♻️ I have no idea what am I doing. Might be mixing stuff
This commit is contained in:
@@ -1,225 +0,0 @@
|
||||
@page "//account/profile"
|
||||
@model DysonNetwork.Sphere.Pages.Account.ProfileModel
|
||||
@{
|
||||
ViewData["Title"] = "Profile";
|
||||
}
|
||||
|
||||
@if (Model.Account != null)
|
||||
{
|
||||
<div class="p-4 sm:p-8 bg-base-200">
|
||||
<div class="max-w-6xl mx-auto">
|
||||
<!-- Header -->
|
||||
<div class="mb-8">
|
||||
<h1 class="text-3xl font-bold">Profile Settings</h1>
|
||||
<p class="text-base-content/70 mt-2">Manage your account information and preferences</p>
|
||||
</div>
|
||||
|
||||
<!-- Two Column Layout -->
|
||||
<div class="flex flex-col md:flex-row gap-6">
|
||||
<!-- Left Pane - Profile Card -->
|
||||
<div class="w-full md:w-1/3 lg:w-1/4">
|
||||
<div class="card bg-base-100 shadow-xl sticky top-8">
|
||||
<div class="card-body items-center text-center">
|
||||
<!-- Avatar -->
|
||||
<div class="avatar avatar-placeholder mb-4">
|
||||
<div class="bg-neutral text-neutral-content rounded-full w-32">
|
||||
<span class="text-4xl">@Model.Account.Name?[..1].ToUpper()</span>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<!-- Basic Info -->
|
||||
<h2 class="card-title">@Model.Account.Nick</h2>
|
||||
<p class="font-mono text-sm">@@@Model.Account.Name</p>
|
||||
|
||||
<!-- Stats -->
|
||||
<div class="stats stats-vertical shadow mt-4">
|
||||
<div class="stat">
|
||||
<div class="stat-title">Level</div>
|
||||
<div class="stat-value">@Model.Account.Profile.Level</div>
|
||||
</div>
|
||||
<div class="stat">
|
||||
<div class="stat-title">XP</div>
|
||||
<div class="stat-value">@Model.Account.Profile.Experience</div>
|
||||
</div>
|
||||
<div class="stat">
|
||||
<div class="stat-title">Member since</div>
|
||||
<div class="stat-value">@Model.Account.CreatedAt.ToDateTimeUtc().ToString("yyyy/MM")</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<!-- Right Pane - Tabbed Content -->
|
||||
<div class="flex-1">
|
||||
<div role="tablist" class="tabs tabs-lift w-full">
|
||||
<input type="radio" name="profile-tabs" role="tab" class="tab" aria-label="Profile" checked />
|
||||
<div role="tabpanel" class="tab-content bg-base-100 border-base-300 p-6">
|
||||
<h2 class="text-xl font-semibold mb-6">Profile Information</h2>
|
||||
|
||||
<div class="grid grid-cols-1 md:grid-cols-2 gap-6">
|
||||
<div>
|
||||
<h3 class="text-lg font-medium mb-4">Basic Information</h3>
|
||||
<dl class="space-y-4">
|
||||
<div>
|
||||
<dt class="text-sm font-medium text-base-content/70">Full Name</dt>
|
||||
<dd class="mt-1 text-sm">@($"{Model.Account.Profile.FirstName} {Model.Account.Profile.MiddleName} {Model.Account.Profile.LastName}".Trim())</dd>
|
||||
</div>
|
||||
<div>
|
||||
<dt class="text-sm font-medium text-base-content/70">Username</dt>
|
||||
<dd class="mt-1 text-sm">@Model.Account.Name</dd>
|
||||
</div>
|
||||
<div>
|
||||
<dt class="text-sm font-medium text-base-content/70">Nickname</dt>
|
||||
<dd class="mt-1 text-sm">@Model.Account.Nick</dd>
|
||||
</div>
|
||||
<div>
|
||||
<dt class="text-sm font-medium text-base-content/70">Gender</dt>
|
||||
<dd class="mt-1 text-sm">@Model.Account.Profile.Gender</dd>
|
||||
</div>
|
||||
</dl>
|
||||
</div>
|
||||
|
||||
<div>
|
||||
<h3 class="text-lg font-medium mb-4">Additional Details</h3>
|
||||
<dl class="space-y-4">
|
||||
<div>
|
||||
<dt class="text-sm font-medium text-base-content/70">Location</dt>
|
||||
<dd class="mt-1 text-sm">@Model.Account.Profile.Location</dd>
|
||||
</div>
|
||||
<div>
|
||||
<dt class="text-sm font-medium text-base-content/70">Birthday</dt>
|
||||
<dd class="mt-1 text-sm">@Model.Account.Profile.Birthday?.ToString("MMMM d, yyyy", System.Globalization.CultureInfo.InvariantCulture)</dd>
|
||||
</div>
|
||||
<div>
|
||||
<dt class="text-sm font-medium text-base-content/70">Bio</dt>
|
||||
<dd class="mt-1 text-sm">@(string.IsNullOrEmpty(Model.Account.Profile.Bio) ? "No bio provided" : Model.Account.Profile.Bio)</dd>
|
||||
</div>
|
||||
</dl>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<input type="radio" name="profile-tabs" role="tab" class="tab" aria-label="Security" />
|
||||
<div role="tabpanel" class="tab-content bg-base-100 border-base-300 p-6">
|
||||
<h2 class="text-xl font-semibold mb-2">Security Settings</h2>
|
||||
|
||||
<div class="space-y-6">
|
||||
<div class="card bg-base-300 shadow-xl">
|
||||
<div class="card-body">
|
||||
<h3 class="card-title">Access Token</h3>
