From 3fc53550c021635d13a88e8e36e50236d472e222 Mon Sep 17 00:00:00 2001 From: Thomas Mildner Date: Fri, 5 May 2023 14:17:59 +0200 Subject: [PATCH 1/2] - add page reload to nav menu - add refresh button - add cookie policy --- CookieAuthenticationExample/App.razor | 2 + .../Pages/FetchData.razor | 102 ++++++++++-------- CookieAuthenticationExample/Program.cs | 9 +- .../Shared/NavMenu.razor | 15 ++- 4 files changed, 76 insertions(+), 52 deletions(-) diff --git a/CookieAuthenticationExample/App.razor b/CookieAuthenticationExample/App.razor index 6cfc765..d0fac67 100644 --- a/CookieAuthenticationExample/App.razor +++ b/CookieAuthenticationExample/App.razor @@ -5,6 +5,8 @@ @*this gets displayed if the user is not authorized to view the page*@

Sie sind nicht berechtigt, diese Seite aufzurufen.

+ + diff --git a/CookieAuthenticationExample/Pages/FetchData.razor b/CookieAuthenticationExample/Pages/FetchData.razor index cbc9e68..2c85edf 100644 --- a/CookieAuthenticationExample/Pages/FetchData.razor +++ b/CookieAuthenticationExample/Pages/FetchData.razor @@ -4,6 +4,7 @@ @using System.Security.Claims @inject AuthenticationStateProvider AuthenticationStateProvider @inject WeatherForecastService ForecastService +@inject NavigationManager NavigationManager @attribute [Authorize] @@ -13,65 +14,72 @@

This component demonstrates fetching data from a service.

+ + @if (forecasts == null) { -

- Loading... -

+

+ Loading... +

} else { - - - - - - - - - - - @foreach (var forecast in forecasts) - { - - - - - - - } - -
DateTemp. (C)Temp. (F)Summary
@forecast.Date.ToShortDateString()@forecast.TemperatureC@forecast.TemperatureF@forecast.Summary
+ + + + + + + + + + + @foreach (var forecast in forecasts) + { + + + + + + + } + +
DateTemp. (C)Temp. (F)Summary
@forecast.Date.ToShortDateString()@forecast.TemperatureC@forecast.TemperatureF@forecast.Summary
} @code { - private WeatherForecast[]? forecasts; - private IEnumerable claims = Enumerable.Empty(); - private IEnumerable userClaimRoles = Enumerable.Empty(); + private WeatherForecast[]? forecasts; + private IEnumerable claims = Enumerable.Empty(); + private IEnumerable userClaimRoles = Enumerable.Empty(); + + private async Task GetClaimsPrincipalData() + { + var authState = await AuthenticationStateProvider.GetAuthenticationStateAsync(); + var user = authState.User; + if (user.Identity is not null && user.Identity.IsAuthenticated) + { + claims = user.Claims; + userClaimRoles = user.Claims.Select(a => a.Value).ToList(); + } - private async Task GetClaimsPrincipalData() - { - var authState = await AuthenticationStateProvider.GetAuthenticationStateAsync(); - var user = authState.User; - if (user.Identity is not null && user.Identity.IsAuthenticated) - { - claims = user.Claims; - userClaimRoles = user.Claims.Select(a => a.Value).ToList(); - } + if (userClaimRoles.Contains("Administrator")) + { + //yayyy admin + } + } - if (userClaimRoles.Contains("Administrator")) - { - //yayyy admin - } - } + private async Task Refresh() + { + NavigationManager.NavigateTo("/fetchdata", true); + } - protected override async Task OnInitializedAsync() - { - //dummy call to simulate claim user role check - GetClaimsPrincipalData(); + protected override async Task OnInitializedAsync() + { + //dummy call to simulate claim user role check + GetClaimsPrincipalData(); - forecasts = await ForecastService.GetForecastAsync(DateOnly.FromDateTime(DateTime.Now)); - } + forecasts = await ForecastService.GetForecastAsync(DateOnly.FromDateTime(DateTime.Now)); + } } \ No newline at end of file diff --git a/CookieAuthenticationExample/Program.cs b/CookieAuthenticationExample/Program.cs index e969f4d..ad15455 100644 --- a/CookieAuthenticationExample/Program.cs +++ b/CookieAuthenticationExample/Program.cs @@ -14,11 +14,18 @@ builder.Services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme) .AddCookie(options => { - options.ExpireTimeSpan = TimeSpan.FromSeconds(30); + options.ExpireTimeSpan = TimeSpan.FromSeconds(5); options.SlidingExpiration = true; options.AccessDeniedPath = "/Forbidden"; options.LoginPath = "/login"; + options.Cookie = new CookieBuilder() + { + SameSite = SameSiteMode.Lax, + SecurePolicy = CookieSecurePolicy.SameAsRequest, + HttpOnly = true, + }; + }); builder.Services.AddSingleton(); diff --git a/CookieAuthenticationExample/Shared/NavMenu.razor b/CookieAuthenticationExample/Shared/NavMenu.razor index cac7f66..53ead44 100644 --- a/CookieAuthenticationExample/Shared/NavMenu.razor +++ b/CookieAuthenticationExample/Shared/NavMenu.razor @@ -1,4 +1,6 @@ -
+@inject NavigationManager NavigationManager + +
CookieAuthenticationExample
- + Counter -
+
`
- + Fetch data
@@ -37,4 +39,9 @@ { collapseNavMenu = !collapseNavMenu; } + + private void NavigateTo(string url) + { + NavigationManager.NavigateTo(url, true); + } } From b9d7418f95312a9cfc05442dcc624511501ad53d Mon Sep 17 00:00:00 2001 From: Thomas Mildner Date: Fri, 5 May 2023 14:26:12 +0200 Subject: [PATCH 2/2] - add navigation pages --- CookieAuthenticationExample/Models/NavigationPages.cs | 11 +++++++++++ CookieAuthenticationExample/Pages/FetchData.razor | 10 ++++++---- CookieAuthenticationExample/Pages/LogOut.cshtml.cs | 3 ++- CookieAuthenticationExample/Pages/Login.cshtml.cs | 8 ++++---- CookieAuthenticationExample/Shared/NavMenu.razor | 7 ++++--- 5 files changed, 27 insertions(+), 12 deletions(-) create mode 100644 CookieAuthenticationExample/Models/NavigationPages.cs diff --git a/CookieAuthenticationExample/Models/NavigationPages.cs b/CookieAuthenticationExample/Models/NavigationPages.cs new file mode 100644 index 0000000..6dba17f --- /dev/null +++ b/CookieAuthenticationExample/Models/NavigationPages.cs @@ -0,0 +1,11 @@ +namespace CookieAuthenticationExample.Models +{ + public class NavigationPages + { + public const string Home = "/"; + + public const string Login = "/Login"; + public const string WeatherForecast = "/fetchdata"; + public const string Counter = "/counter"; + } +} diff --git a/CookieAuthenticationExample/Pages/FetchData.razor b/CookieAuthenticationExample/Pages/FetchData.razor index 2c85edf..3c7b431 100644 --- a/CookieAuthenticationExample/Pages/FetchData.razor +++ b/CookieAuthenticationExample/Pages/FetchData.razor @@ -2,6 +2,7 @@ @using CookieAuthenticationExample.Data @using System.Security.Claims +@using CookieAuthenticationExample.Models @inject AuthenticationStateProvider AuthenticationStateProvider @inject WeatherForecastService ForecastService @inject NavigationManager NavigationManager @@ -14,7 +15,7 @@

