Merge pull request 'mock-data' (#41) from mock-data into main

Reviewed-on: #41

MidrandBookshop/Components/Layout/MainLayout.razor

@@ -167,7 +167,7 @@
                             <path d="M20 21v-2a4 4 0 0 0-4-4H8a4 4 0 0 0-4 4v2" />
                             <circle cx="12" cy="7" r="4" />
                         </svg>
-                        LogIn
+                        Account
                     </a>
 
                     <a href="/profile" class="btn btn-sm btn-dark rounded-circle d-inline-flex d-md-none align-items-center justify-content-center border-0 p-0 shadow-sm"

MidrandBookshop/Components/Pages/Profile.razor

@@ -1,6 +1,11 @@
 @page "/profile"
+@using Microsoft.AspNetCore.Components.Authorization
+@inject NavigationManager Navigation
+@rendermode InteractiveServer
 
-<div class="container py-5">
+<AuthorizeView>
+    <Authorized>
+        <div class="container py-5">
             <h2 class="fw-bold mb-5 tracking-tight">My Account</h2>
             <div class="row g-5">
                 <div class="col-md-3">
@@ -9,7 +14,7 @@
                         <button class="nav-link text-start" data-bs-toggle="pill" data-bs-target="#shipping" role="tab">Shipping Address</button>
                         <button class="nav-link text-start" data-bs-toggle="pill" data-bs-target="#profile" role="tab">Profile Settings</button>
                         <hr />
-                <button class="nav-link text-danger text-start">Logout</button>
+                        <button class="nav-link text-danger text-start" @onclick="TriggerLogout">Logout</button>
                     </div>
                 </div>
 
@@ -192,7 +197,13 @@
                     </div>
                 </div>
             </div>
-</div>
+        </div>
+    </Authorized>
+    
+    <NotAuthorized>
+        <RedirectToLogin />
+    </NotAuthorized>
+</AuthorizeView>
 
 @code {
     private bool showAddForm = false;
@@ -216,6 +227,8 @@
         new AddressItem { Id = 3, Name = "Midrand Books Warehouse", Street = "Unit 8, Corporate Park North", City = "Randjespark", PostalCode = "1683", IsBilling = false, IsShipping = true, IsPrimary = false }
     };
 
+    private void TriggerLogout() => Navigation.NavigateTo("/logout", forceLoad: true);
+
     private void DownloadInvoice(string orderId)
     {
         // Handle invoice downloading logic here

MidrandBookshop/Components/RedirectToLogin.razor

@@ -0,0 +1,10 @@
+@inject NavigationManager Navigation
+
+@code {
+    protected override void OnInitialized()
+    {
+        var returnUrl = Navigation.ToBaseRelativePath(Navigation.Uri);
+
+        Navigation.NavigateTo($"/login?redirectUri={Uri.EscapeDataString(returnUrl)}", forceLoad: true);
+    }
+}

MidrandBookshop/Components/Routes.razor

@@ -1,7 +1,14 @@
-@using MidrandBookshop.Components.Pages
-<Router AppAssembly="@typeof(Program).Assembly">
+@using Microsoft.AspNetCore.Components.Authorization
+@using MidrandBookshop.Components.Pages
+
+<CascadingAuthenticationState>
+    <Router AppAssembly="@typeof(Program).Assembly">
         <Found Context="routeData">
-        <RouteView RouteData="@routeData" DefaultLayout="@typeof(MainLayout)" />
+            <AuthorizeRouteView RouteData="@routeData" DefaultLayout="@typeof(MainLayout)">
+                <NotAuthorized>                    
+                    <RedirectToLogin />
+                </NotAuthorized>
+            </AuthorizeRouteView>
             <FocusOnNavigate RouteData="@routeData" Selector="h1" />
         </Found>
         <NotFound>
@@ -9,4 +16,5 @@
                 <NotFound />
             </LayoutView>
         </NotFound>
-</Router>
+    </Router>
+</CascadingAuthenticationState>

MidrandBookshop/MidrandBookshop.csproj

@@ -18,13 +18,13 @@
   </ItemGroup>
 
   <ItemGroup>
-    <PackageReference Include="LiteCharms.Features" Version="1.71.0" />
+    <PackageReference Include="LiteCharms.Features" Version="1.82.0" />
   </ItemGroup>
 
   <!-- UI -->
   <ItemGroup>
     <PackageReference Include="ANM.Blazored.Toast" Version="0.1.1" />
-    <PackageReference Include="LiteCharms.Features.MidrandBooks" Version="1.71.0" />
+    <PackageReference Include="LiteCharms.Features.MidrandBooks" Version="1.82.0" />
     
