login user, x-session
This commit is contained in:
parent
f1b13b2877
commit
c823f5ce9b
@ -5,18 +5,25 @@
|
||||
|
||||
<div class="container">
|
||||
<h1 class="my-4">Login</h1>
|
||||
<div class="row">
|
||||
<div class="col">
|
||||
<div class="alert alert-danger alert-validation">
|
||||
@Html.ValidationSummary()
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="row">
|
||||
<div class="col-12 col-md-8 col-lg-6 col-xl-5">
|
||||
<form>
|
||||
<form method="post">
|
||||
<div class="row">
|
||||
<div class="col"><label class="form-label">Email</label><input id="Email" class="form-control mb-3" type="email" /></div>
|
||||
<div class="col"><label class="form-label" for="Email">Email</label><input id="Email" class="form-control mb-3" type="email" asp-for="Email" required /></div>
|
||||
</div>
|
||||
<div class="row">
|
||||
<div class="col"><label class="form-label">Password</label><input id="Password-2" class="form-control mb-3" type="password" /></div>
|
||||
<div class="col"><label class="form-label" for="Password">Password</label><input id="Password" class="form-control mb-3" type="password" asp-for="Password" required /></div>
|
||||
</div>
|
||||
<div class="row mt-3 mb-0">
|
||||
<div class="col">
|
||||
<button class="btn btn-primary btn-lg" type="button">Login</button>
|
||||
<button class="btn btn-primary btn-lg" type="submit">Login</button>
|
||||
<a href="/Register" class="btn btn-outline-primary btn-lg ms-1" type="button">Register </a>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
@ -1,12 +1,80 @@
|
||||
using System.ComponentModel.DataAnnotations;
|
||||
using System.Security.Claims;
|
||||
using EnotaryoPH.Data;
|
||||
using EnotaryoPH.Web.Common.Services;
|
||||
using Microsoft.AspNetCore.Authentication;
|
||||
using Microsoft.AspNetCore.Authentication.Cookies;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.AspNetCore.Mvc.RazorPages;
|
||||
using Microsoft.EntityFrameworkCore;
|
||||
|
||||
namespace EnotaryoPH.Web.Pages
|
||||
{
|
||||
public class LoginModel : PageModel
|
||||
{
|
||||
public void OnGet()
|
||||
private readonly IPasswordService _passwordService;
|
||||
private readonly NotaryoDBContext _notaryoDBContext;
|
||||
|
||||
public LoginModel(IPasswordService passwordService, NotaryoDBContext notaryoDBContext)
|
||||
{
|
||||
_passwordService = passwordService;
|
||||
_notaryoDBContext = notaryoDBContext;
|
||||
}
|
||||
|
||||
public async Task<IActionResult> OnGetAsync() => Page();
|
||||
|
||||
public async Task<IActionResult> OnGetLogoutAsync()
|
||||
{
|
||||
await HttpContext.SignOutAsync();
|
||||
return RedirectToPage("/Login");
|
||||
}
|
||||
|
||||
public async Task<IActionResult> OnPostAsync()
|
||||
{
|
||||
if (!ModelState.IsValid)
|
||||
{
|
||||
return Page();
|
||||
}
|
||||
|
||||
var user = _notaryoDBContext.Users.FirstOrDefault(u => EF.Functions.Like(u.Email, Email));
|
||||
if (user == null)
|
||||
{
|
||||
ModelState.AddModelError("", "Invalid Email or Password");
|
||||
return Page();
|
||||
}
|
||||
|
||||
if (!_passwordService.VerifyHashedPassword(user.PasswordHash, Password))
|
||||
{
|
||||
ModelState.AddModelError("", "Invalid Email or Password");
|
||||
return Page();
|
||||
}
|
||||
|
||||
var claims = new List<Claim>
|
||||
{
|
||||
new("User_UID", user.User_UID.ToString()),
|
||||
new(ClaimTypes.Name, user.Email),
|
||||
new(ClaimTypes.Email, user.Email),
|
||||
new(ClaimTypes.Role, user.Role)
|
||||
};
|
||||
var claimsIdentity = new ClaimsIdentity(
|
||||
claims, CookieAuthenticationDefaults.AuthenticationScheme);
|
||||
var authProperties = new AuthenticationProperties();
|
||||
|
||||
await HttpContext.SignInAsync(
|
||||
CookieAuthenticationDefaults.AuthenticationScheme,
|
||||
new ClaimsPrincipal(claimsIdentity),
|
||||