|
||||
<p>Use this token to authenticate with the API</p>
|
||||
<div class="form-control">
|
||||
<div class="join">
|
||||
<input type="password" id="accessToken" value="@Model.AccessToken" readonly class="input input-bordered join-item flex-grow" />
|
||||
<button onclick="copyAccessToken()" class="btn join-item">Copy</button>
|
||||
</div>
|
||||
</div>
|
||||
<p class="text-sm text-base-content/70 mt-2">Keep this token secure and do not share it with anyone.</p>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<input type="radio" name="profile-tabs" role="tab" class="tab" aria-label="Sessions" />
|
||||
<div role="tabpanel" class="tab-content bg-base-100 border-base-300 p-6">
|
||||
<h2 class="text-xl font-semibold">Active Sessions</h2>
|
||||
<p class="text-base-content/70 mb-3">This is a list of devices that have logged into your account. Revoke any sessions that you do not recognize.</p>
|
||||
|
||||
<div class="card bg-base-300 shadow-xl">
|
||||
<div class="card-body">
|
||||
<div class="overflow-x-auto">
|
||||
<table class="table">
|
||||
<tbody>
|
||||
<tr>
|
||||
<td>
|
||||
<div class="flex items-center gap-3">
|
||||
<div class="avatar">
|
||||
<div class="mask mask-squircle w-12 h-12">
|
||||
<svg class="h-full w-full text-blue-600 dark:text-blue-400" fill="currentColor" viewBox="0 0 20 20">
|
||||
<path fill-rule="evenodd" d="M4 4a2 2 0 012-2h8a2 2 0 012 2v12a2 2 0 01-2 2H6a2 2 0 01-2-2V4zm2 0v12h8V4H6z" clip-rule="evenodd" />
|
||||
</svg>
|
||||
</div>
|
||||
</div>
|
||||
<div>
|
||||
<div class="font-bold">Current Session</div>
|
||||
<div class="text-sm opacity-50">@($"{Request.Headers["User-Agent"]} • {DateTime.Now:MMMM d, yyyy 'at' h:mm tt}")</div>
|
||||
</div>
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
<div class="card-actions justify-end mt-4">
|
||||
<button type="button" class="btn btn-error">Sign out all other sessions</button>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<!-- Logout Button -->
|
||||
<div class="mt-6 flex justify-end">
|
||||
<form method="post" asp-page-handler="Logout">
|
||||
<button type="submit" class="btn btn-error">Sign out</button>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
}
|
||||
else
|
||||
{
|
||||
<div class="hero min-h-screen bg-base-200">
|
||||
<div class="hero-content text-center">
|
||||
<div class="max-w-md">
|
||||
<div class="text-error text-5xl mb-4">
|
||||
<i class="fas fa-exclamation-circle"></i>
|
||||
</div>
|
||||
<h1 class="text-5xl font-bold">Profile Not Found</h1>
|
||||
<p class="py-6">User profile not found. Please log in to continue.</p>
|
||||
<a href="/auth/login" class="btn btn-primary">Go to Login</a>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
}
|
||||
|
||||
@section Scripts {
|
||||
<script>
|
||||
// Copy access token to clipboard
|
||||
function copyAccessToken() {
|
||||
const copyText = document.getElementById("accessToken");
|
||||
copyText.select();
|
||||
copyText.setSelectionRange(0, 99999);
|
||||
document.execCommand("copy");
|
||||
|
||||
// Show tooltip or notification
|
||||
const originalText = event.target.innerHTML;
|
||||
event.target.innerHTML = '<i class="fas fa-check mr-1"></i> Copied!';
|
||||
event.target.disabled = true;
|
||||
|
||||
setTimeout(() => {
|
||||
event.target.innerHTML = originalText;
|
||||
event.target.disabled = false;
|
||||
}, 2000);
|
||||
}
|
||||
|
||||
// Toggle password visibility
|
||||
function togglePasswordVisibility(inputId) {
|
||||
const input = document.getElementById(inputId);
|
||||
const icon = document.querySelector(`[onclick="togglePasswordVisibility('${inputId}')"] i`);
|
||||
|
||||
if (input.type === 'password') {
|
||||
input.type = 'text';
|
||||
icon.classList.remove('fa-eye');
|
||||
icon.classList.add('fa-eye-slash');
|
||||
} else {
|
||||
input.type = 'password';
|
||||
icon.classList.remove('fa-eye-slash');
|
||||
icon.classList.add('fa-eye');
|
||||
}
|
||||
}
|
||||
</script>
|
||||
}
|
||||
@@ -1,28 +0,0 @@
|
||||
using DysonNetwork.Sphere.Auth;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.AspNetCore.Mvc.RazorPages;
|
||||
|
||||
namespace DysonNetwork.Sphere.Pages.Account;
|
||||
|
||||
public class ProfileModel : PageModel
|
||||
{
|
||||
public DysonNetwork.Sphere.Account.Account? Account { get; set; }
|
||||
public string? AccessToken { get; set; }
|
||||
|
||||
public Task<IActionResult> OnGetAsync()
|
||||
{
|
||||
if (HttpContext.Items["CurrentUser"] is not Sphere.Account.Account currentUser)
|
||||
return Task.FromResult<IActionResult>(RedirectToPage("/Auth/Login"));
|
||||
|
||||
Account = currentUser;
|
||||
AccessToken = Request.Cookies.TryGetValue(AuthConstants.CookieTokenName, out var value) ? value : null;
|
||||
|
||||
return Task.FromResult<IActionResult>(Page());
|
||||
}
|
||||
|
||||
public IActionResult OnPostLogout()
|
||||
{
|
||||
HttpContext.Response.Cookies.Delete(AuthConstants.CookieTokenName);
|
||||
return RedirectToPage("/Auth/Login");
|
||||
}
|
||||
}
|
||||
@@ -1,113 +0,0 @@
|
||||
@page "/auth/authorize"
|
||||
@model DysonNetwork.Sphere.Pages.Auth.AuthorizeModel
|
||||
@{
|
||||
ViewData["Title"] = "Authorize Application";
|
||||
}
|
||||
|
||||
<div class="h-full flex items-center justify-center bg-base-200 py-12 px-4 sm:px-6 lg:px-8">
|
||||
<div class="card w-full max-w-md bg-base-100 shadow-xl">
|
||||
<div class="card-body px-8 py-7">
|
||||
<h2 class="card-title justify-center text-2xl font-bold">
|
||||
Authorize Application
|
||||
</h2>
|
||||
@if (!string.IsNullOrEmpty(Model.AppName))
|
||||
{
|
||||
<div class="mt-6">
|
||||
<div class="flex items-center justify-center">
|
||||
@if (!string.IsNullOrEmpty(Model.AppLogo))
|
||||
{
|
||||
<div class="avatar">
|
||||
<div class="w-12 rounded">
|
||||
<img src="@Model.AppLogo" alt="@Model.AppName logo" />
|
||||
</div>
|
||||
</div>
|
||||
}
|
||||
else
|
||||
{
|
||||
<div class="avatar avatar-placeholder">
|
||||
<div class="bg-neutral text-neutral-content rounded-full w-12">
|
||||
<span class="text-xl">@Model.AppName?[..1].ToUpper()</span>
|
||||
</div>
|
||||
</div>
|
||||
}
|
||||
<div class="ml-4 text-left">
|
||||
<h3 class="text-lg font-medium">@Model.AppName</h3>
|
||||
@if (!string.IsNullOrEmpty(Model.AppUri))
|
||||
{
|
||||
<a href="@Model.AppUri" class="text-sm link link-primary" target="_blank" rel="noopener noreferrer">
|
||||
@Model.AppUri
|
||||
</a>
|
||||
}
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
}
|
||||
<p class="mt-6 text-sm text-center">
|
||||
When you authorize this application, you consent to the following permissions:
|
||||
</p>
|
||||
|
||||
<div class="mt-4">
|
||||
<ul class="menu bg-base-200 rounded-box w-full">
|
||||
@if (Model.Scope != null)
|
||||
{
|
||||
var scopeDescriptions = new Dictionary<string, (string Name, string Description)>
|
||||
{
|
||||
["openid"] = ("OpenID", "Read your basic profile information"),
|
||||
["profile"] = ("Profile", "View your basic profile information"),
|
||||
["email"] = ("Email", "View your email address"),
|
||||
["offline_access"] = ("Offline Access", "Access your data while you're not using the application")
|
||||
};
|
||||
|
||||
foreach (var scope in Model.Scope.Split(' ').Where(s => !string.IsNullOrWhiteSpace(s)))
|
||||
{
|
||||
var scopeInfo = scopeDescriptions.GetValueOrDefault(scope, (scope, scope.Replace('_', ' ')));
|
||||
<li>
|
||||
<a>
|
||||
<svg xmlns="http://www.w3.org/2000/svg" class="h-5 w-5 text-success" viewBox="0 0 20 20" fill="currentColor">
|
||||
<path fill-rule="evenodd" d="M10 18a8 8 0 100-16 8 8 0 000 16zm3.707-9.293a1 1 0 00-1.414-1.414L9 10.586 7.707 9.293a1 1 0 00-1.414 1.414l2 2a1 1 0 001.414 0l4-4z" clip-rule="evenodd" />
|
||||
</svg>
|
||||
<div>
|
||||
<p class="font-medium">@scopeInfo.Item1</p>
|
||||
<p class="text-xs text-base-content/70">@scopeInfo.Item2</p>
|
||||
</div>
|
||||
</a>
|
||||
</li>
|
||||
}
|
||||
}
|
||||
</ul>
|
||||
</div>
|
||||
|
||||
<form method="post" class="mt-8 space-y-4">
|
||||
<input type="hidden" asp-for="ClientIdString" />
|
||||
<input type="hidden" asp-for="ResponseType" name="response_type" />
|
||||
<input type="hidden" asp-for="RedirectUri" name="redirect_uri" />
|
||||
<input type="hidden" asp-for="Scope" name="scope" />
|
||||
<input type="hidden" asp-for="State" name="state" />
|
||||
<input type="hidden" asp-for="Nonce" name="nonce" />
|
||||
<input type="hidden" asp-for="ReturnUrl" name="returnUrl" />
|
||||
<input type="hidden" asp-for="CodeChallenge" value="@HttpContext.Request.Query["code_challenge"]" />
|
||||
<input type="hidden" asp-for="CodeChallengeMethod" value="@HttpContext.Request.Query["code_challenge_method"]" />
|
||||
<input type="hidden" asp-for="ResponseMode" value="@HttpContext.Request.Query["response_mode"]" />
|
||||
|
||||
<div class="card-actions justify-center flex gap-4">
|
||||
<button type="submit" name="allow" value="true" class="btn btn-primary flex-1">Allow</button>
