
public bool TryGetSession(Guid sessionId, [NotNullWhen(true)] out ISession? session)
|
||||
{
|
||||
|
|
Loading…
Reference in New Issue