fix: add HttpClient to services

WIP

Gulpfile.js

@@ -1,54 +0,0 @@
-const gulp = require('gulp');
-const sass = require('gulp-sass')(require('sass'));
-const cleanCSS = require('gulp-clean-css');
-const rename = require('gulp-rename');
-const ts = require('gulp-typescript');
-const terser = require('gulp-terser');
-const webpack = require('webpack-stream');
-
-const srcDir = 'src';
-const destDir = 'OliverBooth/wwwroot';
-
-function compileSCSS() {
-    return gulp.src(`${srcDir}/scss/**/*.scss`)
-        .pipe(sass().on('error', sass.logError))
-        .pipe(cleanCSS({ compatibility: 'ie11' }))
-        .pipe(rename({ suffix: '.min' }))
-        .pipe(gulp.dest(`${destDir}/css`));
-}
-
-function compileTS() {
-    return gulp.src(`${srcDir}/ts/**/*.ts`)
-        .pipe(ts("tsconfig.json"))
-        .pipe(terser())
-        .pipe(gulp.dest(`tmp/js`));
-}
-
-function bundleJS() {
-    return gulp.src('tmp/js/*.js')
-        .pipe(webpack({ mode: 'production', output: { filename: 'app.min.js' } }))
-        .pipe(gulp.dest(`${destDir}/js`));
-}
-
-function copyJS() {
-    return gulp.src(`${srcDir}/ts/**/*.js`)
-        .pipe(rename({ suffix: '.min' }))
-        .pipe(gulp.dest(`${destDir}/js`));
-}
-
-function copyCSS() {
-    return gulp.src(`${srcDir}/scss/**/*.css`)
-        .pipe(rename({ suffix: '.min' }))
-        .pipe(gulp.dest(`${destDir}/css`));
-}
-
-function copyImages() {
-    return gulp.src(`${srcDir}/img/**/*.*`)
-        .pipe(gulp.dest(`${destDir}/img`));
-}
-
-exports.assets = copyImages;
-exports.styles = gulp.parallel(compileSCSS, copyCSS);
-exports.scripts = gulp.parallel(copyJS, gulp.series(compileTS, bundleJS));
-
-exports.default = gulp.parallel(exports.styles, exports.scripts, exports.assets);

Gulpfile.mjs

@@ -0,0 +1,99 @@
+import fs from "fs";
+import gulp from "gulp";
+import cleanCSS from "gulp-clean-css";
+import {deleteSync} from "del";
+import noop from "gulp-noop";
+import rename from "gulp-rename";
+import gulpSass from "gulp-sass";
+import * as nodeSass from "sass";
+const sass = gulpSass(nodeSass);
+import sourcemaps from "gulp-sourcemaps";
+import ts from "gulp-typescript";
+import webpack from "webpack-stream";
+import vinylPaths from "vinyl-paths";
+
+const srcDir = "src";
+const tmpDir = "tmp";
+const destDir = "OliverBooth/wwwroot";
+const isDevelopment = !!process.env.DEVELOPMENT;
+
+function cleanTMP() {
+    return gulp.src(tmpDir, {allowEmpty: true})
+        .pipe(vinylPaths(deleteSync));
+}
+
+function cleanWWWRoot() {
+    return gulp.src(destDir, {allowEmpty: true})
+        .pipe(vinylPaths(deleteSync));
+}
+
+function compileSCSS() {
+    return gulp.src(`${srcDir}/scss/**/*.scss`)
+        .pipe(isDevelopment ? sourcemaps.init() : noop())
+        .pipe(sass().on("error", sass.logError))
+        .pipe(cleanCSS({compatibility: "ie11"}))
+        .pipe(rename({suffix: ".min"}))
+        .pipe(isDevelopment ? sourcemaps.write() : noop())
+        .pipe(gulp.dest(`${destDir}/css`));
+}
+
+function compileTS() {
+    return gulp.src(`${srcDir}/ts/**/*.ts`)
+        .pipe(isDevelopment ? sourcemaps.init() : noop())
+        .pipe(ts("tsconfig.json"))
+        .pipe(isDevelopment ? sourcemaps.write("./", { includeContent: true }) : noop())
+        .pipe(gulp.dest(`${tmpDir}/js`));
+}
+
+function bundleJS(done) {
+    const tasks = fs.readdirSync(`${tmpDir}/js`, {withFileTypes: true})
+        .filter(dirent => dirent.isDirectory())
+        .map(d => bundleDir(d.name));
+    return gulp.parallel(...tasks, writeSourcemaps)(done);
+
+    function bundleDir(directory) {
+        return () => gulp.src(`${tmpDir}/js/${directory}/${directory}.js`)
+            .pipe(isDevelopment ? sourcemaps.init() : noop())
+            .pipe(webpack({mode: "production", output: {filename: `${directory}.min.js`}, devtool: "source-map"}))
+            .pipe(isDevelopment ? sourcemaps.write("./", { includeContent: true }) : noop())
+            .pipe(gulp.dest(`${destDir}/js`));
+    }
+
+    function writeSourcemaps() {
+        return gulp.src(`${destDir}/js/**/*.js`)
+            .pipe(isDevelopment ? sourcemaps.init({ loadMaps: true }) : noop())
+            .pipe(isDevelopment ? sourcemaps.write("./", { includeContent: true }) : noop())
+            .pipe(gulp.dest(`${destDir}/js`));
+    }
+}
+
+function copyJS() {
+    return gulp.src(`${srcDir}/ts/**/*.js`)
+        .pipe(rename({suffix: ".min"}))
+        .pipe(gulp.dest(`${destDir}/js`));
+}
+
+function copyCSS() {
+    return gulp.src(`${srcDir}/scss/**/*.css`)
+        .pipe(rename({suffix: ".min"}))
+        .pipe(gulp.dest(`${destDir}/css`));
+}
+
+function copyImages() {
+    return gulp.src(`${srcDir}/img/**/*.*`)
+        .pipe(gulp.dest(`${destDir}/img`));
+}
+
+function exists(path) {
+    try {
+        return fs.existsSync(path);
+    } catch (err) {
+        return false;
+    }
+}
+
+gulp.task("clean", gulp.parallel(cleanTMP, cleanWWWRoot));
+gulp.task("assets", copyImages);
+gulp.task("styles", gulp.parallel(compileSCSS, copyCSS));
+gulp.task("scripts", gulp.parallel(copyJS, gulp.series(compileTS, bundleJS)));
+gulp.task("default", gulp.series("clean", gulp.parallel("styles", "scripts", "assets"), cleanTMP));

OliverBooth.Admin/Dockerfile

@@ -0,0 +1,22 @@
+FROM mcr.microsoft.com/dotnet/aspnet:8.0 AS base
+USER $APP_UID
+WORKDIR /app
+EXPOSE 80
+EXPOSE 443
+
+FROM mcr.microsoft.com/dotnet/sdk:8.0 AS build
+ARG BUILD_CONFIGURATION=Release
+WORKDIR /src
+COPY ["OliverBooth.Admin/OliverBooth.Admin.csproj", "OliverBooth.Admin/"]
+COPY . .
+
+WORKDIR "/src/OliverBooth.Admin"
+
+FROM build AS publish
+ARG BUILD_CONFIGURATION=Release
+RUN dotnet publish "OliverBooth.Admin.csproj" -c Release -o /app/publish /p:UseAppHost=false
+
+FROM base AS final
+WORKDIR /app
+COPY --from=publish /app/publish .
+ENTRYPOINT ["dotnet", "OliverBooth.Admin.dll"]

OliverBooth.Admin/OliverBooth.Admin.csproj

@@ -0,0 +1,37 @@
+<Project Sdk="Microsoft.NET.Sdk.Web">
+
+    <PropertyGroup>
+        <TargetFramework>net8.0</TargetFramework>
+        <Nullable>enable</Nullable>
+        <ImplicitUsings>enable</ImplicitUsings>
+        <DockerDefaultTargetOS>Linux</DockerDefaultTargetOS>
+        <VersionPrefix>1.0.0</VersionPrefix>
+    </PropertyGroup>
+
+    <PropertyGroup Condition="'$(VersionSuffix)' != '' And '$(BuildNumber)' == ''">
+        <Version>$(VersionPrefix)-$(VersionSuffix)</Version>
+        <AssemblyVersion>$(VersionPrefix).0</AssemblyVersion>
+        <FileVersion>$(VersionPrefix).0</FileVersion>
+    </PropertyGroup>
+
+    <PropertyGroup Condition="'$(VersionSuffix)' != '' And '$(BuildNumber)' != ''">
+        <Version>$(VersionPrefix)-$(VersionSuffix).$(BuildNumber)</Version>
+        <AssemblyVersion>$(VersionPrefix).$(BuildNumber)</AssemblyVersion>
+        <FileVersion>$(VersionPrefix).$(BuildNumber)</FileVersion>
+    </PropertyGroup>
+
+    <PropertyGroup Condition="'$(VersionSuffix)' == ''">
+        <Version>$(VersionPrefix)</Version>
+        <AssemblyVersion>$(VersionPrefix).0</AssemblyVersion>
+        <FileVersion>$(VersionPrefix).0</FileVersion>
+    </PropertyGroup>
+
+    <ItemGroup>
+        <ProjectReference Include="..\OliverBooth.Common\OliverBooth.Common.csproj"/>
+    </ItemGroup>
+
+    <ItemGroup>
+      <None Remove="Properties\launchSettings.json" />
+    </ItemGroup>
+
+</Project>

OliverBooth.Admin/Pages/Error.cshtml

@@ -0,0 +1,26 @@
+@page
+@model ErrorModel
+@{
+    ViewData["Title"] = "Error";
+}
+
+<h1 class="text-danger">Error.</h1>
+<h2 class="text-danger">An error occurred while processing your request.</h2>
+
+@if (Model.ShowRequestId)
+{
+    <p>
+        <strong>Request ID:</strong> <code>@Model.RequestId</code>
+    </p>
+}
+
+<h3>Development Mode</h3>
+<p>
+    Swapping to the <strong>Development</strong> environment displays detailed information about the error that occurred.
+</p>
+<p>
+    <strong>The Development environment shouldn't be enabled for deployed applications.</strong>
+    It can result in displaying sensitive information from exceptions to end users.
+    For local debugging, enable the <strong>Development</strong> environment by setting the <strong>ASPNETCORE_ENVIRONMENT</strong> environment variable to <strong>Development</strong>
+    and restarting the app.
+</p>

OliverBooth.Admin/Pages/Error.cshtml.cs

@@ -0,0 +1,26 @@
+using System.Diagnostics;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.RazorPages;
+
+namespace OliverBooth.Admin.Pages;
+
+[ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)]
+[IgnoreAntiforgeryToken]
+public class ErrorModel : PageModel
+{
+    public string? RequestId { get; set; }
+
+    public bool ShowRequestId => !string.IsNullOrEmpty(RequestId);
+
+    private readonly ILogger<ErrorModel> _logger;
+
+    public ErrorModel(ILogger<ErrorModel> logger)
+    {
+        _logger = logger;
+    }
+
+    public void OnGet()
+    {
+        RequestId = Activity.Current?.Id ?? HttpContext.TraceIdentifier;
+    }
+}

OliverBooth.Admin/Pages/Index.cshtml

@@ -0,0 +1,10 @@
+@page
+@model IndexModel
+@{
+    ViewData["Title"] = "Home page";
+}
+
+<div class="text-center">
+    <h1 class="display-4">Welcome</h1>
+    <p>Learn about <a href="https://learn.microsoft.com/aspnet/core">building Web apps with ASP.NET Core</a>.</p>
+</div>

OliverBooth.Admin/Pages/Index.cshtml.cs

@@ -0,0 +1,18 @@
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.RazorPages;
+
+namespace OliverBooth.Admin.Pages;
+
+public class IndexModel : PageModel
+{
+    private readonly ILogger<IndexModel> _logger;
+
+    public IndexModel(ILogger<IndexModel> logger)
+    {
+        _logger = logger;
+    }
+
+    public void OnGet()
+    {
+    }
+}

OliverBooth.Admin/Pages/Privacy.cshtml

@@ -0,0 +1,8 @@
+@page
+@model PrivacyModel
+@{
+    ViewData["Title"] = "Privacy Policy";
+}
+<h1>@ViewData["Title"]</h1>
+
+<p>Use this page to detail your site's privacy policy.</p>

OliverBooth.Admin/Pages/Privacy.cshtml.cs

@@ -0,0 +1,18 @@
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.RazorPages;
+
+namespace OliverBooth.Admin.Pages;
+
+public class PrivacyModel : PageModel
+{
+    private readonly ILogger<PrivacyModel> _logger;
+
+    public PrivacyModel(ILogger<PrivacyModel> logger)
+    {
+        _logger = logger;
+    }
+
+    public void OnGet()
+    {
+    }
+}

OliverBooth.Admin/Pages/Shared/_Layout.cshtml

@@ -0,0 +1,51 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="utf-8"/>
+    <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+    <title>@ViewData["Title"] - OliverBooth.Admin</title>
+    <link rel="stylesheet" href="~/lib/bootstrap/dist/css/bootstrap.min.css"/>
+    <link rel="stylesheet" href="~/css/site.css" asp-append-version="true"/>
+    <link rel="stylesheet" href="~/OliverBooth.Admin.styles.css" asp-append-version="true"/>
+</head>
+<body>
+<header>
+    <nav class="navbar navbar-expand-sm navbar-toggleable-sm navbar-light bg-white border-bottom box-shadow mb-3">
+        <div class="container">
+            <a class="navbar-brand" asp-area="" asp-page="/Index">OliverBooth.Admin</a>
+            <button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target=".navbar-collapse" aria-controls="navbarSupportedContent"
+                    aria-expanded="false" aria-label="Toggle navigation">
+                <span class="navbar-toggler-icon"></span>
+            </button>
+            <div class="navbar-collapse collapse d-sm-inline-flex justify-content-between">
+                <ul class="navbar-nav flex-grow-1">
+                    <li class="nav-item">
+                        <a class="nav-link text-dark" asp-area="" asp-page="/Index">Home</a>
+                    </li>
+                    <li class="nav-item">
+                        <a class="nav-link text-dark" asp-area="" asp-page="/Privacy">Privacy</a>
+                    </li>
+                </ul>
+            </div>
+        </div>
+    </nav>
+</header>
+<div class="container">
+    <main role="main" class="pb-3">
+        @RenderBody()
+    </main>
+</div>
+
+<footer class="border-top footer text-muted">
+    <div class="container">
+        &copy; 2024 - OliverBooth.Admin - <a asp-area="" asp-page="/Privacy">Privacy</a>
+    </div>
+</footer>
+
+<script src="~/lib/jquery/dist/jquery.min.js"></script>
+<script src="~/lib/bootstrap/dist/js/bootstrap.bundle.min.js"></script>
+<script src="~/js/site.js" asp-append-version="true"></script>
+
+@await RenderSectionAsync("Scripts", required: false)
+</body>
+</html>

OliverBooth.Admin/Pages/Shared/_Layout.cshtml.css

@@ -0,0 +1,48 @@
+/* Please see documentation at https://learn.microsoft.com/aspnet/core/client-side/bundling-and-minification
+for details on configuring this project to bundle and minify static web assets. */
+
+a.navbar-brand {
+  white-space: normal;
+  text-align: center;
+  word-break: break-all;
+}
+
+a {
+  color: #0077cc;
+}
+
+.btn-primary {
+  color: #fff;
+  background-color: #1b6ec2;
+  border-color: #1861ac;
+}
+
+.nav-pills .nav-link.active, .nav-pills .show > .nav-link {
+  color: #fff;
+  background-color: #1b6ec2;
+  border-color: #1861ac;
+}
+
+.border-top {
+  border-top: 1px solid #e5e5e5;
+}
+.border-bottom {
+  border-bottom: 1px solid #e5e5e5;
+}
+
+.box-shadow {
+  box-shadow: 0 .25rem .75rem rgba(0, 0, 0, .05);
+}
+
+button.accept-policy {
+  font-size: 1rem;
+  line-height: inherit;
+}
+
+.footer {
+  position: absolute;
+  bottom: 0;
+  width: 100%;
+  white-space: nowrap;
+  line-height: 60px;
+}

OliverBooth.Admin/Pages/Shared/_ValidationScriptsPartial.cshtml

@@ -0,0 +1,2 @@
+<script src="~/lib/jquery-validation/dist/jquery.validate.min.js"></script>
+<script src="~/lib/jquery-validation-unobtrusive/jquery.validate.unobtrusive.min.js"></script>

OliverBooth.Admin/Pages/_ViewImports.cshtml

@@ -0,0 +1,3 @@
+@using OliverBooth.Admin
+@namespace OliverBooth.Admin.Pages
+@addTagHelper *, Microsoft.AspNetCore.Mvc.TagHelpers

OliverBooth.Admin/Pages/_ViewStart.cshtml

@@ -0,0 +1,3 @@
+@{
+    Layout = "_Layout";
+}

OliverBooth.Admin/Program.cs

@@ -0,0 +1,41 @@
+using Serilog;
+
+Log.Logger = new LoggerConfiguration()
+    .WriteTo.Console()
+    .WriteTo.File("logs/latest.log", rollingInterval: RollingInterval.Day)
+#if DEBUG
+    .MinimumLevel.Debug()
+#endif
+    .CreateLogger();
+
+WebApplicationBuilder builder = WebApplication.CreateBuilder(args);
+builder.Configuration.AddTomlFile("data/config.toml", true, true);
+builder.Logging.ClearProviders();
+builder.Logging.AddSerilog();
+
+builder.Services.AddRazorPages();
+builder.Services.AddControllersWithViews();
+builder.Services.AddRazorComponents().AddInteractiveServerComponents();
+builder.Services.AddServerSideBlazor().AddInteractiveServerComponents();
+builder.Services.AddRouting(options => options.LowercaseUrls = true);
+
+WebApplication app = builder.Build();
+
+// Configure the HTTP request pipeline.
+if (!app.Environment.IsDevelopment())
+{
+    app.UseExceptionHandler("/Error");
+    // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
+    app.UseHsts();
+}
+
+app.UseHttpsRedirection();
+app.UseStaticFiles();
+app.UseRouting();
+app.UseAuthorization();
+
+app.MapControllers();
+app.MapRazorPages();
+app.MapBlazorHub();
+
+app.Run();

OliverBooth.Admin/wwwroot/css/site.css

@@ -0,0 +1,22 @@
+html {
+  font-size: 14px;
+}
+
+@media (min-width: 768px) {
+  html {
+    font-size: 16px;
+  }
+}
+
+.btn:focus, .btn:active:focus, .btn-link.nav-link:focus, .form-control:focus, .form-check-input:focus {
+  box-shadow: 0 0 0 0.1rem white, 0 0 0 0.25rem #258cfb;
+}
+
+html {
+  position: relative;
+  min-height: 100%;
+}
+
+body {
+  margin-bottom: 60px;
+}

OliverBooth.Admin/wwwroot/js/site.js

@@ -0,0 +1,4 @@
+// Please see documentation at https://learn.microsoft.com/aspnet/core/client-side/bundling-and-minification
+// for details on configuring this project to bundle and minify static web assets.
+
+// Write your JavaScript code.