|
||||
<button type="submit" name="allow" value="false" class="btn btn-ghost flex-1">Deny</button>
|
||||
</div>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
@functions {
|
||||
private string GetScopeDisplayName(string scope)
|
||||
{
|
||||
return scope switch
|
||||
{
|
||||
"openid" => "View your basic profile information",
|
||||
"profile" => "View your profile information (name, picture, etc.)",
|
||||
"email" => "View your email address",
|
||||
"offline_access" => "Access your information while you're not using the app",
|
||||
_ => scope
|
||||
};
|
||||
}
|
||||
}
|
||||
@@ -1,233 +0,0 @@
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.AspNetCore.Mvc.RazorPages;
|
||||
using DysonNetwork.Sphere.Auth.OidcProvider.Services;
|
||||
using System.ComponentModel.DataAnnotations;
|
||||
using DysonNetwork.Sphere.Auth;
|
||||
using DysonNetwork.Sphere.Auth.OidcProvider.Responses;
|
||||
using DysonNetwork.Sphere.Developer;
|
||||
|
||||
namespace DysonNetwork.Sphere.Pages.Auth;
|
||||
|
||||
public class AuthorizeModel(OidcProviderService oidcService, IConfiguration configuration) : PageModel
|
||||
{
|
||||
[BindProperty(SupportsGet = true)] public string? ReturnUrl { get; set; }
|
||||
|
||||
[BindProperty(SupportsGet = true, Name = "client_id")]
|
||||
[Required(ErrorMessage = "The client_id parameter is required")]
|
||||
public string? ClientIdString { get; set; }
|
||||
|
||||
public Guid ClientId { get; set; }
|
||||
|
||||
[BindProperty(SupportsGet = true, Name = "response_type")]
|
||||
public string ResponseType { get; set; } = "code";
|
||||
|
||||
[BindProperty(SupportsGet = true, Name = "redirect_uri")]
|
||||
public string? RedirectUri { get; set; }
|
||||
|
||||
[BindProperty(SupportsGet = true)] public string? Scope { get; set; }
|
||||
|
||||
[BindProperty(SupportsGet = true)] public string? State { get; set; }
|
||||
|
||||
[BindProperty(SupportsGet = true)] public string? Nonce { get; set; }
|
||||
|
||||
|
||||
[BindProperty(SupportsGet = true, Name = "code_challenge")]
|
||||
public string? CodeChallenge { get; set; }
|
||||
|
||||
[BindProperty(SupportsGet = true, Name = "code_challenge_method")]
|
||||
public string? CodeChallengeMethod { get; set; }
|
||||
|
||||
[BindProperty(SupportsGet = true, Name = "response_mode")]
|
||||
public string? ResponseMode { get; set; }
|
||||
|
||||
public string? AppName { get; set; }
|
||||
public string? AppLogo { get; set; }
|
||||
public string? AppUri { get; set; }
|
||||
public string[]? RequestedScopes { get; set; }
|
||||
|
||||
public async Task<IActionResult> OnGetAsync()
|
||||
{
|
||||
// First check if user is authenticated
|
||||
if (HttpContext.Items["CurrentUser"] is not Sphere.Account.Account currentUser)
|
||||
{
|
||||
var returnUrl = Uri.EscapeDataString($"{Request.Path}{Request.QueryString}");
|
||||
return RedirectToPage("/Auth/Login", new { returnUrl });
|
||||
}
|
||||
|
||||
// Validate client_id
|
||||
if (string.IsNullOrEmpty(ClientIdString) || !Guid.TryParse(ClientIdString, out var clientId))
|
||||
{
|
||||
ModelState.AddModelError("client_id", "Invalid client_id format");
|
||||
return BadRequest("Invalid client_id format");
|
||||
}
|
||||
|
||||
ClientId = clientId;
|
||||
|
||||
// Get client info
|
||||
var client = await oidcService.FindClientByIdAsync(ClientId);
|
||||
if (client == null)
|
||||
{
|
||||
ModelState.AddModelError("client_id", "Client not found");
|
||||
return NotFound("Client not found");
|
||||
}
|
||||
|
||||
var config = client.OauthConfig;
|
||||
if (config is null)
|
||||
{
|
||||
ModelState.AddModelError("client_id", "Client was not available for use OAuth / OIDC");
|
||||
return BadRequest("Client was not enabled for OAuth / OIDC");
|
||||
}
|
||||
|
||||
// Validate redirect URI for non-Developing apps
|
||||
if (client.Status != CustomAppStatus.Developing)
|
||||
{
|
||||
if (!string.IsNullOrEmpty(RedirectUri) && !(config.RedirectUris?.Contains(RedirectUri) ?? false))
|
||||
{
|
||||
return BadRequest(new ErrorResponse
|
||||
{
|
||||
Error = "invalid_request",
|
||||
ErrorDescription = "Invalid redirect_uri"
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
// Check for an existing valid session
|
||||
var existingSession = await oidcService.FindValidSessionAsync(currentUser.Id, clientId);
|
||||
if (existingSession != null)
|
||||
{
|
||||
// Auto-approve since valid session exists
|
||||
return await HandleApproval(currentUser, client, existingSession);
|
||||
}
|
||||
|
||||
// Show authorization page
|
||||
var baseUrl = configuration["BaseUrl"];
|
||||
AppName = client.Name;
|
||||
AppLogo = client.Picture is not null ? $"{baseUrl}/files/{client.Picture.Id}" : null;
|
||||
AppUri = config.ClientUri;
|
||||
RequestedScopes = (Scope ?? "openid profile").Split(' ').Distinct().ToArray();
|
||||
|
||||
return Page();
|
||||
}
|
||||
|
||||
private async Task<IActionResult> HandleApproval(Sphere.Account.Account currentUser, CustomApp client, Session? existingSession = null)
|
||||
{
|
||||
if (string.IsNullOrEmpty(RedirectUri))
|
||||
{
|
||||
ModelState.AddModelError("redirect_uri", "No redirect_uri provided");
|
||||
return BadRequest("No redirect_uri provided");
|
||||
}
|
||||
|
||||
string authCode;
|
||||
|
||||
if (existingSession != null)
|
||||
{
|
||||
// Reuse existing session
|
||||
authCode = await oidcService.GenerateAuthorizationCodeForReuseSessionAsync(
|
||||
session: existingSession,
|
||||
clientId: ClientId,
|
||||
redirectUri: RedirectUri,
|
||||
scopes: Scope?.Split(' ', StringSplitOptions.RemoveEmptyEntries) ?? [],
|
||||
codeChallenge: CodeChallenge,
|
||||
codeChallengeMethod: CodeChallengeMethod,
|
||||
nonce: Nonce
|
||||
);
|
||||
}
|
||||
else
|
||||
{
|
||||
// Create a new session (existing flow)
|
||||
authCode = await oidcService.GenerateAuthorizationCodeAsync(
|
||||
clientId: ClientId,
|
||||
userId: currentUser.Id,
|
||||
redirectUri: RedirectUri,
|
||||
scopes: Scope?.Split(' ', StringSplitOptions.RemoveEmptyEntries) ?? [],
|
||||
codeChallenge: CodeChallenge,
|
||||
codeChallengeMethod: CodeChallengeMethod,
|
||||
nonce: Nonce
|
||||
);
|
||||
}
|
||||
|
||||
// Build the redirect URI with the authorization code
|
||||
var redirectUriBuilder = new UriBuilder(RedirectUri);
|
||||
var query = System.Web.HttpUtility.ParseQueryString(redirectUriBuilder.Query);
|
||||
query["code"] = authCode;
|
||||
if (!string.IsNullOrEmpty(State))
|
||||
query["state"] = State;
|
||||
if (!string.IsNullOrEmpty(Scope))
|
||||
query["scope"] = Scope;
|
||||
redirectUriBuilder.Query = query.ToString();
|
||||
|
||||
return Redirect(redirectUriBuilder.ToString());
|
||||
}
|
||||
|
||||
public async Task<IActionResult> OnPostAsync(bool allow)
|
||||
{
|
||||
if (HttpContext.Items["CurrentUser"] is not Sphere.Account.Account currentUser) return Unauthorized();
|
||||
|
||||
// First, validate the client ID
|
||||
if (string.IsNullOrEmpty(ClientIdString) || !Guid.TryParse(ClientIdString, out var clientId))
|
||||
{
|
||||
ModelState.AddModelError("client_id", "Invalid client_id format");
|
||||
return BadRequest("Invalid client_id format");
|
||||
}
|
||||
|
||||
ClientId = clientId;
|
||||
|
||||
// Check if a client exists
|
||||
var client = await oidcService.FindClientByIdAsync(ClientId);
|
||||
if (client == null)
|
||||
{
|
||||
ModelState.AddModelError("client_id", "Client not found");
|
||||
return NotFound("Client not found");
|
||||
}
|
||||
|
||||
if (!allow)
|
||||
{
|
||||
// User denied the authorization request
|
||||
if (string.IsNullOrEmpty(RedirectUri))
|
||||
return BadRequest("No redirect_uri provided");
|
||||
|
||||
var deniedUriBuilder = new UriBuilder(RedirectUri);
|
||||
var deniedQuery = System.Web.HttpUtility.ParseQueryString(deniedUriBuilder.Query);
|
||||
deniedQuery["error"] = "access_denied";
|
||||
deniedQuery["error_description"] = "The user denied the authorization request";
|
||||
if (!string.IsNullOrEmpty(State)) deniedQuery["state"] = State;
|
||||
deniedUriBuilder.Query = deniedQuery.ToString();
|
||||
|
||||
return Redirect(deniedUriBuilder.ToString());
|
||||
}
|
||||
|
||||
// User approved the request
|
||||
if (string.IsNullOrEmpty(RedirectUri))
|
||||
{
|
||||
ModelState.AddModelError("redirect_uri", "No redirect_uri provided");
|
||||
return BadRequest("No redirect_uri provided");
|
||||
}
|
||||
|
||||
// Generate authorization code
|
||||
var authCode = await oidcService.GenerateAuthorizationCodeAsync(
|
||||
clientId: ClientId,
|
||||
userId: currentUser.Id,
|
||||
redirectUri: RedirectUri,
|
||||
scopes: Scope?.Split(' ', StringSplitOptions.RemoveEmptyEntries) ?? Array.Empty<string>(),
|
||||
codeChallenge: CodeChallenge,
|
||||
codeChallengeMethod: CodeChallengeMethod,
|
||||
nonce: Nonce);
|
||||
|
||||
// Build the redirect URI with the authorization code
|
||||
var redirectUri = new UriBuilder(RedirectUri);
|
||||
var query = System.Web.HttpUtility.ParseQueryString(redirectUri.Query);
|
||||
|
||||
// Add the authorization code
|
||||
query["code"] = authCode;
|
||||
|
||||
// Add state if provided (for CSRF protection)
|
||||
if (!string.IsNullOrEmpty(State))
|
||||
query["state"] = State;
|
||||
|
||||
// Set the query string
|
||||
redirectUri.Query = query.ToString();
|
||||
|
||||
// Redirect back to the client with the authorization code
|
||||
return Redirect(redirectUri.ToString());
|
||||
}
|
||||
}
|
||||
@@ -1,49 +0,0 @@
|
||||
@page "/auth/callback"
|
||||
@model DysonNetwork.Sphere.Pages.Auth.TokenModel
|
||||
@{
|
||||
ViewData["Title"] = "Authentication Successful";
|
||||
Layout = "_Layout";
|
||||
}
|
||||
|
||||
<div class="hero min-h-full bg-base-200">
|
||||
<div class="hero-content text-center">
|
||||
<div class="max-w-md">
|
||||
<h1 class="text-5xl font-bold">Authentication Successful</h1>
|
||||
<p class="py-6">You can now close this window and return to the application.</p>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
@section Scripts {
|
||||
<script>
|
||||
(function () {
|
||||
const urlParams = new URLSearchParams(window.location.search);
|
||||
const token = urlParams.get('challenge');
|
||||
|
||||
console.log("Authentication token received.");
|
||||
|
||||
// For WebView2/UWP apps that can handle window.external.notify
|
||||
if (window.external && typeof window.external.notify === 'function') {
|
||||
try {
|
||||
if (!token)
|
||||
window.external.notify('done');
|
||||
else
|
||||
window.external.notify(token);
|
||||
console.log("Token sent via window.external.notify.");
|
||||
return; // Exit after successful notification
|
||||
} catch (e) {
|
||||
console.error("Failed to send token via window.external.notify:", e);
|
||||
}
|
||||
}
|
||||
|
||||
// For mobile apps that use custom URI schemes
|
||||
try {
|
||||
const customSchemeUrl = `solian://auth/callback?challenge=${encodeURIComponent(token ?? 'done')}`;
|
||||
window.location.href = customSchemeUrl;
|
||||
console.log("Attempting to redirect to custom scheme:", customSchemeUrl);
|
||||
} catch (e) {
|
||||
console.error("Failed to redirect to custom scheme:", e);
|
||||
}
|
||||
})();
|
||||
</script>
|
||||
}
|
||||
@@ -1,11 +0,0 @@
|
||||
using Microsoft.AspNetCore.Mvc.RazorPages;
|
||||
|
||||
namespace DysonNetwork.Sphere.Pages.Auth
|
||||
{
|
||||
public class TokenModel : PageModel
|
||||
{
|
||||
public void OnGet()
|
||||
{
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -1,16 +0,0 @@
|
||||
@page "//auth/challenge/{id:guid}"
|
||||
@model DysonNetwork.Sphere.Pages.Auth.ChallengeModel
|
||||
@{
|
||||
// This page is kept for backward compatibility
|
||||
// It will automatically redirect to the new SelectFactor page
|
||||
Response.Redirect($"//auth/challenge/{Model.Id}/select-factor");
|
||||
}
|
||||
|
||||
<div class="hero min-h-full bg-base-200">
|
||||
<div class="hero-content text-center">
|
||||
<div class="max-w-md">
|
||||
<span class="loading loading-spinner loading-lg"></span>
|
||||
<p class="py-6">Redirecting to authentication page...</p>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
@@ -1,19 +0,0 @@
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.AspNetCore.Mvc.RazorPages;
|
||||
|
||||
namespace DysonNetwork.Sphere.Pages.Auth
|
||||
{
|
||||
public class ChallengeModel() : PageModel
|
||||
{
|
||||
[BindProperty(SupportsGet = true)]
|
||||
public Guid Id { get; set; }
|
||||
|
||||
[BindProperty(SupportsGet = true)]
|
||||
public string? ReturnUrl { get; set; }
|
||||
|
||||
public IActionResult OnGet()
|
||||
{
|
||||
return RedirectToPage("SelectFactor", new { id = Id, returnUrl = ReturnUrl });
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -1,40 +0,0 @@
|
||||
@page "//auth/login"
|
||||
@model DysonNetwork.Sphere.Pages.Auth.LoginModel
|
||||
@{
|
||||
ViewData["Title"] = "Login | Solar Network";
|
||||
var returnUrl = Model.ReturnUrl ?? "";
|
||||
}
|
||||
|
||||
<div class="hero min-h-full bg-base-200">
|
||||
<div class="hero-content w-full max-w-md">
|
||||
<div class="card w-full bg-base-100 shadow-xl">
|
||||
<div class="card-body px-8 py-7">
|
||||
<h1 class="card-title justify-center text-2xl font-bold">Welcome back!</h1>
|
||||
<p class="text-center">Login to your Solar Network account to continue.</p>
|
||||
<form method="post" class="mt-4">
|
||||
<input type="hidden" asp-for="ReturnUrl" value="@returnUrl"/>
|
||||
<div class="form-control">
|
||||
<label class="label" asp-for="Username">
|
||||
<span class="label-text">Username</span>
|
||||
</label>
|
||||
<input asp-for="Username" class="input input-bordered w-full"/>
|
||||
<span asp-validation-for="Username" class="text-error text-sm mt-1"></span>
|
||||
</div>
|
||||
<div class="form-control mt-6">
|
||||
<button type="submit" class="btn btn-primary w-full">Next</button>
|
||||
</div>
|
||||
<div class="text-sm text-center mt-4">
|
||||
<span class="text-base-content/70">Have no account?</span> <br/>
|
||||
<a href="https://solian.app/#/auth/create-account" class="link link-primary">
|
||||
Create a new account →
|
||||
</a>
|
||||
</div>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
@section Scripts {
|
||||
@{ await Html.RenderPartialAsync("_ValidationScriptsPartial"); }
|
||||
}
|
||||
@@ -1,93 +0,0 @@
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.AspNetCore.Mvc.RazorPages;
|
||||
using System.ComponentModel.DataAnnotations;
|
||||
using DysonNetwork.Sphere.Auth;
|
||||
using DysonNetwork.Sphere.Account;
|
||||
using DysonNetwork.Sphere.Connection;
|
||||
using NodaTime;
|
||||
using Microsoft.EntityFrameworkCore;
|
||||
|
||||
namespace DysonNetwork.Sphere.Pages.Auth
|
||||
{
|
||||
public class LoginModel(
|
||||
AppDatabase db,
|
||||
AccountService accounts,
|
||||
AuthService auth,
|
||||
GeoIpService geo,
|
||||
ActionLogService als
|
||||
) : PageModel
|
||||
{
|
||||
[BindProperty] [Required] public string Username { get; set; } = string.Empty;
|
||||
|
||||
[BindProperty]
|
||||
[FromQuery]
|
||||
public string? ReturnUrl { get; set; }
|
||||
|
||||
public void OnGet()
|
||||
{
|
||||
}
|
||||
|
||||
public async Task<IActionResult> OnPostAsync()
|
||||
{
|
||||
if (!ModelState.IsValid)
|
||||
{
|
||||
return Page();
|
||||
}
|
||||
|
||||
var account = await accounts.LookupAccount(Username);
|
||||
if (account is null)
|
||||
{
|
||||
ModelState.AddModelError(string.Empty, "Account was not found.");
|
||||
return Page();
|
||||
}
|
||||
|
||||
// Store the return URL in TempData to preserve it during the login flow
|
||||
if (!string.IsNullOrEmpty(ReturnUrl) && Url.IsLocalUrl(ReturnUrl))
|
||||
{
|
||||
TempData["ReturnUrl"] = ReturnUrl;
|
||||
}
|
||||
|
||||
var ipAddress = HttpContext.Connection.RemoteIpAddress?.ToString();
|
||||
var userAgent = HttpContext.Request.Headers.UserAgent.ToString();
|
||||
var now = Instant.FromDateTimeUtc(DateTime.UtcNow);
|
||||
|
||||
var existingChallenge = await db.AuthChallenges
|
||||
.Where(e => e.Account == account)
|
||||
.Where(e => e.IpAddress == ipAddress)
|
||||
.Where(e => e.UserAgent == userAgent)
|
||||
.Where(e => e.StepRemain > 0)
|
||||
.Where(e => e.ExpiredAt != null && now < e.ExpiredAt)
|
||||
.FirstOrDefaultAsync();
|
||||
|
||||
if (existingChallenge is not null)
|
||||
{
|
||||
return RedirectToPage("Challenge", new { id = existingChallenge.Id });
|
||||
}
|
||||
|
||||
var challenge = new Challenge
|
||||
{
|
||||
ExpiredAt = Instant.FromDateTimeUtc(DateTime.UtcNow.AddHours(1)),
|
||||
StepTotal = await auth.DetectChallengeRisk(Request, account),
|
||||
Platform = ChallengePlatform.Web,
|
||||
Audiences = new List<string>(),
|
||||
Scopes = new List<string>(),
|
||||
IpAddress = ipAddress,
|
||||
UserAgent = userAgent,
|
||||
Location = geo.GetPointFromIp(ipAddress),
|
||||
DeviceId = "web-browser",
|
||||
AccountId = account.Id
|
||||
}.Normalize();
|
||||
|
||||
await db.AuthChallenges.AddAsync(challenge);
|
||||
await db.SaveChangesAsync();
|
||||
|
||||
// If we have a return URL, pass it to the verify page
|
||||
if (TempData.TryGetValue("ReturnUrl", out var returnUrl) && returnUrl is string url)
|
||||
{
|
||||
return RedirectToPage("SelectFactor", new { id = challenge.Id, returnUrl = url });
|
||||
}
|
||||
|
||||
return RedirectToPage("SelectFactor", new { id = challenge.Id });
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -1,127 +0,0 @@
|
||||
@page "//auth/challenge/{id:guid}/select-factor"
|
||||
@using DysonNetwork.Sphere.Account
|
||||
@model DysonNetwork.Sphere.Pages.Auth.SelectFactorModel
|
||||
@{
|
||||
ViewData["Title"] = "Select Authentication Method | Solar Network";
|
||||
}
|
||||
|
||||
<div class="hero min-h-full bg-base-200">
|
||||
<div class="hero-content w-full max-w-md">
|
||||
<div class="card w-full bg-base-100 shadow-xl">
|
||||
<div class="card-body">
|
||||
