From 487fd518e7d903f743d479840b36b851185eb326 Mon Sep 17 00:00:00 2001 From: Max Date: Sat, 13 Jul 2024 16:29:27 +0200 Subject: [PATCH] Custom auth implementation --- DotBased | 2 +- SharpRSS.Blazor/Components/Pages/Home.razor | 9 +++++ .../Components/Pages/TestAdmin.razor | 7 ++++ SharpRSS.Blazor/Components/Routes.razor | 7 ++++ SharpRSS.Blazor/Components/_Imports.razor | 9 ++++- SharpRSS.Blazor/Program.cs | 24 +++++++---- SharpRSS.Blazor/appsettings.Development.json | 10 +++++ .../Auth/SRSSAuthenticationStateProvider.cs | 40 ------------------- SharpRSS.Business/DependencyInjection.cs | 15 +++++-- SharpRSS.Business/SharpRSS.Business.csproj | 5 +++ .../Configuration/HstsConfiguration.cs | 2 +- SharpRSS.sln | 7 ++++ git-cmd.md | 2 +- 13 files changed, 82 insertions(+), 57 deletions(-) create mode 100644 SharpRSS.Blazor/Components/Pages/TestAdmin.razor delete mode 100644 SharpRSS.Business/Auth/SRSSAuthenticationStateProvider.cs diff --git a/DotBased b/DotBased index 03daea4..5341179 160000 --- a/DotBased +++ b/DotBased @@ -1 +1 @@ -Subproject commit 03daea46e78dfa97d3e4f85fa8035fef5c5ed446 +Subproject commit 5341179e9421b7d8c4e54ce4962fc856cef4d6ed diff --git a/SharpRSS.Blazor/Components/Pages/Home.razor b/SharpRSS.Blazor/Components/Pages/Home.razor index 19d6dfd..6e1ab80 100644 --- a/SharpRSS.Blazor/Components/Pages/Home.razor +++ b/SharpRSS.Blazor/Components/Pages/Home.razor @@ -4,4 +4,13 @@ Mud text! + + + Not autorized for role: 'test' + + + Role: 'test' found! + + + Welcome to your new app. \ No newline at end of file diff --git a/SharpRSS.Blazor/Components/Pages/TestAdmin.razor b/SharpRSS.Blazor/Components/Pages/TestAdmin.razor new file mode 100644 index 0000000..1bdff9b --- /dev/null +++ b/SharpRSS.Blazor/Components/Pages/TestAdmin.razor @@ -0,0 +1,7 @@ +@page "/TestAdmin" +@attribute [Authorize(Roles = "Admin")] +

TestAdmin

+ +@code { + +} \ No newline at end of file diff --git a/SharpRSS.Blazor/Components/Routes.razor b/SharpRSS.Blazor/Components/Routes.razor index ae94e9e..a977289 100644 --- a/SharpRSS.Blazor/Components/Routes.razor +++ b/SharpRSS.Blazor/Components/Routes.razor @@ -3,4 +3,11 @@ + + + @*TODO: Manage not found*@ + Not found! +

Page not found!

+ + \ No newline at end of file diff --git a/SharpRSS.Blazor/Components/_Imports.razor b/SharpRSS.Blazor/Components/_Imports.razor index 22cab9c..a7f89ce 100644 --- a/SharpRSS.Blazor/Components/_Imports.razor +++ b/SharpRSS.Blazor/Components/_Imports.razor @@ -1,14 +1,19 @@ @using System.Net.Http @using System.Net.Http.Json +@using Microsoft.AspNetCore.Authorization @using Microsoft.AspNetCore.Components.Forms @using Microsoft.AspNetCore.Components.Routing @using Microsoft.AspNetCore.Components.Web -@using static Microsoft.AspNetCore.Components.Web.RenderMode @using Microsoft.AspNetCore.Components.Web.Virtualization +@using Microsoft.AspNetCore.Components.Authorization @using Microsoft.JSInterop +@using static Microsoft.AspNetCore.Components.Web.RenderMode @*SharpRSS*@ @using SharpRSS.Blazor @using SharpRSS.Blazor.Components +@using SharpRSS.Blazor.Components.Layout @*MudBlazor*@ @using MudBlazor -@using MudBlazor.Components \ No newline at end of file +@using MudBlazor.Components +@*Authorize for the whole application*@ +@attribute [Authorize] \ No newline at end of file diff --git a/SharpRSS.Blazor/Program.cs b/SharpRSS.Blazor/Program.cs index b572233..6514e6c 100644 --- a/SharpRSS.Blazor/Program.cs +++ b/SharpRSS.Blazor/Program.cs @@ -4,9 +4,9 @@ using MudBlazor.Services; using SharpRSS.Blazor.Components; using SharpRSS.Business; using SharpRSS.Data; +using SharpRSS.Data.Domains.Configuration; var builder = WebApplication.CreateBuilder(args); - builder.UseSRSS(); builder.Services.AddBlazoredLocalStorage(); @@ -20,15 +20,22 @@ builder.Services.AddHttpContextAccessor(); // HttpContext accessor /* * HSTS config */ -builder.Services.AddHsts(options => +var hstsConfig = new HstsConfiguration(); +var configSection = builder.Configuration.GetSection($"HTTP:{HstsConfiguration.Hsts}"); +configSection.Bind(hstsConfig); +if (hstsConfig.EnableHsts) { - options.Preload = true; - options.IncludeSubDomains = true; - options.MaxAge = TimeSpan.FromDays(60); // For DEV = 60 days, PROD = 1 year -}); + builder.Services.AddHsts(options => + { + options.Preload = hstsConfig.Preload; + options.IncludeSubDomains = hstsConfig.IncludeSubdomains; + options.MaxAge = TimeSpan.FromSeconds(hstsConfig.MaxAgeSeconds); + }); +} var app = builder.Build(); +//TODO: Move to migrations var contextFactory = app.Services.GetService>(); if (contextFactory != null) { @@ -42,14 +49,15 @@ else if (!app.Environment.IsDevelopment()) { + app.UseDeveloperExceptionPage(); app.UseExceptionHandler("/Error", createScopeForErrors: true); - app.UseHsts(); } app.UseHttpsRedirection(); - app.UseStaticFiles(); app.UseAntiforgery(); +app.UseAuthentication(); +app.UseAuthorization(); app.MapRazorComponents() .AddInteractiveServerRenderMode(); diff --git a/SharpRSS.Blazor/appsettings.Development.json b/SharpRSS.Blazor/appsettings.Development.json index eedf5a9..c7523c3 100644 --- a/SharpRSS.Blazor/appsettings.Development.json +++ b/SharpRSS.Blazor/appsettings.Development.json @@ -42,5 +42,15 @@ "Properties": { "Application": "SharpRSS" } + }, + "HTTP": + { + "HSTS": + { + "EnableHSTS": true, + "MaxAgeSeconds": 300, + "IncludeSubdomains": true, + "Preload": true + } } } diff --git a/SharpRSS.Business/Auth/SRSSAuthenticationStateProvider.cs b/SharpRSS.Business/Auth/SRSSAuthenticationStateProvider.cs deleted file mode 100644 index a33cb2a..0000000 --- a/SharpRSS.Business/Auth/SRSSAuthenticationStateProvider.cs +++ /dev/null @@ -1,40 +0,0 @@ -using DotBased.Logging; -using Microsoft.AspNetCore.Components.Authorization; -using Microsoft.AspNetCore.Http; -using SharpRSS.Business.Services; - -namespace SharpRSS.Business.Auth; - -public class SRSSAuthenticationStateProvider : AuthenticationStateProvider -{ - public SRSSAuthenticationStateProvider(IHttpContextAccessor contextAccessor, AuthService authService) - { - _logger = LogService.RegisterLogger(typeof(SRSSAuthenticationStateProvider)); - if (contextAccessor.HttpContext != null) - _httpContext = contextAccessor.HttpContext; - else - { - var ex = new ApplicationException("HttpContext is null! Cannot setup authentication state provider!"); - _logger.Fatal(ex, "Failed to initialize authentication state provider!"); - throw ex; - } - _authService = authService; - } - - /* - * Services - */ - private readonly ILogger _logger; - private readonly HttpContext _httpContext; - private readonly AuthService _authService; - /* - * Consts - */ - private const string AuthIdName = "srss_auth_id"; - - public override Task GetAuthenticationStateAsync() - { - _logger.Debug("Getting authentication state..."); - throw new NotImplementedException(); - } -} \ No newline at end of file diff --git a/SharpRSS.Business/DependencyInjection.cs b/SharpRSS.Business/DependencyInjection.cs index b208555..cec002c 100644 --- a/SharpRSS.Business/DependencyInjection.cs +++ b/SharpRSS.Business/DependencyInjection.cs @@ -1,17 +1,17 @@ +using DotBased.ASP.Auth; +using DotBased.ASP.Auth.Scheme; using DotBased.Logging; using DotBased.Logging.Serilog; using Microsoft.AspNetCore.Builder; -using Microsoft.AspNetCore.Components.Authorization; using Microsoft.EntityFrameworkCore; using Microsoft.Extensions.Configuration; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Logging; using Microsoft.EntityFrameworkCore.Diagnostics; using Serilog; -using SharpRSS.Business.Auth; -using SharpRSS.Business.Services; using SharpRSS.Core.Configuration; using SharpRSS.Data; +using AuthService = SharpRSS.Business.Services.AuthService; namespace SharpRSS.Business; @@ -68,7 +68,14 @@ public static class DependencyInjection /* * Authentication */ - builder.Services.AddScoped(); + builder.Services.UseBasedAuth(options => + { + options.AllowRegistration = false; + options.AuthenticationStateMaxAgeBeforeExpire = TimeSpan.FromDays(7); + options.LoginPath = "/auth/login"; + options.LogoutPath = "/auth/logout"; + }); + builder.Services.AddCascadingAuthenticationState(); //TODO: Auth, Settings return builder; diff --git a/SharpRSS.Business/SharpRSS.Business.csproj b/SharpRSS.Business/SharpRSS.Business.csproj index 5ac63b4..0005ffc 100644 --- a/SharpRSS.Business/SharpRSS.Business.csproj +++ b/SharpRSS.Business/SharpRSS.Business.csproj @@ -7,6 +7,7 @@ + @@ -36,4 +37,8 @@ + + + + diff --git a/SharpRSS.Data/Domains/Configuration/HstsConfiguration.cs b/SharpRSS.Data/Domains/Configuration/HstsConfiguration.cs index d958bfd..2f5d0e2 100644 --- a/SharpRSS.Data/Domains/Configuration/HstsConfiguration.cs +++ b/SharpRSS.Data/Domains/Configuration/HstsConfiguration.cs @@ -5,7 +5,7 @@ public class HstsConfiguration public const string Hsts = "HSTS"; public bool EnableHsts { get; set; } - public long MaxAgeSeconds { get; set; } + public double MaxAgeSeconds { get; set; } public bool IncludeSubdomains { get; set; } public bool Preload { get; set; } } \ No newline at end of file diff --git a/SharpRSS.sln b/SharpRSS.sln index 385baa8..bc27ca7 100755 --- a/SharpRSS.sln +++ b/SharpRSS.sln @@ -17,6 +17,8 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DotBased", "DotBased\DotBas EndProject Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DotBased.Logging.Serilog", "DotBased\DotBased.Logging.Serilog\DotBased.Logging.Serilog.csproj", "{49F07625-B92C-439B-AC3E-7DEB26EA15D4}" EndProject +Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DotBased.ASP.Auth", "DotBased\DotBased.ASP.Auth\DotBased.ASP.Auth.csproj", "{18CEAA37-B46A-4543-9E7B-5BF12CFF9172}" +EndProject Global GlobalSection(SolutionConfigurationPlatforms) = preSolution Debug|Any CPU = Debug|Any CPU @@ -47,6 +49,10 @@ Global {49F07625-B92C-439B-AC3E-7DEB26EA15D4}.Debug|Any CPU.Build.0 = Debug|Any CPU {49F07625-B92C-439B-AC3E-7DEB26EA15D4}.Release|Any CPU.ActiveCfg = Release|Any CPU {49F07625-B92C-439B-AC3E-7DEB26EA15D4}.Release|Any CPU.Build.0 = Release|Any CPU + {18CEAA37-B46A-4543-9E7B-5BF12CFF9172}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {18CEAA37-B46A-4543-9E7B-5BF12CFF9172}.Debug|Any CPU.Build.0 = Debug|Any CPU + {18CEAA37-B46A-4543-9E7B-5BF12CFF9172}.Release|Any CPU.ActiveCfg = Release|Any CPU + {18CEAA37-B46A-4543-9E7B-5BF12CFF9172}.Release|Any CPU.Build.0 = Release|Any CPU EndGlobalSection GlobalSection(SolutionProperties) = preSolution HideSolutionNode = FALSE @@ -57,5 +63,6 @@ Global GlobalSection(NestedProjects) = preSolution {F2BA5122-C9EE-4E65-B3EF-987D797AEAB0} = {A73E4832-235F-4032-825E-3A928199A5DF} {49F07625-B92C-439B-AC3E-7DEB26EA15D4} = {A73E4832-235F-4032-825E-3A928199A5DF} + {18CEAA37-B46A-4543-9E7B-5BF12CFF9172} = {A73E4832-235F-4032-825E-3A928199A5DF} EndGlobalSection EndGlobal diff --git a/git-cmd.md b/git-cmd.md index e6cee7a..1011ffd 100755 --- a/git-cmd.md +++ b/git-cmd.md @@ -12,7 +12,7 @@ git submodule update --init --recursive ## Submodule commit -cd +cd git add .