OliverBooth.Admin/wwwroot/lib/bootstrap/LICENSE

@@ -0,0 +1,22 @@
+The MIT License (MIT)
+
+Copyright (c) 2011-2021 Twitter, Inc.
+Copyright (c) 2011-2021 The Bootstrap Authors
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

OliverBooth.Admin/wwwroot/lib/jquery-validation-unobtrusive/LICENSE.txt

@@ -0,0 +1,23 @@
+The MIT License (MIT)
+
+Copyright (c) .NET Foundation and Contributors
+
+All rights reserved.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

OliverBooth.Admin/wwwroot/lib/jquery-validation-unobtrusive/jquery.validate.unobtrusive.js

@@ -0,0 +1,435 @@
+/**
+ * @license
+ * Unobtrusive validation support library for jQuery and jQuery Validate
+ * Copyright (c) .NET Foundation. All rights reserved.
+ * Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
+ * @version v4.0.0
+ */
+
+/*jslint white: true, browser: true, onevar: true, undef: true, nomen: true, eqeqeq: true, plusplus: true, bitwise: true, regexp: true, newcap: true, immed: true, strict: false */
+/*global document: false, jQuery: false */
+
+(function (factory) {
+    if (typeof define === 'function' && define.amd) {
+        // AMD. Register as an anonymous module.
+        define("jquery.validate.unobtrusive", ['jquery-validation'], factory);
+    } else if (typeof module === 'object' && module.exports) {
+        // CommonJS-like environments that support module.exports     
+        module.exports = factory(require('jquery-validation'));
+    } else {
+        // Browser global
+        jQuery.validator.unobtrusive = factory(jQuery);
+    }
+}(function ($) {
+    var $jQval = $.validator,
+        adapters,
+        data_validation = "unobtrusiveValidation";
+
+    function setValidationValues(options, ruleName, value) {
+        options.rules[ruleName] = value;
+        if (options.message) {
+            options.messages[ruleName] = options.message;
+        }
+    }
+
+    function splitAndTrim(value) {
+        return value.replace(/^\s+|\s+$/g, "").split(/\s*,\s*/g);
+    }
+
+    function escapeAttributeValue(value) {
+        // As mentioned on http://api.jquery.com/category/selectors/
+        return value.replace(/([!"#$%&'()*+,./:;<=>?@\[\\\]^`{|}~])/g, "\\$1");
+    }
+
+    function getModelPrefix(fieldName) {
+        return fieldName.substr(0, fieldName.lastIndexOf(".") + 1);
+    }
+
+    function appendModelPrefix(value, prefix) {
+        if (value.indexOf("*.") === 0) {
+            value = value.replace("*.", prefix);
+        }
+        return value;
+    }
+
+    function onError(error, inputElement) {  // 'this' is the form element
+        var container = $(this).find("[data-valmsg-for='" + escapeAttributeValue(inputElement[0].name) + "']"),
+            replaceAttrValue = container.attr("data-valmsg-replace"),
+            replace = replaceAttrValue ? $.parseJSON(replaceAttrValue) !== false : null;
+
+        container.removeClass("field-validation-valid").addClass("field-validation-error");
+        error.data("unobtrusiveContainer", container);
+
+        if (replace) {
+            container.empty();
+            error.removeClass("input-validation-error").appendTo(container);
+        }
+        else {
+            error.hide();
+        }
+    }
+
+    function onErrors(event, validator) {  // 'this' is the form element
+        var container = $(this).find("[data-valmsg-summary=true]"),
+            list = container.find("ul");
+
+        if (list && list.length && validator.errorList.length) {
+            list.empty();
+            container.addClass("validation-summary-errors").removeClass("validation-summary-valid");
+
+            $.each(validator.errorList, function () {
+                $("<li />").html(this.message).appendTo(list);
+            });
+        }
+    }
+
+    function onSuccess(error) {  // 'this' is the form element
+        var container = error.data("unobtrusiveContainer");
+
+        if (container) {
+            var replaceAttrValue = container.attr("data-valmsg-replace"),
+                replace = replaceAttrValue ? $.parseJSON(replaceAttrValue) : null;
+
+            container.addClass("field-validation-valid").removeClass("field-validation-error");
+            error.removeData("unobtrusiveContainer");
+
+            if (replace) {
+                container.empty();
+            }
+        }
+    }
+
+    function onReset(event) {  // 'this' is the form element
+        var $form = $(this),
+            key = '__jquery_unobtrusive_validation_form_reset';
+        if ($form.data(key)) {
+            return;
+        }
+        // Set a flag that indicates we're currently resetting the form.
+        $form.data(key, true);
+        try {
+            $form.data("validator").resetForm();
+        } finally {
+            $form.removeData(key);
+        }
+
+        $form.find(".validation-summary-errors")
+            .addClass("validation-summary-valid")
+            .removeClass("validation-summary-errors");
+        $form.find(".field-validation-error")
+            .addClass("field-validation-valid")
+            .removeClass("field-validation-error")
+            .removeData("unobtrusiveContainer")
+            .find(">*")  // If we were using valmsg-replace, get the underlying error
+            .removeData("unobtrusiveContainer");
+    }
+
+    function validationInfo(form) {
+        var $form = $(form),
+            result = $form.data(data_validation),
+            onResetProxy = $.proxy(onReset, form),
+            defaultOptions = $jQval.unobtrusive.options || {},
+            execInContext = function (name, args) {
+                var func = defaultOptions[name];
+                func && $.isFunction(func) && func.apply(form, args);
+            };
+
+        if (!result) {
+            result = {
+                options: {  // options structure passed to jQuery Validate's validate() method
+                    errorClass: defaultOptions.errorClass || "input-validation-error",
+                    errorElement: defaultOptions.errorElement || "span",
+                    errorPlacement: function () {
+                        onError.apply(form, arguments);
+                        execInContext("errorPlacement", arguments);
+                    },
+                    invalidHandler: function () {
+                        onErrors.apply(form, arguments);
+                        execInContext("invalidHandler", arguments);
+                    },
+                    messages: {},
+                    rules: {},
+                    success: function () {
+                        onSuccess.apply(form, arguments);
+                        execInContext("success", arguments);
+                    }
+                },
+                attachValidation: function () {
+                    $form
+                        .off("reset." + data_validation, onResetProxy)
+                        .on("reset." + data_validation, onResetProxy)
+                        .validate(this.options);
+                },
+                validate: function () {  // a validation function that is called by unobtrusive Ajax
+                    $form.validate();
+                    return $form.valid();
+                }
+            };
+            $form.data(data_validation, result);
+        }
+
+        return result;
+    }
+
+    $jQval.unobtrusive = {
+        adapters: [],
+
+        parseElement: function (element, skipAttach) {
+            /// <summary>
+            /// Parses a single HTML element for unobtrusive validation attributes.
+            /// </summary>
+            /// <param name="element" domElement="true">The HTML element to be parsed.</param>
+            /// <param name="skipAttach" type="Boolean">[Optional] true to skip attaching the
+            /// validation to the form. If parsing just this single element, you should specify true.
+            /// If parsing several elements, you should specify false, and manually attach the validation
+            /// to the form when you are finished. The default is false.</param>
+            var $element = $(element),
+                form = $element.parents("form")[0],
+                valInfo, rules, messages;
+
+            if (!form) {  // Cannot do client-side validation without a form
+                return;
+            }
+
+            valInfo = validationInfo(form);
+            valInfo.options.rules[element.name] = rules = {};
+            valInfo.options.messages[element.name] = messages = {};
+
+            $.each(this.adapters, function () {
+                var prefix = "data-val-" + this.name,
+                    message = $element.attr(prefix),
+                    paramValues = {};
+
+                if (message !== undefined) {  // Compare against undefined, because an empty message is legal (and falsy)
+                    prefix += "-";
+
+                    $.each(this.params, function () {
+                        paramValues[this] = $element.attr(prefix + this);
+                    });
+
+                    this.adapt({
+                        element: element,
+                        form: form,
+                        message: message,
+                        params: paramValues,
+                        rules: rules,
+                        messages: messages
+                    });
+                }
+            });
+
+            $.extend(rules, { "__dummy__": true });
+
+            if (!skipAttach) {
+                valInfo.attachValidation();
+            }
+        },
+
+        parse: function (selector) {
+            /// <summary>
+            /// Parses all the HTML elements in the specified selector. It looks for input elements decorated
+            /// with the [data-val=true] attribute value and enables validation according to the data-val-*
+            /// attribute values.
+            /// </summary>
+            /// <param name="selector" type="String">Any valid jQuery selector.</param>
+
+            // $forms includes all forms in selector's DOM hierarchy (parent, children and self) that have at least one
+            // element with data-val=true
+            var $selector = $(selector),
+                $forms = $selector.parents()
+                    .addBack()
+                    .filter("form")
+                    .add($selector.find("form"))
+                    .has("[data-val=true]");
+
+            $selector.find("[data-val=true]").each(function () {
+                $jQval.unobtrusive.parseElement(this, true);
+            });
+
+            $forms.each(function () {
+                var info = validationInfo(this);
+                if (info) {
+                    info.attachValidation();
+                }
+            });
+        }
+    };
+
+    adapters = $jQval.unobtrusive.adapters;
+
+    adapters.add = function (adapterName, params, fn) {
+        /// <summary>Adds a new adapter to convert unobtrusive HTML into a jQuery Validate validation.</summary>
+        /// <param name="adapterName" type="String">The name of the adapter to be added. This matches the name used
+        /// in the data-val-nnnn HTML attribute (where nnnn is the adapter name).</param>
+        /// <param name="params" type="Array" optional="true">[Optional] An array of parameter names (strings) that will
+        /// be extracted from the data-val-nnnn-mmmm HTML attributes (where nnnn is the adapter name, and
+        /// mmmm is the parameter name).</param>
+        /// <param name="fn" type="Function">The function to call, which adapts the values from the HTML
+        /// attributes into jQuery Validate rules and/or messages.</param>
+        /// <returns type="jQuery.validator.unobtrusive.adapters" />
+        if (!fn) {  // Called with no params, just a function
+            fn = params;
+            params = [];
+        }
+        this.push({ name: adapterName, params: params, adapt: fn });
+        return this;
+    };
+
+    adapters.addBool = function (adapterName, ruleName) {
+        /// <summary>Adds a new adapter to convert unobtrusive HTML into a jQuery Validate validation, where
+        /// the jQuery Validate validation rule has no parameter values.</summary>
+        /// <param name="adapterName" type="String">The name of the adapter to be added. This matches the name used
+        /// in the data-val-nnnn HTML attribute (where nnnn is the adapter name).</param>
+        /// <param name="ruleName" type="String" optional="true">[Optional] The name of the jQuery Validate rule. If not provided, the value
+        /// of adapterName will be used instead.</param>
+        /// <returns type="jQuery.validator.unobtrusive.adapters" />
+        return this.add(adapterName, function (options) {
+            setValidationValues(options, ruleName || adapterName, true);
+        });
+    };
+
+    adapters.addMinMax = function (adapterName, minRuleName, maxRuleName, minMaxRuleName, minAttribute, maxAttribute) {
+        /// <summary>Adds a new adapter to convert unobtrusive HTML into a jQuery Validate validation, where
+        /// the jQuery Validate validation has three potential rules (one for min-only, one for max-only, and
+        /// one for min-and-max). The HTML parameters are expected to be named -min and -max.</summary>
+        /// <param name="adapterName" type="String">The name of the adapter to be added. This matches the name used
+        /// in the data-val-nnnn HTML attribute (where nnnn is the adapter name).</param>
+        /// <param name="minRuleName" type="String">The name of the jQuery Validate rule to be used when you only
+        /// have a minimum value.</param>
+        /// <param name="maxRuleName" type="String">The name of the jQuery Validate rule to be used when you only
+        /// have a maximum value.</param>
+        /// <param name="minMaxRuleName" type="String">The name of the jQuery Validate rule to be used when you
+        /// have both a minimum and maximum value.</param>
+        /// <param name="minAttribute" type="String" optional="true">[Optional] The name of the HTML attribute that
+        /// contains the minimum value. The default is "min".</param>
+        /// <param name="maxAttribute" type="String" optional="true">[Optional] The name of the HTML attribute that
+        /// contains the maximum value. The default is "max".</param>
+        /// <returns type="jQuery.validator.unobtrusive.adapters" />
+        return this.add(adapterName, [minAttribute || "min", maxAttribute || "max"], function (options) {
+            var min = options.params.min,
+                max = options.params.max;
+
+            if (min && max) {
+                setValidationValues(options, minMaxRuleName, [min, max]);
+            }
+            else if (min) {
+                setValidationValues(options, minRuleName, min);
+            }
+            else if (max) {
+                setValidationValues(options, maxRuleName, max);
+            }
+        });
+    };
+
+    adapters.addSingleVal = function (adapterName, attribute, ruleName) {
+        /// <summary>Adds a new adapter to convert unobtrusive HTML into a jQuery Validate validation, where
+        /// the jQuery Validate validation rule has a single value.</summary>
+        /// <param name="adapterName" type="String">The name of the adapter to be added. This matches the name used
+        /// in the data-val-nnnn HTML attribute(where nnnn is the adapter name).</param>
+        /// <param name="attribute" type="String">[Optional] The name of the HTML attribute that contains the value.
+        /// The default is "val".</param>
+        /// <param name="ruleName" type="String" optional="true">[Optional] The name of the jQuery Validate rule. If not provided, the value
+        /// of adapterName will be used instead.</param>
+        /// <returns type="jQuery.validator.unobtrusive.adapters" />
+        return this.add(adapterName, [attribute || "val"], function (options) {
+            setValidationValues(options, ruleName || adapterName, options.params[attribute]);
+        });
+    };
+
+    $jQval.addMethod("__dummy__", function (value, element, params) {
+        return true;
+    });
+
+    $jQval.addMethod("regex", function (value, element, params) {
+        var match;
+        if (this.optional(element)) {
+            return true;
+        }
+
+        match = new RegExp(params).exec(value);
+        return (match && (match.index === 0) && (match[0].length === value.length));
+    });
+
+    $jQval.addMethod("nonalphamin", function (value, element, nonalphamin) {
+        var match;
+        if (nonalphamin) {
+            match = value.match(/\W/g);
+            match = match && match.length >= nonalphamin;
+        }
+        return match;
+    });
+
+    if ($jQval.methods.extension) {
+        adapters.addSingleVal("accept", "mimtype");
+        adapters.addSingleVal("extension", "extension");
+    } else {
+        // for backward compatibility, when the 'extension' validation method does not exist, such as with versions
+        // of JQuery Validation plugin prior to 1.10, we should use the 'accept' method for
+        // validating the extension, and ignore mime-type validations as they are not supported.
+        adapters.addSingleVal("extension", "extension", "accept");
+    }
+
+    adapters.addSingleVal("regex", "pattern");
+    adapters.addBool("creditcard").addBool("date").addBool("digits").addBool("email").addBool("number").addBool("url");
+    adapters.addMinMax("length", "minlength", "maxlength", "rangelength").addMinMax("range", "min", "max", "range");
+    adapters.addMinMax("minlength", "minlength").addMinMax("maxlength", "minlength", "maxlength");
+    adapters.add("equalto", ["other"], function (options) {
+        var prefix = getModelPrefix(options.element.name),
+            other = options.params.other,
+            fullOtherName = appendModelPrefix(other, prefix),
+            element = $(options.form).find(":input").filter("[name='" + escapeAttributeValue(fullOtherName) + "']")[0];
+
+        setValidationValues(options, "equalTo", element);
+    });
+    adapters.add("required", function (options) {
+        // jQuery Validate equates "required" with "mandatory" for checkbox elements
+        if (options.element.tagName.toUpperCase() !== "INPUT" || options.element.type.toUpperCase() !== "CHECKBOX") {
+            setValidationValues(options, "required", true);
+        }
+    });
+    adapters.add("remote", ["url", "type", "additionalfields"], function (options) {
+        var value = {
+            url: options.params.url,
+            type: options.params.type || "GET",
+            data: {}
+        },
+            prefix = getModelPrefix(options.element.name);
+
+        $.each(splitAndTrim(options.params.additionalfields || options.element.name), function (i, fieldName) {
+            var paramName = appendModelPrefix(fieldName, prefix);
+            value.data[paramName] = function () {
+                var field = $(options.form).find(":input").filter("[name='" + escapeAttributeValue(paramName) + "']");
+                // For checkboxes and radio buttons, only pick up values from checked fields.
+                if (field.is(":checkbox")) {
+                    return field.filter(":checked").val() || field.filter(":hidden").val() || '';
+                }
+                else if (field.is(":radio")) {
+                    return field.filter(":checked").val() || '';
+                }
+                return field.val();
+            };
+        });
+
+        setValidationValues(options, "remote", value);
+    });
+    adapters.add("password", ["min", "nonalphamin", "regex"], function (options) {
+        if (options.params.min) {
+            setValidationValues(options, "minlength", options.params.min);
+        }
+        if (options.params.nonalphamin) {
+            setValidationValues(options, "nonalphamin", options.params.nonalphamin);
+        }
+        if (options.params.regex) {
+            setValidationValues(options, "regex", options.params.regex);
+        }
+    });
+    adapters.add("fileextensions", ["extensions"], function (options) {
+        setValidationValues(options, "extension", options.params.extensions);
+    });
+
+    $(function () {
+        $jQval.unobtrusive.parse(document);
+    });
+
+    return $jQval.unobtrusive;
+}));

OliverBooth.Admin/wwwroot/lib/jquery-validation/LICENSE.md

@@ -0,0 +1,22 @@
+The MIT License (MIT)
+=====================
+
+Copyright Jörn Zaefferer
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

OliverBooth.Admin/wwwroot/lib/jquery/LICENSE.txt

@@ -0,0 +1,21 @@
+
+Copyright OpenJS Foundation and other contributors, https://openjsf.org/
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

OliverBooth.Api/ConfigureSwaggerOptions.cs

@@ -0,0 +1,40 @@
+using Asp.Versioning.ApiExplorer;
+using Microsoft.Extensions.Options;
+using Microsoft.OpenApi.Models;
+using Swashbuckle.AspNetCore.SwaggerGen;
+
+namespace OliverBooth.Api;
+
+internal sealed class ConfigureSwaggerOptions(IApiVersionDescriptionProvider provider)
+    : IConfigureNamedOptions<SwaggerGenOptions>
+{
+    public void Configure(SwaggerGenOptions options)
+    {
+        foreach (var description in provider.ApiVersionDescriptions)
+        {
+            options.SwaggerDoc(description.GroupName, CreateVersionInfo(description));
+        }
+    }
+
+    public void Configure(string? name, SwaggerGenOptions options)
+    {
+        Configure(options);
+    }
+
+    private OpenApiInfo CreateVersionInfo(
+        ApiVersionDescription description)
+    {
+        var info = new OpenApiInfo
+        {
+            Title = "api.oliverbooth.dev",
+            Version = description.ApiVersion.ToString()
+        };
+
+        if (description.IsDeprecated)
+        {
+            info.Description += " This API version has been deprecated.";
+        }
+
+        return info;
+    }
+}

OliverBooth.Api/Controllers/v1/BadgeController.cs

@@ -1,13 +1,15 @@
 using System.Net.Http.Headers;
 using System.Reflection;
 using System.Text.Json.Serialization;
+using Asp.Versioning;
 using Microsoft.AspNetCore.Mvc;
 
-namespace OliverBooth.Controllers;
+namespace OliverBooth.Api.Controllers.v1;
 