authProperties);
|
||||
|
||||
return RedirectToPage("/Principal/Dashboard");
|
||||
}
|
||||
|
||||
[Required]
|
||||
[EmailAddress]
|
||||
[BindProperty]
|
||||
public string Email { get; set; }
|
||||
|
||||
[Required]
|
||||
[BindProperty]
|
||||
public string Password { get; set; }
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -31,7 +31,12 @@
|
||||
<ul class="navbar-nav ms-auto">
|
||||
<li class="nav-item"><a class="nav-link active" href="/">Home</a></li>
|
||||
</ul>
|
||||
<a class="btn btn-primary ms-md-2" role="button" href="/Login">Login</a>
|
||||
@if (User.Identity?.IsAuthenticated ?? false) {
|
||||
<a class="btn btn-primary ms-md-2" role="button" href="/Login?handler=Logout">Logout</a>
|
||||
}
|
||||
else {
|
||||
<a class="btn btn-primary ms-md-2" role="button" href="/Login">Login</a>
|
||||
}
|
||||
</div>
|
||||
</div>
|
||||
</nav>
|
||||
@ -43,7 +48,8 @@
|
||||
<ul class="list-inline">
|
||||
<li class="list-inline-item me-4"><a class="link-secondary" href="blank.html">Privacy</a></li>
|
||||
<li class="list-inline-item me-4"><a class="link-secondary" href="blank.html">FAQ</a></li>
|
||||
<li class="list-inline-item"><a class="link-secondary" href="contactus.html">Contact Us</a></li>
|
||||
<li class="list-inline-item me-4"><a class="link-secondary" href="contactus.html">Contact Us</a></li>
|
||||
<li class="list-inline-item me-4"><a class="link-secondary" href="contactus.html">Found a bug?</a></li>
|
||||
</ul>
|
||||
<p class="mb-0">Copyright © 2024 Enotaryo</p>
|
||||
</div>
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
using EnotaryoPH.Data;
|
||||
using EnotaryoPH.Web.Common.Services;
|
||||
using Microsoft.AspNetCore.Authentication.Cookies;
|
||||
|
||||
namespace EnotaryoPH.Web
|
||||
{
|
||||
@ -10,9 +11,14 @@ namespace EnotaryoPH.Web
|
||||
var builder = WebApplication.CreateBuilder(args);
|
||||
|
||||
// Add services to the container.
|
||||
builder.Services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
|
||||
.AddCookie(CookieAuthenticationDefaults.AuthenticationScheme,
|
||||
options => options.LoginPath = new Microsoft.AspNetCore.Http.PathString("/Login"));
|
||||
builder.Services.AddRazorPages();
|
||||
builder.Services.AddDbContext<NotaryoDBContext>();
|
||||
builder.Services.AddTransient<IPasswordService, PasswordService>();
|
||||
builder.Services.AddHttpContextAccessor();
|
||||
builder.Services.AddSession(options => options.IdleTimeout = TimeSpan.FromMinutes(120));
|
||||
|
||||
var app = builder.Build();
|
||||
|
||||
@ -23,6 +29,23 @@ namespace EnotaryoPH.Web
|
||||
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
|
||||
app.UseHsts();
|
||||
}
|
||||
app.UseSession();
|
||||
app.Use(async (context, next) =>
|
||||
{
|
||||
var key = "X-Session-ID";
|
||||
var value = context.Request.Cookies[key];
|
||||
if (string.IsNullOrEmpty(value))
|
||||
{
|
||||
value = context.Session.Id;
|
||||
}
|
||||
|
||||
if (string.IsNullOrEmpty(context.Session.GetString(key)))
|
||||
{
|
||||
context.Session.SetString(key, value);
|
||||
}
|
||||
context.Response.Cookies.Append(key, value);
|
||||
await next.Invoke();
|
||||
});
|
||||
|
||||
app.UseHttpsRedirection();
|
||||
|
||||
|
||||
@ -125,5 +125,16 @@ a span.sidemenu__menuitem__text {
|
||||
}
|
||||
|
||||
.input-validation-error {
|
||||
border: solid 1px var(--bs-danger)
|
||||
border: solid 1px var(--bs-danger);
|
||||
}
|
||||
|
||||
.validation-summary-errors {
|
||||
background-color: var(--bs-alert-bg);
|
||||
color: var(--bs-danger-text-emphasis);
|
||||
border-color: var(--bs-alert-border-color);
|
||||
padding: 1rem;
|
||||
}
|
||||
|
||||
.alert-validation:not(:has(.validation-summary-errors)) {
|
||||
display: none;
|
||||
}
|
||||
Loading…
x
Reference in New Issue
Block a user