This component demonstrates fetching data from a service.

- + @if (forecasts == null) { @@ -68,16 +69,17 @@ else } } - private async Task Refresh() + private Task Refresh() { - NavigationManager.NavigateTo("/fetchdata", true); + NavigationManager.NavigateTo(NavigationPages.WeatherForecast, true); + return Task.CompletedTask; } protected override async Task OnInitializedAsync() { //dummy call to simulate claim user role check - GetClaimsPrincipalData(); + await GetClaimsPrincipalData(); forecasts = await ForecastService.GetForecastAsync(DateOnly.FromDateTime(DateTime.Now)); } diff --git a/CookieAuthenticationExample/Pages/LogOut.cshtml.cs b/CookieAuthenticationExample/Pages/LogOut.cshtml.cs index 5395085..0a66d52 100644 --- a/CookieAuthenticationExample/Pages/LogOut.cshtml.cs +++ b/CookieAuthenticationExample/Pages/LogOut.cshtml.cs @@ -1,3 +1,4 @@ +using CookieAuthenticationExample.Models; using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Authentication.Cookies; using Microsoft.AspNetCore.Mvc; @@ -12,7 +13,7 @@ public async Task OnGetAsync() // Clear the existing external cookie await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme); - return LocalRedirect(Url.Content("~/")); + return LocalRedirect(NavigationPages.Home); } } } diff --git a/CookieAuthenticationExample/Pages/Login.cshtml.cs b/CookieAuthenticationExample/Pages/Login.cshtml.cs index 4028d92..83f7424 100644 --- a/CookieAuthenticationExample/Pages/Login.cshtml.cs +++ b/CookieAuthenticationExample/Pages/Login.cshtml.cs @@ -3,6 +3,7 @@ using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc.RazorPages; using System.Security.Claims; +using CookieAuthenticationExample.Models; using CookieAuthenticationExample.Services; using Microsoft.AspNetCore.Authorization; @@ -21,9 +22,8 @@ public LoginModel(UserService userService) public async Task OnGetAsync(string paramUsername, string paramPassword) { if (string.IsNullOrEmpty(paramUsername) || string.IsNullOrEmpty(paramPassword)) - return LocalRedirect("/"); + return LocalRedirect(NavigationPages.Home); - string returnUrl = Url.Content("~/"); try { // Clear the existing external cookie @@ -35,7 +35,7 @@ public async Task OnGetAsync(string paramUsername, string paramPa if (!_userService.CheckDatabaseIfPasswordMatches(paramUsername, paramPassword)) { //no login possible - return LocalRedirect(returnUrl); + return LocalRedirect(NavigationPages.Home); } //todo get user roles from Database via UserService @@ -60,7 +60,7 @@ public async Task OnGetAsync(string paramUsername, string paramPa string error = ex.Message; } - return LocalRedirect(returnUrl); + return LocalRedirect(NavigationPages.Home); } } diff --git a/CookieAuthenticationExample/Shared/NavMenu.razor b/CookieAuthenticationExample/Shared/NavMenu.razor index 53ead44..3d8352f 100644 --- a/CookieAuthenticationExample/Shared/NavMenu.razor +++ b/CookieAuthenticationExample/Shared/NavMenu.razor @@ -1,4 +1,5 @@ -@inject NavigationManager NavigationManager +@using CookieAuthenticationExample.Models +@inject NavigationManager NavigationManager
@@ -17,12 +18,12 @@
- + Counter
`
- + Fetch data