 [ApiController]
-[Route("api/badge")]
+[Route("v{version:apiVersion}/badge")]
 [Produces("application/json")]
+[ApiVersion(1)]
 public sealed class BadgeController : ControllerBase
 {
     private readonly IConfiguration _configuration;
@@ -28,8 +30,17 @@ public sealed class BadgeController : ControllerBase
         _version = attribute?.InformationalVersion ?? "1.0.0";
     }
 
+    /// <summary>
+    ///     Returns a JSON object that is compatible with a shields.io custom endpoint.
+    /// </summary>
+    /// <param name="repo">The repository name.</param>
+    /// <param name="workflow">The workflow.</param>
+    /// <param name="owner">The owner. Defaults to <c>oliverbooth</c>.</param>
+    /// <returns>A JSON object.</returns>
     [HttpGet("status/{repo}/{workflow}")]
     [HttpGet("status/{owner}/{repo}/{workflow}")]
+    [EndpointDescription("Returns a JSON object that is compatible with a shields.io custom endpoint.")]
+    [ProducesResponseType(StatusCodes.Status200OK)]
     public async Task<IActionResult> StatusAsync(string repo, string workflow, string owner = "oliverbooth")
     {
         string? githubToken = _configuration.GetSection("GitHub:Token").Value;

OliverBooth.Api/Controllers/v1/Blog/BlogController.cs

@@ -1,39 +1,54 @@
+using Asp.Versioning;
 using Humanizer;
 using Microsoft.AspNetCore.Mvc;
-using OliverBooth.Data.Blog;
-using OliverBooth.Services;
+using OliverBooth.Api.Data;
+using OliverBooth.Common.Data.Blog;
+using OliverBooth.Common.Data.Web.Users;
+using OliverBooth.Common.Services;
 
-namespace OliverBooth.Controllers.Blog;
+namespace OliverBooth.Api.Controllers.v1.Blog;
 
-/// <summary>
-///     Represents a controller for the blog API.
-/// </summary>
 [ApiController]
-[Route("api/blog")]
+[Route("blog")]
 [Produces("application/json")]
-public sealed class BlogApiController : ControllerBase
+[ApiVersion(1)]
+[Obsolete("API v1 is deprecated and will be removed in future. Use /v2")]
+public sealed class BlogController : ControllerBase
 {
     private readonly IBlogPostService _blogPostService;
-    private readonly IBlogUserService _userService;
+    private readonly IUserService _userService;
 
     /// <summary>
-    ///     Initializes a new instance of the <see cref="BlogApiController" /> class.
+    ///     Initializes a new instance of the <see cref="BlogController" /> class.
     /// </summary>
     /// <param name="blogPostService">The <see cref="IBlogPostService" />.</param>
-    /// <param name="userService">The <see cref="IBlogUserService" />.</param>
-    public BlogApiController(IBlogPostService blogPostService, IBlogUserService userService)
+    /// <param name="userService">The <see cref="IUserService" />.</param>
+    public BlogController(IBlogPostService blogPostService, IUserService userService)
     {
         _blogPostService = blogPostService;
         _userService = userService;
     }
 
-    [Route("count")]
+    /// <summary>
+    ///     Returns the number of publicly published blog posts.
+    /// </summary>
+    /// <returns>The number of publicly published blog posts.</returns>
+    [HttpGet("count")]
+    [EndpointDescription("Returns the number of publicly published blog posts.")]
+    [ProducesResponseType(StatusCodes.Status200OK)]
     public IActionResult Count()
     {
         return Ok(new { count = _blogPostService.GetBlogPostCount() });
     }
 
+    /// <summary>
+    ///     Returns a collection of all blog posts on the specified page.
+    /// </summary>
+    /// <param name="page">The page number.</param>
+    /// <returns>An array of <see cref="IBlogPost" /> objects.</returns>
     [HttpGet("posts/{page:int?}")]
+    [EndpointDescription("Returns a collection of all blog posts on the specified page.")]
+    [ProducesResponseType(StatusCodes.Status200OK, Type = typeof(BlogPost[]))]
     public IActionResult GetAllBlogPosts(int page = 0)
     {
         const int itemsPerPage = 10;
@@ -41,7 +56,15 @@ public sealed class BlogApiController : ControllerBase
         return Ok(allPosts.Select(post => CreatePostObject(post)));
     }
 
+    /// <summary>
+    ///     Returns a collection of all blog posts which contain the specified tag on the specified page.
+    /// </summary>
+    /// <param name="tag">The tag for which to search.</param>
+    /// <param name="page">The page number.</param>
+    /// <returns>An array of <see cref="IBlogPost" /> objects.</returns>
     [HttpGet("posts/tagged/{tag}/{page:int?}")]
+    [EndpointDescription("Returns a collection of all blog posts which contain the specified tag on the specified page.")]
+    [ProducesResponseType(StatusCodes.Status200OK, Type = typeof(BlogPost[]))]
     public IActionResult GetTaggedBlogPosts(string tag, int page = 0)
     {
         const int itemsPerPage = 10;
@@ -52,7 +75,15 @@ public sealed class BlogApiController : ControllerBase
         return Ok(allPosts.Select(post => CreatePostObject(post)));
     }
 
+    /// <summary>
+    ///     Returns an object representing the author with the specified ID.
+    /// </summary>
+    /// <param name="id">The ID of the author.</param>
+    /// <returns>An object representing the author.</returns>
     [HttpGet("author/{id:guid}")]
+    [EndpointDescription("Returns an object representing the author with the specified ID.")]
+    [ProducesResponseType(StatusCodes.Status200OK, Type = typeof(Author))]
+    [ProducesResponseType(StatusCodes.Status404NotFound)]
     public IActionResult GetAuthor(Guid id)
     {
         if (!_userService.TryGetUser(id, out IUser? author)) return NotFound();
@@ -65,7 +96,15 @@ public sealed class BlogApiController : ControllerBase
         });
     }
 
+    /// <summary>
+    ///     Returns an object representing the blog post with the specified ID.
+    /// </summary>
+    /// <param name="id">The ID of the blog post.</param>
+    /// <returns>An object representing the blog post.</returns>
     [HttpGet("post/{id:guid?}")]
+    [EndpointDescription("Returns an object representing the blog post with the specified ID.")]
+    [ProducesResponseType(StatusCodes.Status200OK, Type = typeof(BlogPost))]
+    [ProducesResponseType(StatusCodes.Status404NotFound)]
     public IActionResult GetPost(Guid id)
     {
         if (!_blogPostService.TryGetPost(id, out IBlogPost? post)) return NotFound();

OliverBooth.Api/Controllers/v2/BadgeController.cs

@@ -0,0 +1,112 @@
+using System.Net.Http.Headers;
+using System.Reflection;
+using System.Text.Json.Serialization;
+using Asp.Versioning;
+using Microsoft.AspNetCore.Mvc;
+
+namespace OliverBooth.Api.Controllers.v2;
+
+[ApiController]
+[Route("v{version:apiVersion}/badge")]
+[Produces("application/json")]
+[ApiVersion(2)]
+public sealed class BadgeController : ControllerBase
+{
+    private readonly IConfiguration _configuration;
+    private readonly IHttpClientFactory _httpClientFactory;
+    private readonly string _version;
+
+    /// <summary>
+    ///     Initializes a new instance of the <see cref="BadgeController" /> class.
+    /// </summary>
+    /// <param name="configuration">The configuration.</param>
+    /// <param name="httpClientFactory">The HTTP client factory.</param>
+    public BadgeController(IConfiguration configuration, IHttpClientFactory httpClientFactory)
+    {
+        _configuration = configuration;
+        _httpClientFactory = httpClientFactory;
+
+        var attribute = typeof(Program).Assembly.GetCustomAttribute<AssemblyInformationalVersionAttribute>();
+        _version = attribute?.InformationalVersion ?? "1.0.0";
+    }
+
+    /// <summary>
+    ///     Returns a JSON object that is compatible with a shields.io custom endpoint.
+    /// </summary>
+    /// <param name="repo">The repository name.</param>
+    /// <param name="workflow">The workflow.</param>
+    /// <param name="owner">The owner. Defaults to <c>oliverbooth</c>.</param>
+    /// <returns>A JSON object.</returns>
+    [HttpGet("status/{repo}/{workflow}")]
+    [HttpGet("status/{owner}/{repo}/{workflow}")]
+    [EndpointDescription("Returns a JSON object that is compatible with a shields.io custom endpoint.")]
+    [ProducesResponseType(StatusCodes.Status200OK)]
+    public async Task<IActionResult> StatusAsync(string repo, string workflow, string owner = "oliverbooth")
+    {
+        string? githubToken = _configuration.GetSection("GitHub:Token").Value;
+
+        var url = $"https://api.github.com/repos/{owner}/{repo}/actions/workflows/{workflow}/runs";
+        Console.WriteLine(url);
+        using HttpClient client = _httpClientFactory.CreateClient();
+        using var request = new HttpRequestMessage();
+        request.RequestUri = new Uri(url);
+        request.Headers.Add("Accept", "application/json");
+        request.Headers.Add("Authorization", $"Bearer {githubToken}");
+        request.Headers.Add("X-GitHub-Api-Version", "2022-11-28");
+        request.Headers.UserAgent.Add(new ProductInfoHeaderValue("oliverbooth.dev", _version));
+
+        using HttpResponseMessage response = await client.SendAsync(request);
+        Console.WriteLine(await response.Content.ReadAsStringAsync());
+        var body = await response.Content.ReadFromJsonAsync<WorkflowRunSchema>();
+        WorkflowRun? run = body?.WorkflowRuns.FirstOrDefault(r => r.Status == WorkflowRunStatus.Completed);
+        if (run is not null)
+        {
+            var color = run.Conclusion switch
+            {
+                WorkflowRunConclusion.Failure => "e05d44",
+                WorkflowRunConclusion.Success => "44cc11",
+                _ => "lightgray"
+            };
+            var message = run.Conclusion switch
+            {
+                WorkflowRunConclusion.Failure => "failing",
+                WorkflowRunConclusion.Success => "passing",
+                _ => "unknown"
+            };
+
+            return Ok(new { schemaVersion = 1, label = "build", color, message });
+        }
+
+        return Ok(new { schemaVersion = 1, label = "build", color = "lightgray", message = "unknown" });
+    }
+
+    private class WorkflowRunSchema
+    {
+        [JsonPropertyName("workflow_runs"), JsonInclude]
+        public WorkflowRun[] WorkflowRuns { get; set; } = Array.Empty<WorkflowRun>();
+    }
+
+    private class WorkflowRun
+    {
+        [JsonPropertyName("conclusion"), JsonInclude]
+        [JsonConverter(typeof(JsonStringEnumConverter<WorkflowRunConclusion>))]
+        public WorkflowRunConclusion Conclusion { get; set; } = WorkflowRunConclusion.Unknown;
+
+        [JsonPropertyName("status"), JsonInclude]
+        [JsonConverter(typeof(JsonStringEnumConverter<WorkflowRunStatus>))]
+        public WorkflowRunStatus Status { get; set; } = WorkflowRunStatus.Unknown;
+    }
+
+    private enum WorkflowRunStatus
+    {
+        Unknown = -1,
+        Completed
+    }
+
+    private enum WorkflowRunConclusion
+    {
+        Unknown = -1,
+        Success,
+        Failure
+    }
+}

OliverBooth.Api/Controllers/v2/Blog/AuthorController.cs

@@ -0,0 +1,47 @@
+using Asp.Versioning;
+using Microsoft.AspNetCore.Mvc;
+using OliverBooth.Api.Data;
+using OliverBooth.Common.Data.Web.Users;
+using OliverBooth.Common.Services;
+
+namespace OliverBooth.Api.Controllers.v2.Blog;
+
+/// <summary>
+///     Represents an API controller which allows reading authors of blog posts.
+/// </summary>
+[ApiController]
+[Route("v{version:apiVersion}/blog/author")]
+[Produces("application/json")]
+[ApiVersion(2)]
+public sealed class AuthorController : ControllerBase
+{
+    private readonly IUserService _userService;
+
+    /// <summary>
+    ///     Initializes a new instance of the <see cref="AuthorController" /> class.
+    /// </summary>
+    /// <param name="userService">The <see cref="IUserService" />.</param>
+    public AuthorController(IUserService userService)
+    {
+        _userService = userService;
+    }
+
+    /// <summary>
+    ///     Returns an object representing the author with the specified ID.
+    /// </summary>
+    /// <param name="id">The ID of the author.</param>
+    /// <returns>An object representing the author.</returns>
+    [HttpGet("{id:guid}")]
+    [EndpointDescription("Returns an object representing the author with the specified ID.")]
+    [ProducesResponseType(StatusCodes.Status200OK, Type = typeof(Author))]
+    [ProducesResponseType(StatusCodes.Status404NotFound)]
+    public IActionResult GetAuthor(Guid id)
+    {
+        if (!_userService.TryGetUser(id, out IUser? author))
+        {
+            return NotFound();
+        }
+
+        return Ok(Author.FromUser(author));
+    }
+}

OliverBooth.Api/Controllers/v2/Blog/PostController.cs

@@ -0,0 +1,92 @@
+using Asp.Versioning;
+using Microsoft.AspNetCore.Mvc;
+using OliverBooth.Api.Data;
+using OliverBooth.Common.Data.Blog;
+using OliverBooth.Common.Services;
+
+namespace OliverBooth.Api.Controllers.v2.Blog;
+
+/// <summary>
+///     Represents an API controller which allows reading and writing of blog posts.
+/// </summary>
+[ApiController]
+[Route("v{version:apiVersion}/blog/post")]
+[Produces("application/json")]
+[ApiVersion(2)]
+public sealed class PostController : ControllerBase
+{
+    private const int ItemsPerPage = 10;
+    private readonly IBlogPostService _blogPostService;
+
+    /// <summary>
+    ///     Initializes a new instance of the <see cref="PostController" /> class.
+    /// </summary>
+    /// <param name="blogPostService">The <see cref="IBlogPostService" />.</param>
+    public PostController(IBlogPostService blogPostService)
+    {
+        _blogPostService = blogPostService;
+    }
+
+    /// <summary>
+    ///     Returns a collection of all blog posts on the specified page.
+    /// </summary>
+    /// <param name="page">The page number.</param>
+    /// <returns>An array of <see cref="IBlogPost" /> objects.</returns>
+    [HttpGet("all/{page:int?}")]
+    [EndpointDescription("Returns a collection of all blog posts on the specified page.")]
+    [ProducesResponseType(StatusCodes.Status200OK, Type = typeof(BlogPost[]))]
+    public IActionResult All(int page = 0)
+    {
+        IReadOnlyList<IBlogPost> allPosts = _blogPostService.GetBlogPosts(page, ItemsPerPage);
+        return Ok(allPosts.Select(post => BlogPost.FromBlogPost(post, _blogPostService)));
+    }
+
+    /// <summary>
+    ///     Returns the number of publicly published blog posts.
+    /// </summary>
+    /// <returns>The number of publicly published blog posts.</returns>
+    [HttpGet("count")]
+    [EndpointDescription("Returns the number of publicly published blog posts.")]
+    [ProducesResponseType(StatusCodes.Status200OK)]
+    public IActionResult Count()
+    {
+        return Ok(new { count = _blogPostService.GetBlogPostCount() });
+    }
+
+    /// <summary>
+    ///     Returns an object representing the blog post with the specified ID.
+    /// </summary>
+    /// <param name="id">The ID of the blog post.</param>
+    /// <returns>An object representing the blog post.</returns>
+    [HttpGet("{id:guid}")]
+    [EndpointDescription("Returns an object representing the blog post with the specified ID.")]
+    [ProducesResponseType(StatusCodes.Status200OK, Type = typeof(BlogPost))]
+    [ProducesResponseType(StatusCodes.Status404NotFound)]
+    public IActionResult GetPost(Guid id)
+    {
+        if (!_blogPostService.TryGetPost(id, out IBlogPost? post))
+        {
+            return NotFound();
+        }
+
+        return Ok(BlogPost.FromBlogPost(post, _blogPostService, true));
+    }
+
+    /// <summary>
+    ///     Returns a collection of all blog posts which contain the specified tag on the specified page.
+    /// </summary>
+    /// <param name="tag">The tag for which to search.</param>
+    /// <param name="page">The page number.</param>
+    /// <returns>An array of <see cref="IBlogPost" /> objects.</returns>
+    [HttpGet("tagged/{tag}/{page:int?}")]
+    [EndpointDescription("Returns a collection of all blog posts which contain the specified tag on the specified page.")]
+    [ProducesResponseType(StatusCodes.Status200OK, Type = typeof(BlogPost[]))]
+    public IActionResult Tagged(string tag, int page = 0)
+    {
+        tag = tag.Replace('-', ' ').ToLowerInvariant();
+
+        IReadOnlyList<IBlogPost> allPosts = _blogPostService.GetBlogPosts(page, ItemsPerPage);
+        allPosts = allPosts.Where(post => post.Tags.Contains(tag)).ToList();
+        return Ok(allPosts.Select(post => BlogPost.FromBlogPost(post, _blogPostService)));
+    }
+}

OliverBooth.Api/Data/Author.cs

@@ -0,0 +1,26 @@
+using System.Text.Json.Serialization;
+using OliverBooth.Common.Data.Web.Users;
+
+namespace OliverBooth.Api.Data;
+
+internal sealed class Author
+{
+    [JsonPropertyName("avatarUrl"), JsonInclude, JsonPropertyOrder(2)]
+    public Uri AvatarUrl { get; private set; } = null!;
+
+    [JsonPropertyName("id"), JsonInclude, JsonPropertyOrder(0)]
+    public Guid Id { get; private set; }
+
+    [JsonPropertyName("name"), JsonInclude, JsonPropertyOrder(1)]
+    public string Name { get; private set; } = string.Empty;
+
+    public static Author FromUser(IUser author)
+    {
+        return new Author
+        {
+            Id = author.Id,
+            Name = author.DisplayName,
+            AvatarUrl = author.AvatarUrl
+        };
+    }
+}

OliverBooth.Api/Data/BlogPost.cs

@@ -0,0 +1,83 @@
+using System.Text.Json.Serialization;
+using Humanizer;
+using OliverBooth.Common.Data.Blog;
+using OliverBooth.Common.Services;
+
+namespace OliverBooth.Api.Data;
+
+internal sealed class BlogPost
+{
+    [JsonPropertyName("author"), JsonInclude, JsonPropertyOrder(3)]
+    public Guid Author { get; private set; }
+
+    [JsonPropertyName("commentsEnabled"), JsonInclude, JsonPropertyOrder(1)]
+    public bool CommentsEnabled { get; private set; }
+
+    [JsonPropertyName("content"), JsonInclude, JsonPropertyOrder(11)]
+    public string? Content { get; private set; }
+
+    [JsonPropertyName("excerpt"), JsonInclude, JsonPropertyOrder(10)]
+    public string Excerpt { get; private set; } = string.Empty;
+
+    [JsonPropertyName("formattedPublishDate"), JsonInclude, JsonPropertyOrder(7)]
+    public string FormattedPublishDate { get; private set; } = string.Empty;
+
+    [JsonPropertyName("formattedUpdateDate"), JsonInclude, JsonPropertyOrder(8)]
+    public string? FormattedUpdateDate { get; private set; }
+
+    [JsonPropertyName("humanizedTimestamp"), JsonInclude, JsonPropertyOrder(9)]
+    public string HumanizedTimestamp { get; private set; } = string.Empty;
+
+    [JsonPropertyName("id"), JsonInclude, JsonPropertyOrder(0)]
+    public Guid Id { get; private set; }
+
+    [JsonPropertyName("identifier"), JsonInclude, JsonPropertyOrder(2)]
+    public string Identifier { get; private set; } = string.Empty;
+
+    [JsonPropertyName("trimmed"), JsonInclude, JsonPropertyOrder(12)]
+    public bool IsTrimmed { get; private set; }
+
+    [JsonPropertyName("published"), JsonInclude, JsonPropertyOrder(5)]
+    public long Published { get; private set; }
+
+    [JsonPropertyName("tags"), JsonInclude, JsonPropertyOrder(13)]
+    public IEnumerable<string> Tags { get; private set; } = ArraySegment<string>.Empty;
+
+    [JsonPropertyName("title"), JsonInclude, JsonPropertyOrder(4)]
+    public string Title { get; private set; } = string.Empty;
+
+    [JsonPropertyName("updated"), JsonInclude, JsonPropertyOrder(6)]
+    public long? Updated { get; private set; }
+
+    [JsonPropertyName("url"), JsonInclude, JsonPropertyOrder(14)]
+    public object Url { get; private set; } = null!;
+
+    public static BlogPost FromBlogPost(IBlogPost post, IBlogPostService blogPostService,
+        bool includeContent = false)
+    {
+        return new()
+        {
+            Id = post.Id,
+            CommentsEnabled = post.EnableComments,
+            Identifier = post.GetDisqusIdentifier(),
+            Author = post.Author.Id,
+            Title = post.Title,
+            Published = post.Published.ToUnixTimeSeconds(),
+            Updated = post.Updated?.ToUnixTimeSeconds(),
+            FormattedPublishDate = post.Published.ToString("dddd, d MMMM yyyy HH:mm"),
+            FormattedUpdateDate = post.Updated?.ToString("dddd, d MMMM yyyy HH:mm"),
+            HumanizedTimestamp = post.Updated?.Humanize() ?? post.Published.Humanize(),
+            Excerpt = blogPostService.RenderExcerpt(post, out bool trimmed),
+            Content = includeContent ? blogPostService.RenderPost(post) : null,
+            IsTrimmed = trimmed,
+            Tags = post.Tags.Select(t => t.Replace(' ', '-')),
+            Url = new
+            {
+                year = post.Published.ToString("yyyy"),
+                month = post.Published.ToString("MM"),
+                day = post.Published.ToString("dd"),
+                slug = post.Slug
+            }
+        };
+    }
+}

OliverBooth.Api/Dockerfile

@@ -0,0 +1,22 @@
+FROM mcr.microsoft.com/dotnet/aspnet:8.0 AS base
+USER $APP_UID
+WORKDIR /app
+EXPOSE 80
+EXPOSE 443
+
+FROM mcr.microsoft.com/dotnet/sdk:8.0 AS build
+ARG BUILD_CONFIGURATION=Release
+WORKDIR /src
+COPY ["OliverBooth.Api/OliverBooth.Api.csproj", "OliverBooth.Api/"]
+COPY . .
+
+WORKDIR "/src/OliverBooth.Api"
+
+FROM build AS publish
+ARG BUILD_CONFIGURATION=Release
+RUN dotnet publish "OliverBooth.Api.csproj" -c Release -o /app/publish /p:UseAppHost=false
+
+FROM base AS final
+WORKDIR /app
+COPY --from=publish /app/publish .
+ENTRYPOINT ["dotnet", "OliverBooth.Api.dll"]

OliverBooth.Api/OliverBooth.Api.csproj

@@ -0,0 +1,38 @@
+<Project Sdk="Microsoft.NET.Sdk.Web">
+
+    <PropertyGroup>
+        <TargetFramework>net8.0</TargetFramework>
+        <Nullable>enable</Nullable>
+        <ImplicitUsings>enable</ImplicitUsings>
+        <DockerDefaultTargetOS>Linux</DockerDefaultTargetOS>
+        <VersionPrefix>2.0.0</VersionPrefix>
+    </PropertyGroup>
+
+    <PropertyGroup Condition="'$(VersionSuffix)' != '' And '$(BuildNumber)' == ''">
+        <Version>$(VersionPrefix)-$(VersionSuffix)</Version>
+        <AssemblyVersion>$(VersionPrefix).0</AssemblyVersion>
+        <FileVersion>$(VersionPrefix).0</FileVersion>
+    </PropertyGroup>
+
+    <PropertyGroup Condition="'$(VersionSuffix)' != '' And '$(BuildNumber)' != ''">
+        <Version>$(VersionPrefix)-$(VersionSuffix).$(BuildNumber)</Version>
+        <AssemblyVersion>$(VersionPrefix).$(BuildNumber)</AssemblyVersion>
+        <FileVersion>$(VersionPrefix).$(BuildNumber)</FileVersion>
+    </PropertyGroup>
+
+    <PropertyGroup Condition="'$(VersionSuffix)' == ''">
+        <Version>$(VersionPrefix)</Version>
+        <AssemblyVersion>$(VersionPrefix).0</AssemblyVersion>
+        <FileVersion>$(VersionPrefix).0</FileVersion>
+    </PropertyGroup>
+
+    <ItemGroup>
+        <PackageReference Include="Asp.Versioning.Mvc.ApiExplorer" Version="8.0.0"/>
+        <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="8.0.2"/>
+        <PackageReference Include="Swashbuckle.AspNetCore" Version="6.5.0"/>
+    </ItemGroup>
+
+    <ItemGroup>
+        <ProjectReference Include="..\OliverBooth.Common\OliverBooth.Common.csproj"/>
+    </ItemGroup>
+</Project>

OliverBooth.Api/OliverBooth.Api.http

@@ -0,0 +1,7 @@
+@OliverBooth.Api_HostAddress = https://localhost:2844
+@TestPostId = bdcd9789-f0a6-4721-a66d-b6f7e2acd0f7
+
+GET {{OliverBooth.Api_HostAddress}}/v1/blog/post/{{TestPostId}}
+Accept: application/json
+
+###

OliverBooth.Api/Program.cs

@@ -0,0 +1,84 @@
+using Asp.Versioning;
+using Asp.Versioning.ApiExplorer;
+using Microsoft.AspNetCore.Mvc.ApiExplorer;
+using OliverBooth.Api;
+using OliverBooth.Common.Extensions;
+using Serilog;
+using Swashbuckle.AspNetCore.SwaggerGen;
+
+Log.Logger = new LoggerConfiguration()
+    .WriteTo.Console()
+    .WriteTo.File("logs/latest.log", rollingInterval: RollingInterval.Day)
+#if DEBUG
+    .MinimumLevel.Debug()
+#endif
+    .CreateLogger();
+
+WebApplicationBuilder builder = WebApplication.CreateBuilder(args);
+builder.Configuration.AddTomlFile("data/config.toml", true, true);
+builder.Logging.ClearProviders();
+builder.Logging.AddSerilog();
+
+builder.Services.AddCors(options =>
+{
+    options.AddPolicy("localhost", policy => policy.WithOrigins("https://localhost:2843", "https://localhost:2845"));
+    options.AddPolicy("site", policy => policy.WithOrigins("https://admin.oliverbooth.dev", "https://oliverbooth.dev"));
+});
+
+builder.Services.AddHttpClient();
+builder.Services.AddCommonServices();
+builder.Services.AddEndpointsApiExplorer();
+builder.Services.AddSwaggerGen(options => options.ResolveConflictingActions(resolver =>
+{
+    foreach (ApiDescription description in resolver)
+    {
+        if (description.GetApiVersion()?.MajorVersion == 2)
+        {
+            return description;
+        }
+    }
+
+    return null;
+}));
+builder.Services.AddControllers();
+builder.Services.AddRouting(options => options.LowercaseUrls = true);
+builder.Services.AddApiVersioning(options =>
+{
+    options.AssumeDefaultVersionWhenUnspecified = true;
+    options.DefaultApiVersion = new ApiVersion(2);
+    options.ReportApiVersions = true;
+    options.ApiVersionReader = new UrlSegmentApiVersionReader();
+}).AddApiExplorer(options =>
+{
+    options.GroupNameFormat = "'v'VVV";
+    options.SubstituteApiVersionInUrl = true;
+});
+
+builder.Services.ConfigureOptions<ConfigureSwaggerOptions>();
+
+if (builder.Environment.IsProduction())
+{
+    builder.WebHost.AddCertificateFromEnvironment(2844, 5048);
+}
+
+WebApplication app = builder.Build();
+
+if (app.Environment.IsDevelopment())
+{
+    app.UseSwagger();
+    app.UseSwaggerUI(options =>
+    {
+        var provider = app.Services.GetRequiredService<IApiVersionDescriptionProvider>();
+        foreach (ApiVersionDescription description in provider.ApiVersionDescriptions)
+        {
+            var url = $"/swagger/{description.GroupName}/swagger.json";
+            options.SwaggerEndpoint(url, description.GroupName.ToUpperInvariant());
+        }
+    });
+}
+
+app.UseHttpsRedirection();
+app.MapControllers();
+app.UseCors(app.Environment.IsDevelopment() ? "localhost" : "site");
+
+app.Run();

OliverBooth.Common/Data/Blog/BlogContext.cs

@@ -1,7 +1,8 @@
 using Microsoft.EntityFrameworkCore;
-using OliverBooth.Data.Blog.Configuration;
+using Microsoft.Extensions.Configuration;
+using OliverBooth.Common.Data.Blog.Configuration;
 
-namespace OliverBooth.Data.Blog;
+namespace OliverBooth.Common.Data.Blog;
 
 /// <summary>
 ///     Represents a session with the blog database.
@@ -26,10 +27,10 @@ internal sealed class BlogContext : DbContext
     public DbSet<BlogPost> BlogPosts { get; private set; } = null!;
 
     /// <summary>
-    ///     Gets the collection of users in the database.
+    ///     Gets the collection of blog posts drafts in the database.
     /// </summary>
-    /// <value>The collection of users.</value>
-    public DbSet<User> Users { get; private set; } = null!;
+    /// <value>The collection of blog post drafts.</value>
+    public DbSet<BlogPostDraft> BlogPostDrafts { get; private set; } = null!;
 
     /// <inheritdoc />
     protected override void OnConfiguring(DbContextOptionsBuilder optionsBuilder)
@@ -43,6 +44,6 @@ internal sealed class BlogContext : DbContext
     protected override void OnModelCreating(ModelBuilder modelBuilder)
     {
         modelBuilder.ApplyConfiguration(new BlogPostConfiguration());
-        modelBuilder.ApplyConfiguration(new UserConfiguration());
+        modelBuilder.ApplyConfiguration(new BlogPostDraftConfiguration());
     }
 }

OliverBooth.Common/Data/Blog/BlogPost.cs

@@ -1,17 +1,17 @@
 using System.ComponentModel.DataAnnotations.Schema;
 using SmartFormat;
 
-namespace OliverBooth.Data.Blog;
+namespace OliverBooth.Common.Data.Blog;
 
 /// <inheritdoc />
 internal sealed class BlogPost : IBlogPost
 {
     /// <inheritdoc />
     [NotMapped]
-    public IBlogAuthor Author { get; internal set; } = null!;
+    public IAuthor Author { get; internal set; } = null!;
 
     /// <inheritdoc />
-    public string Body { get; internal set; } = string.Empty;
+    public string Body { get; set; } = string.Empty;
 
     /// <inheritdoc />
     public bool EnableComments { get; internal set; }
@@ -38,7 +38,7 @@ internal sealed class BlogPost : IBlogPost
     public IReadOnlyList<string> Tags { get; internal set; } = ArraySegment<string>.Empty;
 
     /// <inheritdoc />
-    public string Title { get; internal set; } = string.Empty;
+    public string Title { get; set; } = string.Empty;
 
     /// <inheritdoc />
     public DateTimeOffset? Updated { get; internal set; }

OliverBooth.Common/Data/Blog/BlogPostDraft.cs

@@ -0,0 +1,126 @@
+using System.ComponentModel.DataAnnotations.Schema;
+using SmartFormat;
+
+namespace OliverBooth.Common.Data.Blog;
+
+/// <inheritdoc />
+internal sealed class BlogPostDraft : IBlogPostDraft
+{
+    /// <inheritdoc />
+    [NotMapped]
+    public IAuthor Author { get; internal set; } = null!;
+
+    /// <inheritdoc />
+    public string Body { get; set; } = string.Empty;
+
+    /// <inheritdoc />
+    public bool EnableComments { get; internal set; }
+
+    /// <inheritdoc />
+    public Guid Id { get; private set; } = Guid.NewGuid();
+
+    /// <inheritdoc />
+    public bool IsRedirect { get; internal set; }
+
+    /// <inheritdoc />
+    public string? Password { get; internal set; }
+
+    /// <inheritdoc />
+    public Uri? RedirectUrl { get; internal set; }
+
+    /// <inheritdoc />
+    public string Slug { get; internal set; } = string.Empty;
+
+    /// <inheritdoc />
+    public IReadOnlyList<string> Tags { get; internal set; } = ArraySegment<string>.Empty;
+
+    /// <inheritdoc />
+    public string Title { get; set; } = string.Empty;
+
+    /// <inheritdoc />
+    public DateTimeOffset Updated { get; internal set; }
+
+    /// <inheritdoc />
+    public BlogPostVisibility Visibility { get; internal set; }
+
+    /// <inheritdoc />
+    public int? WordPressId { get; set; }
+
+    /// <summary>
+    ///     Gets or sets the ID of the author of this blog post.
+    /// </summary>
+    /// <value>The ID of the author of this blog post.</value>
+    internal Guid AuthorId { get; set; }
+
+    /// <summary>
+    ///     Gets or sets the base URL of the Disqus comments for the blog post.
+    /// </summary>
+    /// <value>The Disqus base URL.</value>
+    internal string? DisqusDomain { get; set; }
+
+    /// <summary>
+    ///     Gets or sets the identifier of the Disqus comments for the blog post.
+    /// </summary>
+    /// <value>The Disqus identifier.</value>
+    internal string? DisqusIdentifier { get; set; }
+
+    /// <summary>
+    ///     Gets or sets the URL path of the Disqus comments for the blog post.
+    /// </summary>
+    /// <value>The Disqus URL path.</value>
+    internal string? DisqusPath { get; set; }
+
+    /// <summary>
+    ///     Constructs a <see cref="BlogPostDraft" /> by copying values from an existing <see cref="BlogPost" />.
+    /// </summary>
+    /// <param name="post">The existing <see cref="BlogPost" />.</param>
+    /// <returns>The newly-constructed <see cref="BlogPostDraft" />.</returns>
+    /// <exception cref="ArgumentNullException"><paramref name="post" /> is <see langword="null" />.</exception>
+    public static BlogPostDraft CreateFromBlogPost(BlogPost post)
+    {
+        if (post is null)
+        {
+            throw new ArgumentNullException(nameof(post));
+        }
+
+        return new BlogPostDraft
+        {
+            AuthorId = post.AuthorId,
+            Body = post.Body,
+            DisqusDomain = post.DisqusDomain,
+            DisqusIdentifier = post.DisqusIdentifier,
+            DisqusPath = post.DisqusPath,
+            EnableComments = post.EnableComments,
+            IsRedirect = post.IsRedirect,
+            Password = post.Password,
+            RedirectUrl = post.RedirectUrl,
+            Tags = post.Tags,
+            Title = post.Title,
+            Visibility = post.Visibility,
+            WordPressId = post.WordPressId
+        };
+    }
+
+    /// <summary>
+    ///     Gets the Disqus domain for the blog post.
+    /// </summary>
+    /// <returns>The Disqus domain.</returns>
+    public string GetDisqusDomain()
+    {
+        return string.IsNullOrWhiteSpace(DisqusDomain)
+            ? "https://oliverbooth.dev/blog"
+            : Smart.Format(DisqusDomain, this);
+    }
+
+    /// <inheritdoc />
+    public string GetDisqusIdentifier()
+    {
+        return string.IsNullOrWhiteSpace(DisqusIdentifier) ? $"post-{Id}" : Smart.Format(DisqusIdentifier, this);
+    }
+
+    /// <inheritdoc />
+    public string GetDisqusPostId()
+    {
+        return WordPressId?.ToString() ?? Id.ToString();
+    }
+}

OliverBooth.Common/Data/Blog/BlogPostVisibility.cs

@@ -1,4 +1,4 @@
-namespace OliverBooth.Data.Blog;
+namespace OliverBooth.Common.Data.Blog;
 
 /// <summary>
 ///     An enumeration of the possible visibilities of a blog post.

OliverBooth.Common/Data/Blog/Configuration/BlogPostConfiguration.cs

@@ -2,7 +2,7 @@ using Microsoft.EntityFrameworkCore;
 using Microsoft.EntityFrameworkCore.Metadata.Builders;
 using Microsoft.EntityFrameworkCore.Storage.ValueConversion;
 
-namespace OliverBooth.Data.Blog.Configuration;
+namespace OliverBooth.Common.Data.Blog.Configuration;
 
 internal sealed class BlogPostConfiguration : IEntityTypeConfiguration<BlogPost>
 {

OliverBooth.Common/Data/Blog/Configuration/BlogPostDraftConfiguration.cs

@@ -0,0 +1,36 @@
+using Microsoft.EntityFrameworkCore;
+using Microsoft.EntityFrameworkCore.Metadata.Builders;
+using Microsoft.EntityFrameworkCore.Storage.ValueConversion;
+
+namespace OliverBooth.Common.Data.Blog.Configuration;
+
+internal sealed class BlogPostDraftConfiguration : IEntityTypeConfiguration<BlogPostDraft>
+{
+    /// <inheritdoc />
+    public void Configure(EntityTypeBuilder<BlogPostDraft> builder)
+    {
+        builder.ToTable("BlogPostDraft");
+        builder.HasKey(e => new { e.Id, e.Updated });
+
+        builder.Property(e => e.Id);
+        builder.Property(e => e.Updated).IsRequired();
+        builder.Property(e => e.WordPressId).IsRequired(false);
+        builder.Property(e => e.Slug).HasMaxLength(100).IsRequired();
+        builder.Property(e => e.AuthorId).IsRequired();
+        builder.Property(e => e.Title).HasMaxLength(255).IsRequired();
+        builder.Property(e => e.Body).IsRequired();
+        builder.Property(e => e.IsRedirect).IsRequired();
+        builder.Property(e => e.RedirectUrl).HasConversion<UriToStringConverter>().HasMaxLength(255).IsRequired(false);
+        builder.Property(e => e.EnableComments).IsRequired();
+        builder.Property(e => e.DisqusDomain).IsRequired(false);
+        builder.Property(e => e.DisqusIdentifier).IsRequired(false);
+        builder.Property(e => e.DisqusPath).IsRequired(false);
+        builder.Property(e => e.Visibility).HasConversion(new EnumToStringConverter<BlogPostVisibility>()).IsRequired();
+        builder.Property(e => e.Password).HasMaxLength(255).IsRequired(false);
+        builder.Property(e => e.Tags).IsRequired()
+            .HasConversion(
+                tags => string.Join(' ', tags.Select(t => t.Replace(' ', '-'))),
+                tags => tags.Split(' ', StringSplitOptions.RemoveEmptyEntries)
+                    .Select(t => t.Replace('-', ' ')).ToArray());
+    }
+}

OliverBooth.Common/Data/Blog/IAuthor.cs

@@ -1,9 +1,9 @@
-namespace OliverBooth.Data.Blog;
+namespace OliverBooth.Common.Data.Blog;
 
 /// <summary>
 ///     Represents the author of a blog post.
 /// </summary>
-public interface IBlogAuthor
+public interface IAuthor
 {
     /// <summary>
     ///     Gets the URL of the author's avatar.