     <!-- Global Usings -->
     <Using Include="Blazored.Toast.Services" />

MidrandBookshop/Program.cs

@@ -1,9 +1,12 @@
 using LiteCharms.Features.Extensions;
 using LiteCharms.Features.Mediator;
 using LiteCharms.Features.MidrandBooks.Extensions;
+using Microsoft.AspNetCore.HttpOverrides;
 using MidrandBookshop.Components;
 using static LiteCharms.Features.Extensions.Quartz;
 
+AppContext.SetSwitch("Microsoft.IdentityModel.DisableTelemetry", true);
+
 var builder = WebApplication.CreateBuilder(args);
 
 builder.Services.AddRazorComponents()
@@ -13,6 +16,7 @@ builder.AddMonitoring();
 builder.Services.AddEndpointsApiExplorer();
 
 builder.Services.AddMediator();
+builder.Services.AddAuthentikUiSecurity(builder.Configuration);
 
 builder.Services.AddScoped(typeof(IPipelineBehavior<,>), typeof(TelemetryPipelineBehavior<,>));
 builder.Services.AddScoped(typeof(IPipelineBehavior<,>), typeof(LoggingPipelineBehavior<,>));
@@ -30,9 +34,19 @@ builder.Services.AddMidrandShopDatabase(builder.Configuration);
 builder.Services.AddMidrandShopPostgresHealthCheck();
 builder.Services.AddMidrandShopQuartzHealthCheck();
 builder.Services.AddHealthChecksSupport(builder.Configuration);
+builder.Services.AddCascadingAuthenticationState();
+
+builder.Services.Configure<ForwardedHeadersOptions>(options =>
+{
+    options.ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto;
+    options.KnownProxies.Clear();
+});
 
 var app = builder.Build();
 
+app.UseForwardedHeaders();
+app.AddSecurityEndpoints();
+
 var schedulerFactory = app.Services.GetRequiredService<ISchedulerFactory>();
 var scheduler = await schedulerFactory.GetScheduler(MidrandShopSchedulerName);
 

MidrandBookshop/appsettings.json

@@ -1,4 +1,9 @@
 {
+  "AuthentikSettings": {
+    "Authority": "https://id.khongisa.co.za/application/o/midrand-books-uat/",
+    "MetadataEndpoint": "https://id.khongisa.co.za/application/o/midrand-books-uat/.well-known/openid-configuration",
+    "RevokationEndpoint": "https://id.khongisa.co.za/application/o/revoke/"
+  },
   "HasherSettings": {
     "MinHashLength": 11
   },

midrandbooks-uat.yml

@@ -26,6 +26,9 @@ data:
   ValidPayfastHosts__4: "ips.payfast.co.za"
   ValidPayfastHosts__5: "api.payfast.co.za"
   ValidPayfastHosts__6: "payment.payfast.io"
+  AuthentikSettings__Authority: "https://id.khongisa.co.za/application/o/midrand-books-api-uat/"
+  AuthentikSettings__MetadataEndpoint: "https://id.khongisa.co.za/application/o/midrand-books-uat/.well-known/openid-configuration"
+  AuthentikSettings__RevokationEndpoint: "https://id.khongisa.co.za/application/o/revoke/"
 ---
 apiVersion: v1
 kind: Secret
@@ -41,6 +44,8 @@ data:
   hasher-payfastpassphrase: OUdBSVIwdFdwaFgwcU8=
   bookshop-s3-accesskey: R0s1MTRkMmNlOGRjNjkyMzdhMDVjMDFlZWY=
   bookshop-s3-secretkey: ZWFhZmVkYTFhZWQ0MDllY2ZlNjA3MTRlY2RhNTQ5YjgyYmRmNWEzZGFmOWYxOGRkNjFmNjZiNDk3M2E2NDgyZQ==
+  authentik-clientid: Nm9oZk1lSndQNWR0YWY1RFMzZU9MY2NNSHF6WXlma1YzRTNGeE5Tbw==
+  authentik-clientsecret: TXV2a0FLQklHR3BkdEsyaFlabVU1dFRaUmNuM2FhRzhoMWhlVE1nazFYOGVwczYyMzNCS0REWGdpNXo0T01RalVzMGZEUEFmakpmVVRNN1h3ZjllMU01MTQyVGlvOXRycUdmZTM1THhPaExEUnp6N2gxSm5jVkNLYXZXUllndmQ=
 ---
 apiVersion: v1
 kind: PersistentVolumeClaim
@@ -93,6 +98,16 @@ spec:
             - configMapRef:
                 name: midrandbooks-config
           env:
+            - name: AuthentikSettings__ClientId
+              valueFrom:
+                secretKeyRef:
+                  name: midrandbooksapi-secrets
+                  key: authentik-clientid
+            - name: AuthentikSettings__ClientSecret
+              valueFrom:
+                secretKeyRef:
+                  name: midrandbooksapi-secrets
+                  key: authentik-clientsecret
             - name: BookshopS3Settings__AccessKey
               valueFrom:
                 secretKeyRef: