diff --git a/ShopAdmin/Components/Pages/Login.razor b/ShopAdmin/Components/Pages/Login.razor index 3673380..deec9c9 100644 --- a/ShopAdmin/Components/Pages/Login.razor +++ b/ShopAdmin/Components/Pages/Login.razor @@ -1,5 +1,7 @@ @page "/login" @using Microsoft.AspNetCore.Components.Authorization +@inject NavigationManager Navigation +@rendermode InteractiveServer
@@ -67,8 +69,16 @@ [CascadingParameter] private Task? AuthState { get; set; } - private void HandleLogin() + protected override async Task OnInitializedAsync() { - // Wire up your OAuth / OpenID Connect Redirect or Auth trigger state here + if (AuthState is not null) + { + var state = await AuthState; + + if (state.User.Identity?.IsAuthenticated ?? false) + Navigation.NavigateTo("/", replace: true); + } } + + private void HandleLogin() => Navigation.NavigateTo("/auth/login", forceLoad: true); } \ No newline at end of file diff --git a/ShopAdmin/Program.cs b/ShopAdmin/Program.cs index 821838b..a145f05 100644 --- a/ShopAdmin/Program.cs +++ b/ShopAdmin/Program.cs @@ -1,5 +1,6 @@ using LiteCharms.Features.Extensions; using LiteCharms.Features.Mediator; +using Microsoft.AspNetCore.Authentication; using ShopAdmin.Components; using static LiteCharms.Features.Email.Extensions.Constants; @@ -8,6 +9,8 @@ var builder = WebApplication.CreateBuilder(args); builder.Services.AddRazorComponents() .AddInteractiveServerComponents(); +builder.Services.AddCascadingAuthenticationState(); + builder.AddMonitoring(); builder.Services.AddControllers(); @@ -33,6 +36,37 @@ builder.Services.AddPostgresHealtchCheck(); builder.Services.AddQuartzHealtchCheck(); builder.Services.AddHealthChecksSupport(builder.Configuration); +builder.Services.AddAuthentication(options => +{ + options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme; + options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme; +}) +.AddCookie() +.AddOpenIdConnect(options => +{ + options.Authority = builder.Configuration.GetSection("IdKongisa:Authority").Value; + options.ClientId = builder.Configuration.GetSection("IdKongisa:ClientId").Value; + options.ClientSecret = builder.Configuration.GetSection("IdKongisa:ClientSecret").Value; + + options.ResponseType = "code"; + options.SaveTokens = true; + + options.GetClaimsFromUserInfoEndpoint = true; + + options.MetadataAddress = $"{options.Authority}/.well-known/openid-configuration"; + + options.Scope.Clear(); + options.Scope.Add("openid"); + options.Scope.Add("profile"); + options.Scope.Add("email"); + + options.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters + { + NameClaimType = "name", + RoleClaimType = "groups" + }; +}); + var app = builder.Build(); var schedulerFactory = app.Services.GetRequiredService(); @@ -53,11 +87,19 @@ app.UseHealthChecks("/health", new HealthCheckOptions }); app.UseStatusCodePagesWithReExecute("/not-found", createScopeForStatusCodePages: true); -app.UseHttpsRedirection(); +app.UseHttpsRedirection(); app.UseAntiforgery(); +app.UseAuthentication(); +app.UseAuthorization(); + app.MapStaticAssets(); + +app.MapGet("/auth/login", (string redirectUri = "/") => + Results.Challenge(new AuthenticationProperties { RedirectUri = redirectUri },[OpenIdConnectDefaults.AuthenticationScheme])); +app.MapGet("/auth/logout", () => Results.SignOut(new AuthenticationProperties { RedirectUri = "/" }, [CookieAuthenticationDefaults.AuthenticationScheme, OpenIdConnectDefaults.AuthenticationScheme])); + app.MapRazorComponents() .AddInteractiveServerRenderMode(); diff --git a/ShopAdmin/ShopAdmin.csproj b/ShopAdmin/ShopAdmin.csproj index 0eb2409..309dd4e 100644 --- a/ShopAdmin/ShopAdmin.csproj +++ b/ShopAdmin/ShopAdmin.csproj @@ -20,6 +20,15 @@ + + + + + + + + + diff --git a/ShopAdmin/appsettings.json b/ShopAdmin/appsettings.json index 417425d..7eb3aaa 100644 --- a/ShopAdmin/appsettings.json +++ b/ShopAdmin/appsettings.json @@ -1,4 +1,7 @@ { + "IdKongisa": { + "Authority": "https://id.khongisa.co.za/application/o/litecharms-shopadmin" + }, "Email": { "Credentials": { "Username": "shop@litecharms.co.za"