OliverBooth.Common/Data/Blog/IBlogPost.cs

@@ -1,4 +1,4 @@
-namespace OliverBooth.Data.Blog;
+namespace OliverBooth.Common.Data.Blog;
 
 /// <summary>
 ///     Represents a blog post.
@@ -9,13 +9,13 @@ public interface IBlogPost
     ///     Gets the author of the post.
     /// </summary>
     /// <value>The author of the post.</value>
-    IBlogAuthor Author { get; }
+    IAuthor Author { get; }
 
     /// <summary>
-    ///     Gets the body of the post.
+    ///     Gets or sets the body of the post.
     /// </summary>
     /// <value>The body of the post.</value>
-    string Body { get; }
+    string Body { get; set; }
 
     /// <summary>
     ///     Gets a value indicating whether comments are enabled for the post.
@@ -70,10 +70,10 @@ public interface IBlogPost
     IReadOnlyList<string> Tags { get; }
 
     /// <summary>
-    ///     Gets the title of the post.
+    ///     Gets or sets the title of the post.
     /// </summary>
     /// <value>The title of the post.</value>
-    string Title { get; }
+    string Title { get; set; }
 
     /// <summary>
     ///     Gets the date and time the post was last updated.

OliverBooth.Common/Data/Blog/IBlogPostDraft.cs

@@ -0,0 +1,103 @@
+namespace OliverBooth.Common.Data.Blog;
+
+/// <summary>
+///     Represents a draft of a blog post.
+/// </summary>
+public interface IBlogPostDraft
+{
+    /// <summary>
+    ///     Gets the author of the post.
+    /// </summary>
+    /// <value>The author of the post.</value>
+    IAuthor Author { get; }
+
+    /// <summary>
+    ///     Gets or sets the body of the post.
+    /// </summary>
+    /// <value>The body of the post.</value>
+    string Body { get; set; }
+
+    /// <summary>
+    ///     Gets a value indicating whether comments are enabled for the post.
+    /// </summary>
+    /// <value>
+    ///     <see langword="true" /> if comments are enabled for the post; otherwise, <see langword="false" />.
+    /// </value>
+    bool EnableComments { get; }
+
+    /// <summary>
+    ///     Gets the ID of the post.
+    /// </summary>
+    /// <value>The ID of the post.</value>
+    Guid Id { get; }
+
+    /// <summary>
+    ///     Gets a value indicating whether the post redirects to another URL.
+    /// </summary>
+    /// <value>
+    ///     <see langword="true" /> if the post redirects to another URL; otherwise, <see langword="false" />.
+    /// </value>
+    bool IsRedirect { get; }
+
+    /// <summary>
+    ///     Gets the password of the post.
+    /// </summary>
+    /// <value>The password of the post.</value>
+    string? Password { get; }
+
+    /// <summary>
+    ///     Gets the URL to which the post redirects.
+    /// </summary>
+    /// <value>The URL to which the post redirects, or <see langword="null" /> if the post does not redirect.</value>
+    Uri? RedirectUrl { get; }
+
+    /// <summary>
+    ///     Gets the slug of the post.
+    /// </summary>
+    /// <value>The slug of the post.</value>
+    string Slug { get; }
+
+    /// <summary>
+    ///     Gets the tags of the post.
+    /// </summary>
+    /// <value>The tags of the post.</value>
+    IReadOnlyList<string> Tags { get; }
+
+    /// <summary>
+    ///     Gets or sets the title of the post.
+    /// </summary>
+    /// <value>The title of the post.</value>
+    string Title { get; set; }
+
+    /// <summary>
+    ///     Gets the date and time the post was last updated.
+    /// </summary>
+    /// <value>The update date and time.</value>
+    DateTimeOffset Updated { get; }
+
+    /// <summary>
+    ///     Gets the visibility of the post.
+    /// </summary>
+    /// <value>The visibility of the post.</value>
+    BlogPostVisibility Visibility { get; }
+
+    /// <summary>
+    ///     Gets the WordPress ID of the post.
+    /// </summary>
+    /// <value>
+    ///     The WordPress ID of the post, or <see langword="null" /> if the post was not imported from WordPress.
+    /// </value>
+    int? WordPressId { get; }
+
+    /// <summary>
+    ///     Gets the Disqus identifier for the post.
+    /// </summary>
+    /// <returns>The Disqus identifier for the post.</returns>
+    string GetDisqusIdentifier();
+
+    /// <summary>
+    ///     Gets the Disqus post ID for the post.
+    /// </summary>
+    /// <returns>The Disqus post ID for the post.</returns>
+    string GetDisqusPostId();
+}

OliverBooth.Common/Data/Permission.cs

@@ -0,0 +1,37 @@
+namespace OliverBooth.Common.Data;
+
+/// <summary>
+///     Represents a permission.
+/// </summary>
+public struct Permission
+{
+    /// <summary>
+    ///     Represents a permission that grants all scopes.
+    /// </summary>
+    public static readonly Permission Administrator = new("*");
+    
+    /// <summary>
+    ///     Initializes a new instance of the <see cref="Permission" /> struct.
+    /// </summary>
+    /// <param name="name">The name of the permission.</param>
+    /// <param name="isAllowed">
+    ///     <see langword="true" /> if the permission is allowed; otherwise, <see langword="false" />.
+    /// </param>
+    public Permission(string name, bool isAllowed = true)
+    {
+        Name = name;
+        IsAllowed = isAllowed;
+    }
+
+    /// <summary>
+    ///     Gets the name of this permission.
+    /// </summary>
+    /// <value>The name.</value>
+    public string Name { get; }
+
+    /// <summary>
+    ///     Gets a value indicating whether this permission is allowed.
+    /// </summary>
+    /// <value><see langword="true" /> if the permission is allowed; otherwise, <see langword="false" />.</value>
+    public bool IsAllowed { get; }
+}

OliverBooth.Common/Data/ValueConverters/PermissionListConverter.cs

@@ -0,0 +1,42 @@
+using Microsoft.EntityFrameworkCore.Storage.ValueConversion;
+
+namespace OliverBooth.Common.Data.ValueConverters;
+
+internal sealed class PermissionListConverter : ValueConverter<IReadOnlyList<Permission>, string>
+{
+    public PermissionListConverter() : this(';')
+    {
+    }
+
+    public PermissionListConverter(char separator) :
+        base(v => ToProvider(v, separator),
+            s => FromProvider(s, separator))
+    {
+    }
+
+    private static IReadOnlyList<Permission> FromProvider(string source, char separator = ';')
+    {
+        var permissions = new List<Permission>();
+
+        foreach (string permission in source.Split(separator))
+        {
+            string name = permission;
+            var allowed = true;
+
+            if (name.Length > 1 && name[0] == '-')
+            {
+                name = name[1..];
+                allowed = false;
+            }
+
+            permissions.Add(new Permission(name, allowed));
+        }
+
+        return permissions.AsReadOnly();
+    }
+
+    private static string ToProvider(IEnumerable<Permission> permissions, char separator = ';')
+    {
+        return string.Join(separator, permissions.Select(p => $"{(p.IsAllowed ? "-" : "")}{p.Name}"));
+    }
+}

OliverBooth.Common/Data/Web/Books/Book.cs

@@ -3,7 +3,7 @@ using SixLabors.ImageSharp;
 using SixLabors.ImageSharp.Formats.Png;
 using SixLabors.ImageSharp.Processing;
 
-namespace OliverBooth.Data.Web;
+namespace OliverBooth.Common.Data.Web.Books;
 
 /// <summary>
 ///     Represents a book.

OliverBooth.Common/Data/Web/Books/BookState.cs

@@ -1,4 +1,4 @@
-namespace OliverBooth.Data.Web;
+namespace OliverBooth.Common.Data.Web.Books;
 
 /// <summary>
 ///     Represents the state of a book.

OliverBooth.Common/Data/Web/Books/IBook.cs

@@ -1,4 +1,4 @@
-namespace OliverBooth.Data.Web;
+namespace OliverBooth.Common.Data.Web.Books;
 
 /// <summary>
 ///     Represents a book.

OliverBooth.Common/Data/Web/Configuration/BlacklistEntryConfiguration.cs

@@ -1,7 +1,8 @@
 using Microsoft.EntityFrameworkCore;
 using Microsoft.EntityFrameworkCore.Metadata.Builders;
+using OliverBooth.Common.Data.Web.Contact;
 
-namespace OliverBooth.Data.Web.Configuration;
+namespace OliverBooth.Common.Data.Web.Configuration;
 
 /// <summary>
 ///     Represents the configuration for the <see cref="BlacklistEntry" /> entity.

OliverBooth.Common/Data/Web/Configuration/BookConfiguration.cs

@@ -1,8 +1,9 @@
 using Microsoft.EntityFrameworkCore;
 using Microsoft.EntityFrameworkCore.Metadata.Builders;
 using Microsoft.EntityFrameworkCore.Storage.ValueConversion;
+using OliverBooth.Common.Data.Web.Books;
 
-namespace OliverBooth.Data.Web.Configuration;
+namespace OliverBooth.Common.Data.Web.Configuration;
 
 /// <summary>
 ///     Represents the configuration for the <see cref="Book" /> entity.

OliverBooth.Common/Data/Web/Configuration/ProgrammingLanguageConfiguration.cs

@@ -1,7 +1,8 @@
 using Microsoft.EntityFrameworkCore;
 using Microsoft.EntityFrameworkCore.Metadata.Builders;
+using OliverBooth.Common.Data.Web.Projects;
 
-namespace OliverBooth.Data.Web.Configuration;
+namespace OliverBooth.Common.Data.Web.Configuration;
 
 /// <summary>
 ///     Represents the configuration for the <see cref="ProgrammingLanguage" /> entity.

OliverBooth.Common/Data/Web/Configuration/ProjectConfiguration.cs

@@ -1,8 +1,9 @@
 using Microsoft.EntityFrameworkCore;
 using Microsoft.EntityFrameworkCore.Metadata.Builders;
 using Microsoft.EntityFrameworkCore.Storage.ValueConversion;
+using OliverBooth.Common.Data.Web.Projects;
 
-namespace OliverBooth.Data.Web.Configuration;
+namespace OliverBooth.Common.Data.Web.Configuration;
 
 /// <summary>
 ///     Represents the configuration for the <see cref="Project" /> entity.

OliverBooth.Common/Data/Web/Configuration/SessionConfiguration.cs

@@ -0,0 +1,26 @@
+using Microsoft.EntityFrameworkCore;
+using Microsoft.EntityFrameworkCore.Metadata.Builders;
+using Microsoft.EntityFrameworkCore.Storage.ValueConversion;
+using OliverBooth.Common.Data.Web.Users;
+
+namespace OliverBooth.Common.Data.Web.Configuration;
+
+internal sealed class SessionConfiguration : IEntityTypeConfiguration<Session>
+{
+    /// <inheritdoc />
+    public void Configure(EntityTypeBuilder<Session> builder)
+    {
+        builder.ToTable("Session");
+        builder.HasKey(e => e.Id);
+
+        builder.Property(e => e.Id).IsRequired();
+        builder.Property(e => e.Created).IsRequired();
+        builder.Property(e => e.Updated).IsRequired();
+        builder.Property(e => e.LastAccessed).IsRequired();
+        builder.Property(e => e.Expires).IsRequired();
+        builder.Property(e => e.UserAgent).HasMaxLength(255).IsRequired();
+        builder.Property(e => e.UserId);
+        builder.Property(e => e.IpAddress).HasConversion<IPAddressToBytesConverter>().IsRequired();
+        builder.Property(e => e.RequiresTotp).IsRequired();
+    }
+}

OliverBooth.Common/Data/Web/Configuration/SiteConfigurationConfiguration.cs

@@ -1,7 +1,7 @@
 using Microsoft.EntityFrameworkCore;
 using Microsoft.EntityFrameworkCore.Metadata.Builders;
 
-namespace OliverBooth.Data.Web.Configuration;
+namespace OliverBooth.Common.Data.Web.Configuration;
 
 /// <summary>
 ///     Represents the configuration for the <see cref="SiteConfiguration" /> entity.

OliverBooth.Common/Data/Web/Configuration/TemplateConfiguration.cs

@@ -1,7 +1,7 @@
 using Microsoft.EntityFrameworkCore;
 using Microsoft.EntityFrameworkCore.Metadata.Builders;
 
-namespace OliverBooth.Data.Web.Configuration;
+namespace OliverBooth.Common.Data.Web.Configuration;
 
 /// <summary>
 ///     Represents the configuration for the <see cref="Template" /> entity.

OliverBooth.Common/Data/Web/Configuration/UserConfiguration.cs

@@ -1,7 +1,9 @@
 using Microsoft.EntityFrameworkCore;
 using Microsoft.EntityFrameworkCore.Metadata.Builders;
+using OliverBooth.Common.Data.ValueConverters;
+using OliverBooth.Common.Data.Web.Users;
 
-namespace OliverBooth.Data.Blog.Configuration;
+namespace OliverBooth.Common.Data.Web.Configuration;
 
 internal sealed class UserConfiguration : IEntityTypeConfiguration<User>
 {
@@ -17,5 +19,7 @@ internal sealed class UserConfiguration : IEntityTypeConfiguration<User>
         builder.Property(e => e.Password).HasMaxLength(255).IsRequired();
         builder.Property(e => e.Salt).HasMaxLength(255).IsRequired();
         builder.Property(e => e.Registered).IsRequired();
+        builder.Property(e => e.Totp);
+        builder.Property(e => e.Permissions).HasConversion<PermissionListConverter>();
     }
 }

OliverBooth.Common/Data/Web/Contact/BlacklistEntry.cs

@@ -1,4 +1,4 @@
-namespace OliverBooth.Data.Web;
+namespace OliverBooth.Common.Data.Web.Contact;
 
 /// <inheritdoc cref="IBlacklistEntry"/>
 internal sealed class BlacklistEntry : IEquatable<BlacklistEntry>, IBlacklistEntry
@@ -45,8 +45,16 @@ internal sealed class BlacklistEntry : IEquatable<BlacklistEntry>, IBlacklistEnt
     /// </returns>
     public bool Equals(BlacklistEntry? other)
     {
-        if (ReferenceEquals(null, other)) return false;
-        if (ReferenceEquals(this, other)) return true;
+        if (ReferenceEquals(null, other))
+        {
+            return false;
+        }
+
+        if (ReferenceEquals(this, other))
+        {
+            return true;
+        }
+
         return EmailAddress.Equals(other.EmailAddress);
     }
 

OliverBooth.Common/Data/Web/Contact/IBlacklistEntry.cs

@@ -1,4 +1,4 @@
-namespace OliverBooth.Data.Web;
+namespace OliverBooth.Common.Data.Web.Contact;
 
 /// <summary>
 ///     Represents an entry in the blacklist.

OliverBooth.Common/Data/Web/ITemplate.cs

@@ -1,4 +1,4 @@
-namespace OliverBooth.Data.Web;
+namespace OliverBooth.Common.Data.Web;
 
 /// <summary>
 ///     Represents a template.

OliverBooth.Common/Data/Web/Projects/IProgrammingLanguage.cs

@@ -1,4 +1,4 @@
-namespace OliverBooth.Data.Web;
+namespace OliverBooth.Common.Data.Web.Projects;
 
 /// <summary>
 ///     Represents a programming language.

OliverBooth.Common/Data/Web/Projects/IProject.cs

@@ -1,4 +1,4 @@
-namespace OliverBooth.Data.Web;
+namespace OliverBooth.Common.Data.Web.Projects;
 
 /// <summary>
 ///     Represents a project.

OliverBooth.Common/Data/Web/Projects/ProgrammingLanguage.cs

@@ -1,4 +1,4 @@
-namespace OliverBooth.Data.Web;
+namespace OliverBooth.Common.Data.Web.Projects;
 
 /// <inheritdoc cref="IProgrammingLanguage" />
 internal sealed class ProgrammingLanguage : IEquatable<ProgrammingLanguage>, IProgrammingLanguage
@@ -42,8 +42,16 @@ internal sealed class ProgrammingLanguage : IEquatable<ProgrammingLanguage>, IPr
     /// </returns>
     public bool Equals(ProgrammingLanguage? other)
     {
-        if (ReferenceEquals(null, other)) return false;
-        if (ReferenceEquals(this, other)) return true;
+        if (ReferenceEquals(null, other))
+        {
+            return false;
+        }
+
+        if (ReferenceEquals(this, other))
+        {
+            return true;
+        }
+
         return Key.Equals(other.Key);
     }
 

OliverBooth.Common/Data/Web/Projects/Project.cs

@@ -1,4 +1,4 @@
-namespace OliverBooth.Data.Web;
+namespace OliverBooth.Common.Data.Web.Projects;
 
 /// <summary>
 ///     Represents a project.
@@ -74,8 +74,16 @@ internal sealed class Project : IEquatable<Project>, IProject
     /// </returns>
     public bool Equals(Project? other)
     {
-        if (ReferenceEquals(null, other)) return false;
-        if (ReferenceEquals(this, other)) return true;
+        if (ReferenceEquals(null, other))
+        {
+            return false;
+        }
+
+        if (ReferenceEquals(this, other))
+        {
+            return true;
+        }
+
         return Id.Equals(other.Id);
     }
 

OliverBooth.Common/Data/Web/Projects/ProjectStatus.cs

@@ -1,6 +1,6 @@
 using System.ComponentModel;
 
-namespace OliverBooth.Data.Web;
+namespace OliverBooth.Common.Data.Web.Projects;
 
 /// <summary>
 ///     Represents the status of a project.

OliverBooth.Common/Data/Web/SiteConfiguration.cs

@@ -1,4 +1,4 @@
-namespace OliverBooth.Data.Web;
+namespace OliverBooth.Common.Data.Web;
 
 /// <summary>
 ///     Represents a site configuration item.
@@ -50,8 +50,16 @@ public sealed class SiteConfiguration : IEquatable<SiteConfiguration>
     /// </returns>
     public bool Equals(SiteConfiguration? other)
     {
-        if (ReferenceEquals(null, other)) return false;
-        if (ReferenceEquals(this, other)) return true;
+        if (ReferenceEquals(null, other))
+        {
+            return false;
+        }
+
+        if (ReferenceEquals(this, other))
+        {
+            return true;
+        }
+
         return Key == other.Key;
     }
 

OliverBooth.Common/Data/Web/Template.cs

@@ -1,4 +1,4 @@
-namespace OliverBooth.Data.Web;
+namespace OliverBooth.Common.Data.Web;
 
 /// <summary>
 ///     Represents a MediaWiki-style template.
@@ -47,8 +47,16 @@ public sealed class Template : ITemplate, IEquatable<Template>
     /// </returns>
     public bool Equals(Template? other)
     {
-        if (ReferenceEquals(null, other)) return false;
-        if (ReferenceEquals(this, other)) return true;
+        if (ReferenceEquals(null, other))
+        {
+            return false;
+        }
+
+        if (ReferenceEquals(this, other))
+        {
+            return true;
+        }
+
         return Name == other.Name && Variant == other.Variant;
     }
 

OliverBooth.Common/Data/Web/Users/IMfaToken.cs

@@ -0,0 +1,37 @@
+namespace OliverBooth.Common.Data.Web.Users;
+
+/// <summary>
+///     Represents a temporary token used to correlate MFA attempts with the user.
+/// </summary>
+public interface IMfaToken
+{
+    /// <summary>
+    ///     Gets a value indicating the number of attempts made with this token. 
+    /// </summary>
+    /// <value>The number of attempts.</value>
+    int Attempts { get; }
+
+    /// <summary>
+    ///     Gets the date and time at which this token was created.
+    /// </summary>
+    /// <value>The creation timestamp.</value>
+    DateTimeOffset Created { get; }
+
+    /// <summary>
+    ///     Gets the date and time at which this token expires.
+    /// </summary>
+    /// <value>The expiration timestamp.</value>
+    DateTimeOffset Expires { get; }
+
+    /// <summary>
+    ///     Gets the 512-bit token for MFA.
+    /// </summary>
+    /// <value>The temporary MFA token.</value>
+    string Token { get; }
+
+    /// <summary>
+    ///     Gets the user to whom this token is associated.
+    /// </summary>
+    /// <value>The user.</value>
+    IUser User { get; }
+}

OliverBooth.Common/Data/Web/Users/ISession.cs

@@ -0,0 +1,63 @@
+using System.Net;
+
+namespace OliverBooth.Common.Data.Web.Users;
+
+/// <summary>
+///     Represents a login session.
+/// </summary>
+public interface ISession
+{
+    /// <summary>
+    ///     Gets the date and time at which this session was created.
+    /// </summary>
+    /// <value>The creation timestamp.</value>
+    DateTimeOffset Created { get; }
+
+    /// <summary>
+    ///     Gets the date and time at which this session expires.
+    /// </summary>
+    /// <value>The expiration timestamp.</value>
+    DateTimeOffset Expires { get; }
+
+    /// <summary>
+    ///     Gets the ID of the session.
+    /// </summary>
+    /// <value>The ID of the session.</value>
+    Guid Id { get; }
+
+    /// <summary>
+    ///     Gets the IP address of the session.
+    /// </summary>
+    /// <value>The IP address.</value>
+    IPAddress IpAddress { get; }
+
+    /// <summary>
+    ///     Gets the date and time at which this session was last accessed.
+    /// </summary>
+    /// <value>The last access timestamp.</value>
+    DateTimeOffset LastAccessed { get; }
+
+    /// <summary>
+    ///     Gets a value indicating whether this session is valid.
+    /// </summary>
+    /// <value><see langword="true" /> if the session is valid; otherwise, <see langword="false" />.</value>
+    bool RequiresTotp { get; }
+
+    /// <summary>
+    ///     Gets the date and time at which this session was updated.
+    /// </summary>
+    /// <value>The update timestamp.</value>
+    DateTimeOffset Updated { get; }
+
+    /// <summary>
+    ///     Gets the user agent string associated with this session.
+    /// </summary>
+    /// <value>The user agent string.</value>
+    string UserAgent { get; }
+
+    /// <summary>
+    ///     Gets the user ID associated with the session.
+    /// </summary>
+    /// <value>The user ID.</value>
+    Guid UserId { get; }
+}

OliverBooth.Common/Data/Web/Users/IUser.cs

@@ -0,0 +1,95 @@
+namespace OliverBooth.Common.Data.Web.Users;
+
+/// <summary>
+///     Represents a user which can log in to the blog.
+/// </summary>
+public interface IUser
+{
+    /// <summary>
+    ///     Gets the URL of the user's avatar.
+    /// </summary>
+    /// <value>The URL of the user's avatar.</value>
+    Uri AvatarUrl { get; }
+
+    /// <summary>
+    ///     Gets the email address of the user.
+    /// </summary>
+    /// <value>The email address of the user.</value>
+    string EmailAddress { get; }
+
+    /// <summary>
+    ///     Gets the display name of the author.
+    /// </summary>
+    /// <value>The display name of the author.</value>
+    string DisplayName { get; }
+
+    /// <summary>
+    ///     Gets the unique identifier of the user.
+    /// </summary>
+    /// <value>The unique identifier of the user.</value>
+    Guid Id { get; }
+
+    /// <summary>
+    ///     Gets the date and time the user registered.
+    /// </summary>
+    /// <value>The registration date and time.</value>
+    DateTimeOffset Registered { get; }
+
+    /// <summary>
+    ///     Gets the permissions this user is granted.
+    /// </summary>
+    /// <value>A read-only view of the permissions this user is granted.</value>
+    IReadOnlyList<Permission> Permissions { get; }
+
+    /// <summary>
+    ///     Gets the user's TOTP token.
+    /// </summary>
+    /// <value>The TOTP token.</value>
+    string? Totp { get; }
+
+    /// <summary>
+    ///     Gets the URL of the user's avatar.
+    /// </summary>
+    /// <param name="size">The size of the avatar.</param>
+    /// <returns>The URL of the user's avatar.</returns>
+    Uri GetAvatarUrl(int size = 28);
+
+    /// <summary>
+    ///     Determines whether the user has the specified permission.
+    /// </summary>
+    /// <param name="permission">The permission to test.</param>
+    /// <returns>
+    ///     <see langword="true" /> if the user has the specified permission; otherwise, <see langword="false" />.
+    /// </returns>
+    bool HasPermission(Permission permission);
+
+    /// <summary>
+    ///     Determines whether the user has the specified permission.
+    /// </summary>
+    /// <param name="permission">The permission to test.</param>
+    /// <returns>
+    ///     <see langword="true" /> if the user has the specified permission; otherwise, <see langword="false" />.
+    /// </returns>
+    bool HasPermission(string permission);
+
+    /// <summary>
+    ///     Returns a value indicating whether the specified password is valid for the user.
+    /// </summary>
+    /// <param name="password">The password to test.</param>
+    /// <returns>
+    ///     <see langword="true" /> if the specified password is valid for the user; otherwise,
+    ///     <see langword="false" />.
+    /// </returns>
+    bool TestCredentials(string password);
+
+    /// <summary>
+    ///     Tests the specified TOTP with the user's current TOTP.
+    /// </summary>
+    /// <param name="value">The TOTP to test.</param>
+    /// <returns>
+    ///     <see langword="true" /> if the specified time-based one-time password matches that of the user; otherwise,
+    ///     <see langword="false" />.
+    /// </returns>
+    /// <exception cref="ArgumentNullException"><paramref name="value" /> is <see langword="null" />.</exception>
+    bool TestTotp(string value);
+}

OliverBooth.Common/Data/Web/Users/MfaRequestResult.cs

@@ -0,0 +1,29 @@
+using OliverBooth.Common.Services;
+
+namespace OliverBooth.Common.Data.Web.Users;
+
+/// <summary>
+///     An enumeration of possible results for <see cref="IUserService.VerifyMfaRequest" />.
+/// </summary>
+public enum MfaRequestResult
+{
+    /// <summary>
+    ///     The request was successful.
+    /// </summary>
+    Success,
+
+    /// <summary>
+    ///     The wrong code was entered.
+    /// </summary>
+    InvalidTotp,
+
+    /// <summary>
+    ///     The MFA token has expired.
+    /// </summary>
+    TokenExpired,
+
+    /// <summary>
+    ///     Too many attempts were made by the user.
+    /// </summary>
+    TooManyAttempts,
+}

OliverBooth.Common/Data/Web/Users/MfaToken.cs

@@ -0,0 +1,19 @@
+namespace OliverBooth.Common.Data.Web.Users;
+
+internal sealed class MfaToken : IMfaToken
+{
+    /// <inheritdoc />
+    public int Attempts { get; set; }
+
+    /// <inheritdoc />
+    public DateTimeOffset Created { get; set; }
+
+    /// <inheritdoc />
+    public DateTimeOffset Expires { get; set; }
+
+    /// <inheritdoc />
+    public string Token { get; set; } = string.Empty;
+
+    /// <inheritdoc />
+    public IUser User { get; set; } = null!;
+}

OliverBooth.Common/Data/Web/Users/Session.cs

@@ -0,0 +1,33 @@
+using System.Net;
+
+namespace OliverBooth.Common.Data.Web.Users;
+
+internal sealed class Session : ISession
+{
+    /// <inheritdoc />
+    public DateTimeOffset Created { get; set; }
+
+    /// <inheritdoc />
+    public DateTimeOffset Expires { get; set; }
+
+    /// <inheritdoc />
+    public Guid Id { get; private set; } = Guid.NewGuid();
+
+    /// <inheritdoc />
+    public IPAddress IpAddress { get; set; } = IPAddress.None;
+
+    /// <inheritdoc />
+    public DateTimeOffset LastAccessed { get; set; }
+
+    /// <inheritdoc />
+    public bool RequiresTotp { get; set; }
+
+    /// <inheritdoc />
+    public DateTimeOffset Updated { get; set; }
+
+    /// <inheritdoc />
+    public string UserAgent { get; set; } = string.Empty;
+
+    /// <inheritdoc />
+    public Guid UserId { get; set; }
+}

OliverBooth.Common/Data/Web/Users/User.cs

@@ -2,13 +2,15 @@ using System.ComponentModel.DataAnnotations.Schema;
 using System.Security.Cryptography;
 using System.Text;
 using Cysharp.Text;
+using OliverBooth.Common.Data.Blog;
+using OtpNet;
 
-namespace OliverBooth.Data.Blog;
+namespace OliverBooth.Common.Data.Web.Users;
 
 /// <summary>
 ///     Represents a user.
 /// </summary>
-internal sealed class User : IUser, IBlogAuthor
+internal sealed class User : IUser, IAuthor
 {
     /// <inheritdoc cref="IUser.AvatarUrl" />
     [NotMapped]
@@ -23,9 +25,15 @@ internal sealed class User : IUser, IBlogAuthor
     /// <inheritdoc cref="IUser.Id" />
     public Guid Id { get; private set; } = Guid.NewGuid();
 
+    /// <inheritdoc />
+    public IReadOnlyList<Permission> Permissions { get; private set; } = ArraySegment<Permission>.Empty;
+
     /// <inheritdoc />
     public DateTimeOffset Registered { get; private set; } = DateTimeOffset.UtcNow;
 
+    /// <inheritdoc />
+    public string? Totp { get; private set; }
+
     /// <summary>
     ///     Gets or sets the password hash.
     /// </summary>
@@ -58,16 +66,44 @@ internal sealed class User : IUser, IBlogAuthor
         Span<char> hex = stackalloc char[2];
         for (var index = 0; index < hash.Length; index++)
         {
-            if (hash[index].TryFormat(hex, out _, "x2")) builder.Append(hex);
-            else builder.Append("00");
+            if (hash[index].TryFormat(hex, out _, "x2"))
+            {
+                builder.Append(hex);
+            }
+            else
+            {
+                builder.Append("00");
+            }
         }
 
         return new Uri($"https://www.gravatar.com/avatar/{builder}?size={size}");
     }
 
+    /// <inheritdoc />
+    public bool HasPermission(Permission permission)
+    {
+        return HasPermission(permission.Name);
+    }
+
+    /// <inheritdoc />
+    public bool HasPermission(string permission)
+    {
+        return (Permissions.Any(p => p.IsAllowed && p.Name == permission) ||
+                Permissions.Any(p => p is { IsAllowed: true, Name: "*" })) &&
+               !Permissions.Any(p => !p.IsAllowed && p.Name == permission);
+    }
+
     /// <inheritdoc />
     public bool TestCredentials(string password)
     {
         return false;
     }
+
+    /// <inheritdoc />
+    public bool TestTotp(string value)
+    {
+        byte[]? key = Base32Encoding.ToBytes(Totp);
+        var totp = new Totp(key);
+        return totp.VerifyTotp(value, out _, VerificationWindow.RfcSpecifiedNetworkDelay);
+    }
 }

OliverBooth.Common/Data/Web/WebContext.cs

@@ -1,7 +1,12 @@
 using Microsoft.EntityFrameworkCore;
-using OliverBooth.Data.Web.Configuration;
+using Microsoft.Extensions.Configuration;
+using OliverBooth.Common.Data.Web.Books;
+using OliverBooth.Common.Data.Web.Configuration;
+using OliverBooth.Common.Data.Web.Contact;
+using OliverBooth.Common.Data.Web.Projects;
+using OliverBooth.Common.Data.Web.Users;
 
-namespace OliverBooth.Data.Web;
+namespace OliverBooth.Common.Data.Web;
 
 /// <summary>
 ///     Represents a session with the web database.
@@ -43,6 +48,12 @@ internal sealed class WebContext : DbContext
     /// <value>The collection of projects.</value>
     public DbSet<Project> Projects { get; private set; } = null!;
 
+    /// <summary>
+    ///     Gets the collection of sessions in the database.
+    /// </summary>
+    /// <value>The collection of sessions.</value>
+    public DbSet<Session> Sessions { get; private set; } = null!;
+
     /// <summary>
     ///     Gets the set of site configuration items.
     /// </summary>
@@ -55,6 +66,12 @@ internal sealed class WebContext : DbContext
     /// <value>The collection of templates.</value>
     public DbSet<Template> Templates { get; private set; } = null!;
 
+    /// <summary>
+    ///     Gets the collection of users in the database.
+    /// </summary>
+    /// <value>The collection of users.</value>
+    public DbSet<User> Users { get; private set; } = null!;
+
     /// <inheritdoc />
     protected override void OnConfiguring(DbContextOptionsBuilder optionsBuilder)
     {
@@ -71,6 +88,8 @@ internal sealed class WebContext : DbContext
         modelBuilder.ApplyConfiguration(new ProgrammingLanguageConfiguration());
         modelBuilder.ApplyConfiguration(new ProjectConfiguration());
         modelBuilder.ApplyConfiguration(new TemplateConfiguration());
+        modelBuilder.ApplyConfiguration(new SessionConfiguration());
         modelBuilder.ApplyConfiguration(new SiteConfigurationConfiguration());
+        modelBuilder.ApplyConfiguration(new UserConfiguration());
     }
 }

OliverBooth.Common/Extensions/DependencyInjectionExtensions.cs

@@ -0,0 +1,43 @@
+using Markdig;
+using Microsoft.Extensions.DependencyInjection;
+using OliverBooth.Common.Data.Blog;
+using OliverBooth.Common.Data.Web;
+using OliverBooth.Common.Markdown.Template;
+using OliverBooth.Common.Services;
+using X10D.Hosting.DependencyInjection;
+
+namespace OliverBooth.Common.Extensions;
+
+/// <summary>
+///     Extension methods for dependency injection.
+/// </summary>
+public static class DependencyInjectionExtensions
+{
+    /// <summary>
+    ///     Adds all required services provided by the assembly to the current <see cref="IServiceCollection" />.
+    /// </summary>
+    /// <param name="collection">The <see cref="IServiceCollection" /> to add the service to.</param>
+    public static void AddCommonServices(this IServiceCollection collection)
+    {
+        collection.AddSingleton(provider => new MarkdownPipelineBuilder()
+            // .Use<TimestampExtension>()
+            .Use(new TemplateExtension(provider.GetRequiredService<ITemplateService>()))
+            .UseAdvancedExtensions()
+            .UseBootstrap()
+            .UseEmojiAndSmiley()
+            .UseSmartyPants()
+            .Build());
+
+        collection.AddDbContextFactory<BlogContext>();
+        collection.AddDbContextFactory<WebContext>();
+
+        collection.AddSingleton<IBlogPostService, BlogPostService>();
+        collection.AddSingleton<IContactService, ContactService>();
+        collection.AddSingleton<IProjectService, ProjectService>();
+        collection.AddSingleton<IReadingListService, ReadingListService>();
+        collection.AddSingleton<ITemplateService, TemplateService>();
+
+        collection.AddHostedSingleton<ISessionService, SessionService>();
+        collection.AddHostedSingleton<IUserService, UserService>();
+    }
+}

OliverBooth.Common/Extensions/WebHostBuilderExtensions.cs

@@ -1,6 +1,7 @@
 using System.Security.Cryptography.X509Certificates;
+using Microsoft.AspNetCore.Hosting;
 
-namespace OliverBooth.Extensions;
+namespace OliverBooth.Common.Extensions;
 
 /// <summary>
 ///     Extension methods for <see cref="IWebHostBuilder" />.

OliverBooth.Common/Formatting/DateFormatter.cs

@@ -1,7 +1,7 @@
 using System.Globalization;
 using SmartFormat.Core.Extensions;
 
-namespace OliverBooth.Formatting;
+namespace OliverBooth.Common.Formatting;
 
 /// <summary>
 ///     Represents a SmartFormat formatter that formats a date.
@@ -18,13 +18,17 @@ public sealed class DateFormatter : IFormatter
     public bool TryEvaluateFormat(IFormattingInfo formattingInfo)
     {
         if (formattingInfo.CurrentValue is not string value)
+        {
             return false;
+        }
 
         if (!DateTime.TryParseExact(value, "yyyy-MM-dd",
                 CultureInfo.InvariantCulture,
                 DateTimeStyles.None,
                 out DateTime date))
+        {
             return false;
+        }
 
 
         formattingInfo.Write(date.ToString(formattingInfo.Format?.ToString(), CultureInfo.InvariantCulture));

OliverBooth.Common/Formatting/MarkdownFormatter.cs

@@ -1,7 +1,8 @@
 using Markdig;
+using Microsoft.Extensions.DependencyInjection;
 using SmartFormat.Core.Extensions;
 
-namespace OliverBooth.Formatting;
+namespace OliverBooth.Common.Formatting;
 
 /// <summary>
 ///     Represents a SmartFormat formatter that formats markdown.
@@ -29,7 +30,9 @@ public sealed class MarkdownFormatter : IFormatter
     public bool TryEvaluateFormat(IFormattingInfo formattingInfo)
     {
         if (formattingInfo.CurrentValue is not string value)
+        {
             return false;
+        }
 
         var pipeline = _serviceProvider.GetService<MarkdownPipeline>();
         formattingInfo.Write(Markdig.Markdown.ToHtml(value, pipeline));

OliverBooth.Common/Markdown/Template/TemplateExtension.cs

@@ -1,8 +1,8 @@
 using Markdig;
 using Markdig.Renderers;
-using OliverBooth.Services;
+using OliverBooth.Common.Services;
 
-namespace OliverBooth.Markdown.Template;
+namespace OliverBooth.Common.Markdown.Template;
 
 /// <summary>
 ///     Represents a Markdown extension that adds support for MediaWiki-style templates.

OliverBooth.Common/Markdown/Template/TemplateInline.cs

@@ -1,6 +1,6 @@
 using Markdig.Syntax.Inlines;
 
-namespace OliverBooth.Markdown.Template;
+namespace OliverBooth.Common.Markdown.Template;
 
 /// <summary>
 ///     Represents a Markdown inline element that represents a MediaWiki-style template.

OliverBooth.Common/Markdown/Template/TemplateInlineParser.cs

@@ -2,7 +2,7 @@ using Cysharp.Text;
 using Markdig.Helpers;
 using Markdig.Parsers;
 
-namespace OliverBooth.Markdown.Template;
+namespace OliverBooth.Common.Markdown.Template;
 
 /// <summary>
 ///     Represents a Markdown inline parser that handles MediaWiki-style templates.
@@ -17,7 +17,7 @@ public sealed class TemplateInlineParser : InlineParser
     /// </summary>
     public TemplateInlineParser()
     {
-        OpeningCharacters = new[] { '{' };
+        OpeningCharacters = ['{'];
     }
 
     /// <inheritdoc />

OliverBooth.Common/Markdown/Template/TemplateRenderer.cs

@@ -1,8 +1,8 @@
 using Markdig.Renderers;
 using Markdig.Renderers.Html;
-using OliverBooth.Services;
+using OliverBooth.Common.Services;
 
-namespace OliverBooth.Markdown.Template;
+namespace OliverBooth.Common.Markdown.Template;
 
 /// <summary>
 ///     Represents a Markdown object renderer that handles <see cref="TemplateInline" /> elements.

OliverBooth.Common/OliverBooth.Common.csproj

@@ -0,0 +1,34 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+    <PropertyGroup>
+        <TargetFramework>net8.0</TargetFramework>
+        <ImplicitUsings>enable</ImplicitUsings>
+        <Nullable>enable</Nullable>
+    </PropertyGroup>
+
+    <ItemGroup>
+        <PackageReference Include="Alexinea.Extensions.Configuration.Toml" Version="7.0.0"/>
+        <PackageReference Include="Asp.Versioning.Mvc" Version="8.0.0"/>
+        <PackageReference Include="BCrypt.Net-Core" Version="1.6.0"/>
+        <PackageReference Include="Humanizer.Core" Version="2.14.1"/>
+        <PackageReference Include="Markdig" Version="0.36.2"/>
+        <PackageReference Include="Microsoft.Extensions.Hosting.Abstractions" Version="8.0.0"/>
+        <PackageReference Include="NetBarcode" Version="1.7.0"/>
+        <PackageReference Include="Otp.NET" Version="1.3.0"/>
+        <PackageReference Include="Pomelo.EntityFrameworkCore.MySql" Version="8.0.2"/>
+        <PackageReference Include="Serilog" Version="3.1.1"/>
+        <PackageReference Include="Serilog.AspNetCore" Version="8.0.1"/>
+        <PackageReference Include="Serilog.Extensions.Logging" Version="8.0.0"/>
+        <PackageReference Include="Serilog.Sinks.Console" Version="5.0.1"/>
+        <PackageReference Include="Serilog.Sinks.File" Version="5.0.0"/>
+        <PackageReference Include="SmartFormat.NET" Version="3.3.2"/>
+        <PackageReference Include="X10D" Version="3.3.1"/>
+        <PackageReference Include="X10D.Hosting" Version="3.3.1"/>
+        <PackageReference Include="ZString" Version="2.5.1"/>
+    </ItemGroup>
+
+    <ItemGroup>
+        <Folder Include="Markdown\"/>
+    </ItemGroup>
+
+</Project>

OliverBooth.Common/Services/BlogPostService.cs

@@ -2,17 +2,30 @@ using System.Diagnostics.CodeAnalysis;
 using Humanizer;
 using Markdig;
 using Microsoft.EntityFrameworkCore;
-using OliverBooth.Data.Blog;
+using OliverBooth.Common.Data.Blog;
+using OliverBooth.Common.Data.Web.Users;
 
-namespace OliverBooth.Services;
+namespace OliverBooth.Common.Services;
 
 /// <summary>
 ///     Represents an implementation of <see cref="IBlogPostService" />.
 /// </summary>
 internal sealed class BlogPostService : IBlogPostService
 {
+    /*private static readonly JsonSerializerOptions EditorJsOptions = new()
+    {
+        ReferenceHandler = ReferenceHandler.Preserve,
+        Converters =
+        {
+            new ParagraphBlockConverter(),
+            new HeadingBlockConverter(),
+            new MarkdownDocumentConverter()
+        }
+    };
+    */
+
     private readonly IDbContextFactory<BlogContext> _dbContextFactory;
-    private readonly IBlogUserService _blogUserService;
+    private readonly IUserService _userService;
     private readonly MarkdownPipeline _markdownPipeline;
 
     /// <summary>
@@ -21,17 +34,30 @@ internal sealed class BlogPostService : IBlogPostService
     /// <param name="dbContextFactory">
     ///     The <see cref="IDbContextFactory{TContext}" /> used to create a <see cref="BlogContext" />.
     /// </param>
-    /// <param name="blogUserService">The <see cref="IBlogUserService" />.</param>
+    /// <param name="userService">The <see cref="IUserService" />.</param>
     /// <param name="markdownPipeline">The <see cref="MarkdownPipeline" />.</param>
     public BlogPostService(IDbContextFactory<BlogContext> dbContextFactory,
-        IBlogUserService blogUserService,
+        IUserService userService,
         MarkdownPipeline markdownPipeline)
     {
         _dbContextFactory = dbContextFactory;
-        _blogUserService = blogUserService;
+        _userService = userService;
         _markdownPipeline = markdownPipeline;
     }
 
+    /// <inheritdoc />
+    public string GetBlogPostEditorObject(IBlogPost post)
+    {
+        if (post is null)
+        {
+            throw new ArgumentNullException(nameof(post));
+        }
+
+        /*var document = (JsonDocument)Markdig.Markdown.Convert(post.Body, new JsonRenderer(), _markdownPipeline);
+        return JsonSerializer.Serialize(document, EditorJsOptions);*/
+        return """{"blocks":{}}""";
+    }
+
     /// <inheritdoc />
     public int GetBlogPostCount()
     {
@@ -40,12 +66,29 @@ internal sealed class BlogPostService : IBlogPostService
     }
 
     /// <inheritdoc />
-    public IReadOnlyList<IBlogPost> GetAllBlogPosts(int limit = -1)
+    public IReadOnlyList<IBlogPostDraft> GetDrafts(IBlogPost post)
+    {
+        if (post is null)
+        {
+            throw new ArgumentNullException(nameof(post));
+        }
+
+        using BlogContext context = _dbContextFactory.CreateDbContext();
+        return context.BlogPostDrafts.Where(d => d.Id == post.Id).OrderBy(d => d.Updated).ToArray();
+    }
+
+    /// <inheritdoc />
+    public IReadOnlyList<IBlogPost> GetAllBlogPosts(int limit = -1,
+        BlogPostVisibility visibility = BlogPostVisibility.Published)
     {
         using BlogContext context = _dbContextFactory.CreateDbContext();
-        IQueryable<BlogPost> ordered = context.BlogPosts
-            .Where(p => p.Visibility == BlogPostVisibility.Published)
-            .OrderByDescending(post => post.Published);
+        IQueryable<BlogPost> ordered = context.BlogPosts;
+        if (visibility != (BlogPostVisibility)(-1))
+        {
+            ordered = ordered.Where(p => p.Visibility == visibility);
+        }
+
+        ordered = ordered.OrderByDescending(post => post.Published);
         if (limit > -1)
         {
             ordered = ordered.Take(limit);
@@ -155,6 +198,21 @@ internal sealed class BlogPostService : IBlogPostService
         return true;
     }
 
+    /// <inheritdoc />
+    public void UpdatePost(IBlogPost post)
+    {
+        if (post is null)
+        {
+            throw new ArgumentNullException(nameof(post));
+        }
+
+        using BlogContext context = _dbContextFactory.CreateDbContext();
+        BlogPost cached = context.BlogPosts.First(p => p.Id == post.Id);
+        context.BlogPostDrafts.Add(BlogPostDraft.CreateFromBlogPost(cached));
+        context.Update(post);
+        context.SaveChanges();
+    }
+
     private BlogPost CacheAuthor(BlogPost post)
     {
         // ReSharper disable once ConditionIsAlwaysTrueOrFalseAccordingToNullableAPIContract
@@ -163,7 +221,7 @@ internal sealed class BlogPostService : IBlogPostService
             return post;
         }
 
-        if (_blogUserService.TryGetUser(post.AuthorId, out IUser? user) && user is IBlogAuthor author)
+        if (_userService.TryGetUser(post.AuthorId, out IUser? user) && user is IAuthor author)
         {
             post.Author = author;
         }

OliverBooth.Common/Services/ContactService.cs

@@ -1,7 +1,8 @@
 using Microsoft.EntityFrameworkCore;
-using OliverBooth.Data.Web;
+using OliverBooth.Common.Data.Web;
+using OliverBooth.Common.Data.Web.Contact;
 
-namespace OliverBooth.Services;
+namespace OliverBooth.Common.Services;
 
 /// <inheritdoc cref="IContactService" />
 internal sealed class ContactService : IContactService

OliverBooth.Common/Services/IBlogPostService.cs

@@ -1,7 +1,7 @@
 using System.Diagnostics.CodeAnalysis;
-using OliverBooth.Data.Blog;
+using OliverBooth.Common.Data.Blog;
 
-namespace OliverBooth.Services;
+namespace OliverBooth.Common.Services;
 
 /// <summary>
 ///     Represents a service for managing blog posts.
@@ -12,12 +12,14 @@ public interface IBlogPostService
     ///     Returns a collection of all blog posts.
     /// </summary>
     /// <param name="limit">The maximum number of posts to return. A value of -1 returns all posts.</param>
+    /// <param name="visibility">The visibility of the posts to retrieve.</param>
     /// <returns>A collection of all blog posts.</returns>
     /// <remarks>
     ///     This method may slow down execution if there are a large number of blog posts being requested. It is
     ///     recommended to use <see cref="GetBlogPosts" /> instead.
     /// </remarks>
-    IReadOnlyList<IBlogPost> GetAllBlogPosts(int limit = -1);
+    IReadOnlyList<IBlogPost> GetAllBlogPosts(int limit = -1,
+        BlogPostVisibility visibility = BlogPostVisibility.Published);
 
     /// <summary>
     ///     Returns the total number of blog posts.
@@ -25,6 +27,14 @@ public interface IBlogPostService
     /// <returns>The total number of blog posts.</returns>
     int GetBlogPostCount();
 
+    /// <summary>
+    ///     Returns a JSON object representing the blog post block data.
+    /// </summary>
+    /// <param name="post">The blog post whose block data object should be returned.</param>
+    /// <returns>The JSON data of the blog post block data.</returns>
+    /// <exception cref="ArgumentNullException"><paramref name="post" /> is <see langword="null" />.</exception>
+    string GetBlogPostEditorObject(IBlogPost post);
+
     /// <summary>
     ///     Returns a collection of blog posts from the specified page, optionally limiting the number of posts
     ///     returned per page.
@@ -32,7 +42,15 @@ public interface IBlogPostService
     /// <param name="page">The zero-based index of the page to return.</param>
     /// <param name="pageSize">The maximum number of posts to return per page.</param>
     /// <returns>A collection of blog posts.</returns>
-    IReadOnlyList<IBlogPost> GetBlogPosts(int page, int pageSize = 10);
+    IReadOnlyList<IBlogPost> GetBlogPosts(int page, int pageSize);
+
+    /// <summary>
+    ///     Returns the drafts of this post, sorted by their update timestamp.
+    /// </summary>
+    /// <param name="post">The post whose drafts to return.</param>
+    /// <returns>The drafts of the <paramref name="post" />.</returns>
+    /// <exception cref="ArgumentNullException"><paramref name="post" /> is <see langword="null" />.</exception>
+    IReadOnlyList<IBlogPostDraft> GetDrafts(IBlogPost post);
 
     /// <summary>
     ///     Returns the next blog post from the specified blog post.
@@ -108,4 +126,11 @@ public interface IBlogPostService
     /// </returns>
     /// <exception cref="ArgumentNullException"><paramref name="slug" /> is <see langword="null" />.</exception>
     bool TryGetPost(DateOnly publishDate, string slug, [NotNullWhen(true)] out IBlogPost? post);
+
+    /// <summary>
+    ///     Updates the specified post.
+    /// </summary>
+    /// <param name="post">The post to edit.</param>
+    /// <exception cref="ArgumentNullException"><paramref name="post" /> is <see langword="null" />.</exception>
+    void UpdatePost(IBlogPost post);
 }

OliverBooth.Common/Services/IContactService.cs

@@ -1,6 +1,6 @@
-using OliverBooth.Data.Web;
+using OliverBooth.Common.Data.Web.Contact;
 
-namespace OliverBooth.Services;
+namespace OliverBooth.Common.Services;
 
 /// <summary>
 ///     Represents a service for managing contact information.

OliverBooth.Common/Services/IProjectService.cs

@@ -1,7 +1,7 @@
 using System.Diagnostics.CodeAnalysis;
-using OliverBooth.Data.Web;
+using OliverBooth.Common.Data.Web.Projects;
 
-namespace OliverBooth.Services;
+namespace OliverBooth.Common.Services;
 
 /// <summary>
 ///     Represents a service for interacting with projects.

OliverBooth.Common/Services/IReadingListService.cs

@@ -1,6 +1,6 @@
-using OliverBooth.Data.Web;
+using OliverBooth.Common.Data.Web.Books;
 
-namespace OliverBooth.Services;
+namespace OliverBooth.Common.Services;
 
 /// <summary>
 ///     Represents a service which fetches books from the reading list.

OliverBooth.Common/Services/ISessionService.cs

@@ -0,0 +1,106 @@
+using System.Diagnostics.CodeAnalysis;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Mvc;
+using OliverBooth.Common.Data.Web.Users;
+using ISession = OliverBooth.Common.Data.Web.Users.ISession;
+
+namespace OliverBooth.Common.Services;
+
+public interface ISessionService
+{
+    /// <summary>
+    ///     Creates a new session for the specified user.
+    /// </summary>
+    /// <param name="request">The HTTP request.</param>
+    /// <param name="user">The user.</param>
+    /// <returns>The newly-created session.</returns>
+    /// <exception cref="ArgumentNullException">
+    ///     <para><paramref name="request" /> is <see langword="null" />.</para>
+    ///     -or-
+    ///     <para><paramref name="user" /> is <see langword="null" />.</para>
+    /// </exception>
+    ISession CreateSession(HttpRequest request, IUser user);
+
+    /// <summary>
+    ///     Deletes the specified session.
+    /// </summary>
+    /// <param name="session">The session to delete.</param>
+    /// <exception cref="ArgumentNullException"><paramref name="session" /> is <see langword="null" />.</exception>
+    void DeleteSession(ISession session);
+
+    /// <summary>
+    ///     Deletes the client's session cookie.
+    /// </summary>
+    /// <param name="response">The response to edit.</param>
+    /// <exception cref="ArgumentNullException"><paramref name="response" /> is <see langword="null" />.</exception>
+    IActionResult DeleteSessionCookie(HttpResponse response);
+
+    /// <summary>
+    ///     Saves a session cookie to the client's browser.
+    /// </summary>
+    /// <param name="response">The response to edit.</param>
+    /// <param name="session">The session to write.</param>
+    /// <exception cref="ArgumentNullException">
+    ///     <para><paramref name="request" /> is <see langword="null" />.</para>
+    ///     -or-
+    ///     <para><paramref name="session" /> is <see langword="null" />.</para>
+    /// </exception>
+    void SaveSessionCookie(HttpResponse response, ISession session);
+
+    /// <summary>
+    ///     Attempts to find the user associated with the client's current request.
+    /// </summary>
+    /// <param name="request">The HTTP request.</param>
+    /// <param name="response">The response to edit.</param>
+    /// <param name="user">
+    ///     When this method returns, contains the user with the specified request, if the user is found; otherwise,
+    ///     <see langword="null" />.
+    /// </param>
+    /// <returns>
+    ///     <see langword="true" /> if a user is found; otherwise, <see langword="false" />.
+    /// </returns>
+    /// <exception cref="ArgumentNullException">
+    ///     <para><paramref name="request" /> is <see langword="null" />.</para>
+    ///     -or-
+    ///     <para><paramref name="response" /> is <see langword="null" />.</para>
+    /// </exception>
+    bool TryGetCurrentUser(HttpRequest request, HttpResponse response, [NotNullWhen(true)] out IUser? user);
+
+    /// <summary>
+    ///     Attempts to find a session with the specified ID.
+    /// </summary>
+    /// <param name="sessionId">The session ID.</param>
+    /// <param name="session">
+    ///     When this method returns, contains the session with the specified ID, if the session is found; otherwise,
+    ///     <see langword="null" />.
+    /// </param>
+    /// <returns>
+    ///     <see langword="true" /> if a session with the specified ID is found; otherwise, <see langword="false" />.
+    /// </returns>
+    bool TryGetSession(Guid sessionId, [NotNullWhen(true)] out ISession? session);
+
+    /// <summary>
+    ///     Attempts to find the session associated with the HTTP request.
+    /// </summary>
+    /// <param name="request">The HTTP request.</param>
+    /// <param name="session">
+    ///     When this method returns, contains the session with the specified request, if the user is found; otherwise,
+    ///     <see langword="null" />.
+    /// </param>
+    /// <returns><see langword="true" /> if the session was found; otherwise, <see langword="false" />.</returns>
+    /// <exception cref="ArgumentNullException"><paramref name="request" /> is <see langword="null" />.</exception>
+    bool TryGetSession(HttpRequest request, [NotNullWhen(true)] out ISession? session);
+
+    /// <summary>
+    ///     Validates the session with the incoming HTTP request.
+    /// </summary>
+    /// <param name="request">The HTTP request.</param>
+    /// <param name="session">The session.</param>
+    /// <returns><see langword="true" /> if the session is valid; otherwise, <see langword="false" />.</returns>
+    /// <exception cref="ArgumentNullException">
+    ///     <para><paramref name="request" /> is <see langword="null" />.</para>
+    ///     -or-
+    ///     <para><paramref name="session" /> is <see langword="null" />.</para>
+    /// </exception>
+    bool ValidateSession(HttpRequest request, ISession session);
+}

OliverBooth.Common/Services/ITemplateService.cs

@@ -1,8 +1,8 @@
 using System.Diagnostics.CodeAnalysis;
-using OliverBooth.Data.Web;
-using OliverBooth.Markdown.Template;
+using OliverBooth.Common.Data.Web;
+using OliverBooth.Common.Markdown.Template;
 
-namespace OliverBooth.Services;
+namespace OliverBooth.Common.Services;
 
 /// <summary>
 ///     Represents a service that renders MediaWiki-style templates.

OliverBooth.Common/Services/IUserService.cs

@@ -0,0 +1,82 @@
+using System.Diagnostics.CodeAnalysis;
+using OliverBooth.Common.Data.Web.Users;
+
+namespace OliverBooth.Common.Services;
+
+/// <summary>
+///     Represents a service which manages users.
+/// </summary>
+public interface IUserService
+{
+    /// <summary>
+    ///     Clears all expired tokens.
+    /// </summary>
+    void ClearExpiredTokens();
+
+    /// <summary>
+    ///     Clears all tokens.
+    /// </summary>
+    void ClearTokens();
+
+    /// <summary>
+    ///     Creates a temporary MFA token for the specified user.
+    /// </summary>
+    /// <param name="user">The user for whom to create the token.</param>
+    /// <returns>The newly-created token.</returns>
+    /// <exception cref="ArgumentNullException"><paramref name="user" /> is <see langword="null" />.</exception>
+    IMfaToken CreateMfaToken(IUser user);
+
+    /// <summary>
+    ///     Deletes the specified token.
+    /// </summary>
+    /// <param name="token">The token to delete.</param>
+    /// <exception cref="ArgumentNullException"><paramref name="token" /> is <see langword="null" />.</exception>
+    void DeleteToken(string token);
+
+    /// <summary>
+    ///     Attempts to find a user by their unique ID.
+    /// </summary>
+    /// <param name="id">The ID of the user to return.</param>
+    /// <param name="user">
+    ///     When this method returns, contains the user whose ID is equal to the specified <paramref name="id" />, if
+    ///     such a user exists; otherwise, <see langword="null" />.
+    /// </param>
+    /// <returns>
+    ///     <see langword="true" /> if a user was found with the specified <paramref name="id" />; otherwise,
+    ///     <see langword="false" />.
+    /// </returns>
+    bool TryGetUser(Guid id, [NotNullWhen(true)] out IUser? user);
+
+    /// <summary>
+    ///     Verifies the login information of the specified user.
+    /// </summary>
+    /// <param name="email">The email address.</param>
+    /// <param name="password">The password.</param>
+    /// <param name="user">
+    ///     When this method returns, contains the user associated with the login credentials, or
+    ///     <see langword="null" /> if the credentials are invalid.
+    /// </param>
+    /// <returns>
+    ///     <see langword="true" /> if the login credentials are valid; otherwise, <see langword="false" />.
+    /// </returns>
+    bool VerifyLogin(string email, string password, [NotNullWhen(true)] out IUser? user);
+
+    /// <summary>
+    ///     Verifies the MFA request for the specified user.
+    /// </summary>
+    /// <param name="token">The MFA token.</param>
+    /// <param name="totp">The user-provided TOTP.</param>
+    /// <param name="user">
+    ///     When this method returns, contains the user associated with the specified token, if the verification was
+    ///     successful; otherwise, <see langword="null" />.
+    /// </param>
+    /// <returns>
+    ///     An <see cref="MfaRequestResult" /> representing the result of the request.
+    /// </returns>
+    /// <exception cref="ArgumentNullException">
+    ///     <para><paramref name="token" /> is <see langword="null" />.</para>
+    ///     -or-
+    ///     <para><paramref name="totp" /> is <see langword="null" />.</para>
+    /// </exception>
+    MfaRequestResult VerifyMfaRequest(string token, string totp, out IUser? user);
+}

OliverBooth.Common/Services/ProjectService.cs

@@ -2,9 +2,10 @@ using System.Diagnostics.CodeAnalysis;
 using Humanizer;
 using Markdig;
 using Microsoft.EntityFrameworkCore;
-using OliverBooth.Data.Web;
+using OliverBooth.Common.Data.Web;
+using OliverBooth.Common.Data.Web.Projects;
 
-namespace OliverBooth.Services;
+namespace OliverBooth.Common.Services;
 
 /// <summary>
 ///     Represents a service for interacting with projects.

OliverBooth.Common/Services/ReadingListService.cs

@@ -1,7 +1,8 @@
 using Microsoft.EntityFrameworkCore;
-using OliverBooth.Data.Web;
+using OliverBooth.Common.Data.Web;
+using OliverBooth.Common.Data.Web.Books;
 
-namespace OliverBooth.Services;
+namespace OliverBooth.Common.Services;
 
 internal sealed class ReadingListService : IReadingListService
 {

OliverBooth.Common/Services/SessionService.cs

@@ -0,0 +1,244 @@
+using System.Diagnostics.CodeAnalysis;
+using System.Net;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.EntityFrameworkCore;
+using Microsoft.EntityFrameworkCore.ChangeTracking;
+using Microsoft.Extensions.Hosting;
+using Microsoft.Extensions.Logging;
+using OliverBooth.Common.Data.Web;
+using OliverBooth.Common.Data.Web.Users;
+using ISession = OliverBooth.Common.Data.Web.Users.ISession;
+
+namespace OliverBooth.Common.Services;
+
+internal sealed class SessionService : BackgroundService, ISessionService
+{
+    private readonly ILogger<SessionService> _logger;
+    private readonly IUserService _userService;
+    private readonly IDbContextFactory<WebContext> _webContextFactory;
+
+    /// <summary>
+    ///     Initializes a new instance of the <see cref="SessionService" /> class.
+    /// </summary>
+    /// <param name="logger">The logger.</param>
+    /// <param name="userService">The user service.</param>
+    /// <param name="webContextFactory">The <see cref="WebContext" /> factory.</param>
+    public SessionService(ILogger<SessionService> logger,
+        IUserService userService,
+        IDbContextFactory<WebContext> webContextFactory)
+    {
+        _logger = logger;
+        _userService = userService;
+        _webContextFactory = webContextFactory;
+    }
+
+    /// <inheritdoc />
+    public ISession CreateSession(HttpRequest request, IUser user)
+    {
+        if (request is null)
+        {
+            throw new ArgumentNullException(nameof(request));
+        }
+
+        if (user is null)
+        {
+            throw new ArgumentNullException(nameof(user));
+        }
+
+        using WebContext context = _webContextFactory.CreateDbContext();
+        var now = DateTimeOffset.UtcNow;
+        var session = new Session
+        {
+            UserId = user.Id,
+            IpAddress = request.HttpContext.Connection.RemoteIpAddress!,
+            Created = now,
+            Updated = now,
+            LastAccessed = now,
+            Expires = now + TimeSpan.FromDays(1),
+            RequiresTotp = !string.IsNullOrWhiteSpace(user.Totp),
+            UserAgent = request.Headers.UserAgent.ToString()
+        };
+        EntityEntry<Session> entry = context.Sessions.Add(session);
+        context.SaveChanges();
+        return entry.Entity;
+    }
+
+    /// <inheritdoc />
+    public void DeleteSession(ISession session)
+    {
+        using WebContext context = _webContextFactory.CreateDbContext();
+        context.Sessions.Remove((Session)session);
+        context.SaveChanges();
+    }
+
+    /// <inheritdoc />
+    public IActionResult DeleteSessionCookie(HttpResponse response)
+    {
+        response.Cookies.Delete("sid");
+        return new RedirectToPageResult("/Admin/Login");
+    }
+
+    /// <inheritdoc />
+    public void SaveSessionCookie(HttpResponse response, ISession session)
+    {
+        if (response is null)
+        {
+            throw new ArgumentNullException(nameof(response));
+        }
+
+        if (session is null)
+        {
+            throw new ArgumentNullException(nameof(session));
+        }
+
+        Span<byte> buffer = stackalloc byte[16];
+        if (!session.Id.TryWriteBytes(buffer))
+        {
+            return;
+        }
+
+        IPAddress? remoteIpAddress = response.HttpContext.Connection.RemoteIpAddress;
+        _logger.LogDebug("Writing cookie 'sid' to HTTP response for {RemoteAddr}", remoteIpAddress);
+        response.Cookies.Append("sid", Convert.ToBase64String(buffer), new CookieOptions
+        {
+            Expires = DateTimeOffset.UtcNow + TimeSpan.FromDays(30),
+            Secure = true,
+            SameSite = SameSiteMode.Strict
+        });
+    }
+
+    /// <inheritdoc />
+    public bool TryGetCurrentUser(HttpRequest request, HttpResponse response, [NotNullWhen(true)] out IUser? user)
+    {
+        user = null;
+
+        if (!TryGetSession(request, out ISession? session))
+        {
+            _logger.LogDebug("Session not found; redirecting");
+            DeleteSessionCookie(response);
+            return false;
+        }
+
+        if (!ValidateSession(request, session))
+        {
+            _logger.LogDebug("Session invalid; redirecting");
+            DeleteSessionCookie(response);
+            return false;
+        }
+
+        if (!_userService.TryGetUser(session.UserId, out user))
+        {
+            _logger.LogDebug("User not found; redirecting");
+            DeleteSessionCookie(response);
+            return false;
+        }
+
+        return true;
+    }
+
+    /// <inheritdoc />
+    public bool TryGetSession(Guid sessionId, [NotNullWhen(true)] out ISession? session)
+    {
+        using WebContext context = _webContextFactory.CreateDbContext();
+        session = context.Sessions.FirstOrDefault(s => s.Id == sessionId);
+        return session is not null;
+    }
+
+    /// <inheritdoc />
+    public bool TryGetSession(HttpRequest request, [NotNullWhen(true)] out ISession? session)
+    {
+        if (request is null)
+        {
+            throw new ArgumentNullException(nameof(request));
+        }
+
+        session = null;
+        IPAddress? remoteIpAddress = request.HttpContext.Connection.RemoteIpAddress;
+        if (remoteIpAddress is null)
+        {
+            return false;
+        }
+
+        if (!request.Cookies.TryGetValue("sid", out string? sessionIdCookie))
+        {
+            return false;
+        }
+
+        Span<byte> bytes = stackalloc byte[16];
+        if (!Convert.TryFromBase64Chars(sessionIdCookie, bytes, out int bytesWritten) || bytesWritten < 16)
+        {
+            return false;
+        }
+
+        var sessionId = new Guid(bytes);
+        return TryGetSession(sessionId, out session);
+    }
+
+    /// <inheritdoc />
+    public bool ValidateSession(HttpRequest request, ISession session)
+    {
+        if (request is null)
+        {
+            throw new ArgumentNullException(nameof(request));
+        }
+
+        if (session is null)
+        {
+            throw new ArgumentNullException(nameof(session));
+        }
+
+        IPAddress? remoteIpAddress = request.HttpContext.Connection.RemoteIpAddress;
+        if (remoteIpAddress is null)
+        {
+            return false;
+        }
+
+        if (session.Expires <= DateTimeOffset.UtcNow)
+        {
+            _logger.LogInformation("Session {Id} has expired (client {Ip})", session.Id, remoteIpAddress);
+            return false;
+        }
+
+        Span<byte> remoteAddressBytes = stackalloc byte[16];
+        Span<byte> sessionAddressBytes = stackalloc byte[16];
+        if (!remoteIpAddress.TryWriteBytes(remoteAddressBytes, out _) ||
+            !session.IpAddress.TryWriteBytes(sessionAddressBytes, out _))
+        {
+            _logger.LogWarning("Failed to write bytes for session {Id}", session.Id);
+            return false;
+        }
+
+        if (!remoteAddressBytes.SequenceEqual(sessionAddressBytes))
+        {
+            _logger.LogInformation("Session {Id} has IP mismatch (wanted {Expected}, got {Actual})", session.Id,
+                session.IpAddress, remoteIpAddress);
+            return false;
+        }
+
+        var userAgent = request.Headers.UserAgent.ToString();
+        if (session.UserAgent != userAgent)
+        {
+            _logger.LogInformation("Session {Id} has user agent mismatch (wanted {Expected}, got {Actual})", session.Id,
+                session.UserAgent, userAgent);
+            return false;
+        }
+
+        if (!_userService.TryGetUser(session.UserId, out _))
+        {
+            _logger.LogWarning("User {Id} not found for session {Session} (client {Ip})", session.UserId, session.Id,
+                remoteIpAddress);
+            return false;
+        }
+
+        return true;
+    }
+
+    /// <inheritdoc />
+    protected override async Task ExecuteAsync(CancellationToken stoppingToken)
+    {
+        await using WebContext context = await _webContextFactory.CreateDbContextAsync(stoppingToken);
+        context.Sessions.RemoveRange(context.Sessions.Where(s => s.Expires <= DateTimeOffset.UtcNow));
+        await context.SaveChangesAsync(stoppingToken);
+    }
+}

OliverBooth.Common/Services/TemplateService.cs

@@ -1,13 +1,13 @@
 using System.Buffers.Binary;
 using System.Diagnostics.CodeAnalysis;
 using Microsoft.EntityFrameworkCore;
-using OliverBooth.Data.Web;
-using OliverBooth.Formatting;
-using OliverBooth.Markdown.Template;
+using OliverBooth.Common.Data.Web;
+using OliverBooth.Common.Formatting;
+using OliverBooth.Common.Markdown.Template;
 using SmartFormat;
 using SmartFormat.Extensions;
 
-namespace OliverBooth.Services;
+namespace OliverBooth.Common.Services;
 
 /// <summary>
 ///     Represents a service that renders MediaWiki-style templates.
@@ -22,7 +22,7 @@ internal sealed class TemplateService : ITemplateService
     ///     Initializes a new instance of the <see cref="TemplateService" /> class.
     /// </summary>
     /// <param name="serviceProvider">The <see cref="IServiceProvider" />.</param>
-    /// <param name="webContextFactory">The <see cref="WebContext" /> factory.</param>
+    /// <param name="webContextFactory">The <see cref="Data.Web.WebContext" /> factory.</param>
     public TemplateService(IServiceProvider serviceProvider,
         IDbContextFactory<WebContext> webContextFactory)
     {
@@ -38,7 +38,10 @@ internal sealed class TemplateService : ITemplateService
     /// <inheritdoc />
     public string RenderGlobalTemplate(TemplateInline templateInline)
     {
-        if (templateInline is null) throw new ArgumentNullException(nameof(templateInline));
+        if (templateInline is null)
+        {
+            throw new ArgumentNullException(nameof(templateInline));
+        }
 
         return TryGetTemplate(templateInline.Name, templateInline.Variant, out ITemplate? template)
             ? RenderTemplate(templateInline, template)

OliverBooth.Common/Services/UserService.cs

@@ -0,0 +1,186 @@
+using System.Collections.Concurrent;
+using System.Diagnostics.CodeAnalysis;
+using System.Security.Cryptography;
+using Microsoft.EntityFrameworkCore;
+using Microsoft.Extensions.Hosting;
+using OliverBooth.Common.Data.Web;
+using OliverBooth.Common.Data.Web.Users;
+using BC = BCrypt.Net.BCrypt;
+using Timer = System.Timers.Timer;
+
+namespace OliverBooth.Common.Services;
+
+internal sealed class UserService : BackgroundService, IUserService
+{
+    private static readonly RandomNumberGenerator RandomNumberGenerator = RandomNumberGenerator.Create();
+    private readonly IDbContextFactory<WebContext> _dbContextFactory;
+    private readonly ConcurrentDictionary<Guid, IUser> _userCache = new();
+    private readonly ConcurrentDictionary<string, MfaToken> _tokenCache = new();
+    private readonly Timer _tokenClearTimer = new();
+
+    /// <summary>
+    ///     Initializes a new instance of the <see cref="UserService" /> class.
+    /// </summary>
+    /// <param name="dbContextFactory">
+    ///     The <see cref="IDbContextFactory{TContext}" /> used to create a <see cref="WebContext" />.
+    /// </param>
+    public UserService(IDbContextFactory<WebContext> dbContextFactory)
+    {
+        _dbContextFactory = dbContextFactory;
+
+        _tokenClearTimer.Interval = TimeSpan.FromMinutes(5).TotalMilliseconds;
+        _tokenClearTimer.Elapsed += (_, _) => ClearExpiredTokens();
+    }
+
+    /// <inheritdoc />
+    public void ClearExpiredTokens()
+    {
+        DateTimeOffset now = DateTimeOffset.UtcNow;
+        var keysToRemove = new string[_tokenCache.Count];
+        var insertionIndex = 0;
+
+        foreach (var (key, token) in _tokenCache)
+        {
+            if (token.Expires <= now)
+            {
+                keysToRemove[insertionIndex++] = key;
+            }
+        }
+
+        for (var index = 0; index < insertionIndex; index++)
+        {
+            _tokenCache.TryRemove(keysToRemove[index], out _);
+        }
+    }
+
+    /// <inheritdoc />
+    public void ClearTokens()
+    {
+        _tokenCache.Clear();
+    }
+
+    /// <inheritdoc />
+    public IMfaToken CreateMfaToken(IUser user)
+    {
+        if (user is null)
+        {
+            throw new ArgumentNullException(nameof(user));
+        }
+
+
+        DateTimeOffset now = DateTimeOffset.UtcNow;
+        var token = new MfaToken
+        {
+            Token = CreateToken(),
+            User = user,
+            Attempts = 0,
+            Created = now,
+            Expires = now + TimeSpan.FromMinutes(5)
+        };
+
+        _tokenCache[token.Token] = token;
+        return token;
+
+        // while we do want a string, BitConvert.ToString requires a heap byte array
+        // which is just very not pog. so this method behaves the same but uses a Span<byte>
+        // while still returning a string necessary for the IMfaToken model
+        static string CreateToken()
+        {
+            ReadOnlySpan<char> hexChars = "0123456789ABCDEF";
+            Span<char> chars = stackalloc char[128];
+            Span<byte> buffer = stackalloc byte[64];
+            RandomNumberGenerator.GetBytes(buffer);
+
+            for (var index = 0; index < buffer.Length; index++)
+            {
+                int byteValue = buffer[index];
+                chars[index * 2] = hexChars[byteValue >> 4];
+                chars[index * 2 + 1] = hexChars[byteValue & 0xF];
+            }
+
+            return chars.ToString();
+        }
+    }
+
+    /// <inheritdoc />
+    public void DeleteToken(string token)
+    {
+        if (token is null)
+        {
+            throw new ArgumentNullException(nameof(token));
+        }
+
+        _tokenCache.TryRemove(token, out _);
+    }
+
+    /// <inheritdoc />
+    public bool TryGetUser(Guid id, [NotNullWhen(true)] out IUser? user)
+    {
+        using WebContext context = _dbContextFactory.CreateDbContext();
+        user = context.Users.FirstOrDefault(u => u.Id == id);
+        return user is not null;
+    }
+
+    /// <inheritdoc />
+    public bool VerifyLogin(string email, string password, [NotNullWhen(true)] out IUser? user)
+    {
+        using WebContext context = _dbContextFactory.CreateDbContext();
+        user = context.Users.FirstOrDefault(u => u.EmailAddress == email);
+        if (user is not null && !BC.Verify(password, ((User)user).Password))
+        {
+            user = null;
+        }
+
+        return user is not null;
+    }
+
+    /// <inheritdoc />
+    public MfaRequestResult VerifyMfaRequest(string token, string totp, out IUser? user)
+    {
+        if (token is null)
+        {
+            throw new ArgumentNullException(nameof(token));
+        }
+
+        if (totp is null)
+        {
+            throw new ArgumentNullException(nameof(totp));
+        }
+
+        user = null;
+
+        if (!_tokenCache.TryGetValue(token, out MfaToken? mfaToken))
+        {
+            return MfaRequestResult.TokenExpired;
+        }
+
+        if (!mfaToken.User.TestTotp(totp))
+        {
+            mfaToken.Attempts++;
+            if (mfaToken.Attempts == 4)
+            {
+                return MfaRequestResult.TooManyAttempts;
+            }
+
+            return MfaRequestResult.InvalidTotp;
+        }
+
+        user = mfaToken.User;
+        return MfaRequestResult.Success;
+    }
+
+    /// <inheritdoc />
+    public override Task StopAsync(CancellationToken cancellationToken)
+    {
+        _tokenClearTimer.Stop();
+        return base.StopAsync(cancellationToken);
+    }
+
+    /// <inheritdoc />
+    protected override Task ExecuteAsync(CancellationToken stoppingToken)
+    {
+        ClearTokens();
+        _tokenClearTimer.Start();
+        return Task.CompletedTask;
+    }
+}