Auth integration

2026-05-22 10:28:02 +02:00
parent 64c5f6aa2c
commit 7ab824e7c1
39 changed files with 681 additions and 57 deletions
@@ -1,3 +1,6 @@
+using System.Security.Claims;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authentication.Cookies;
 using Microsoft.EntityFrameworkCore;
 using MudBlazor.Services;
 using timetracker.Components;
@@ -5,6 +8,19 @@ using timetracker.Data;

 var builder = WebApplication.CreateBuilder(args);

+builder.Services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
+    .AddCookie(options =>
+    {
+        options.LoginPath = "/login";
+        options.LogoutPath = "/auth/logout";
+        options.ExpireTimeSpan = TimeSpan.FromDays(30);
+        options.SlidingExpiration = true;
+    });
+builder.Services.AddAuthorization();
+builder.Services.AddCascadingAuthenticationState();
+builder.Services.AddHttpContextAccessor();
+builder.Services.AddScoped<AuthService>();
+
 // Add services to the container.
 builder.Services.AddRazorComponents()
    .AddInteractiveServerComponents();
@@ -39,10 +55,60 @@ if (app.Configuration.GetValue("EnableHttpsRedirect", !app.Environment.IsDevelop
    app.UseHttpsRedirection();
 }

+app.UseAuthentication();
+app.UseAuthorization();
+
 app.UseAntiforgery();

 app.MapStaticAssets();
 app.MapRazorComponents<App>()
    .AddInteractiveServerRenderMode();

+// ── Auth-Endpoints ────────────────────────────────────────────────────────────
+app.MapPost("/auth/login", async (HttpContext ctx, AuthService authService) =>
+{
+    var form = await ctx.Request.ReadFormAsync();
+    var username = form["username"].ToString();
+    var password = form["password"].ToString();
+    var user = await authService.LoginAsync(username, password);
+    if (user == null)
+        return Results.Redirect("/login?error=invalid");
+
+    var claims = new[] {
+        new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
+        new Claim(ClaimTypes.Name, user.Username)
+    };
+    var identity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
+    await ctx.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme,
+        new ClaimsPrincipal(identity),
+        new AuthenticationProperties { IsPersistent = true });
+    return Results.Redirect("/");
+}).DisableAntiforgery();
+
+app.MapPost("/auth/register", async (HttpContext ctx, AuthService authService) =>
+{
+    var form = await ctx.Request.ReadFormAsync();
+    var username = form["username"].ToString();
+    var password = form["password"].ToString();
+    var (user, error) = await authService.RegisterAsync(username, password);
+    if (user == null)
+        return Results.Redirect($"/login?tab=register&error={Uri.EscapeDataString(error!)}");
+
+    var claims = new[] {
+        new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
+        new Claim(ClaimTypes.Name, user.Username)
+    };
+    var identity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
+    await ctx.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme,
+        new ClaimsPrincipal(identity),
+        new AuthenticationProperties { IsPersistent = true });
+    return Results.Redirect("/");
+}).DisableAntiforgery();
+
+app.MapGet("/auth/logout", async (HttpContext ctx) =>
+{
+    await ctx.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
+    return Results.Redirect("/login");
+});
+
 app.Run();