<h1 class="card-title justify-center text-2xl font-bold">Select Authentication Method</h1>
|
||||
|
||||
@if (Model.AuthChallenge != null && Model.AuthChallenge.StepRemain > 0)
|
||||
{
|
||||
<div class="text-center mt-4">
|
||||
<p class="text-sm text-info mb-2">Progress: @(Model.AuthChallenge.StepTotal - Model.AuthChallenge.StepRemain) of @Model.AuthChallenge.StepTotal steps completed</p>
|
||||
<progress class="progress progress-info w-full" value="@(Model.AuthChallenge.StepTotal - Model.AuthChallenge.StepRemain)" max="@Model.AuthChallenge.StepTotal"></progress>
|
||||
</div>
|
||||
}
|
||||
|
||||
@if (Model.AuthChallenge == null)
|
||||
{
|
||||
<div class="alert alert-error">
|
||||
<svg xmlns="http://www.w3.org/2000/svg" class="stroke-current shrink-0 h-6 w-6" fill="none"
|
||||
viewBox="0 0 24 24">
|
||||
<path stroke-linecap="round" stroke-linejoin="round" stroke-width="2"
|
||||
d="M10 14l2-2m0 0l2-2m-2 2l-2-2m2 2l2 2m7-2a9 9 0 11-18 0 9 9 0 0118 0z"/>
|
||||
</svg>
|
||||
<span>Challenge not found or expired.</span>
|
||||
</div>
|
||||
}
|
||||
else if (Model.AuthChallenge.StepRemain == 0)
|
||||
{
|
||||
<div class="alert alert-success">
|
||||
<svg xmlns="http://www.w3.org/2000/svg" class="stroke-current shrink-0 h-6 w-6" fill="none"
|
||||
viewBox="0 0 24 24">
|
||||
<path stroke-linecap="round" stroke-linejoin="round" stroke-width="2"
|
||||
d="M9 12l2 2 4-4m6 2a9 9 0 11-18 0 9 9 0 0118 0z"/>
|
||||
</svg>
|
||||
<span>Challenge completed. Redirecting...</span>
|
||||
</div>
|
||||
}
|
||||
else
|
||||
{
|
||||
<p class="text-center">Please select an authentication method:</p>
|
||||
|
||||
<div class="space-y-4">
|
||||
@foreach (var factor in Model.AuthFactors)
|
||||
{
|
||||
<form method="post" asp-page-handler="SelectFactor" class="w-full" id="factor-@factor.Id">
|
||||
<input type="hidden" name="SelectedFactorId" value="@factor.Id"/>
|
||||
|
||||
@if (factor.Type == AccountAuthFactorType.EmailCode)
|
||||
{
|
||||
<div class="card w-full bg-base-200 card-sm shadow-sm rounded-md">
|
||||
<div class="py-4 px-5 align-items-center">
|
||||
<div>
|
||||
<h2 class="card-title">@GetFactorDisplayName(factor.Type)</h2>
|
||||
<p>@GetFactorDescription(factor.Type)</p>
|
||||
</div>
|
||||
<div class="join w-full mt-2">
|
||||
<div class="flex-1">
|
||||
<label class="input join-item input-sm">
|
||||
<input id="hint-@factor.Id" type="email"
|
||||
placeholder="mail@site.com" required/>
|
||||
</label>
|
||||
</div>
|
||||
<button class="btn btn-primary join-item btn-sm">
|
||||
<span class="material-symbols-outlined">
|
||||
arrow_right_alt
|
||||
</span>
|
||||
</button>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
}
|
||||
else
|
||||
{
|
||||
<div class="card w-full bg-base-200 card-sm shadow-sm rounded-md">
|
||||
<div class="flex py-4 px-5 align-items-center">
|
||||
<div class="flex-1">
|
||||
<h2 class="card-title">@GetFactorDisplayName(factor.Type)</h2>
|
||||
<p>@GetFactorDescription(factor.Type)</p>
|
||||
</div>
|
||||
<div class="justify-end card-actions">
|
||||
<button type="submit" class="btn btn-primary btn-sm">
|
||||
<span class="material-symbols-outlined">
|
||||
arrow_right_alt
|
||||
</span>
|
||||
</button>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
}
|
||||
</form>
|
||||
}
|
||||
</div>
|
||||
}
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
@functions {
|
||||
|
||||
private string GetFactorDisplayName(AccountAuthFactorType type) => type switch
|
||||
{
|
||||
AccountAuthFactorType.InAppCode => "Authenticator App",
|
||||
AccountAuthFactorType.EmailCode => "Email",
|
||||
AccountAuthFactorType.TimedCode => "Timed Code",
|
||||
AccountAuthFactorType.PinCode => "PIN Code",
|
||||
AccountAuthFactorType.Password => "Password",
|
||||
_ => type.ToString()
|
||||
};
|
||||
|
||||
private string GetFactorDescription(AccountAuthFactorType type) => type switch
|
||||
{
|
||||
AccountAuthFactorType.InAppCode => "Enter a code from your authenticator app",
|
||||
AccountAuthFactorType.EmailCode => "Receive a verification code via email",
|
||||
AccountAuthFactorType.TimedCode => "Use a time-based verification code",
|
||||
AccountAuthFactorType.PinCode => "Enter your PIN code",
|
||||
AccountAuthFactorType.Password => "Enter your password",
|
||||
_ => string.Empty
|
||||
};
|
||||
|
||||
}
|
||||
@@ -1,103 +0,0 @@
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.AspNetCore.Mvc.RazorPages;
|
||||
using Microsoft.EntityFrameworkCore;
|
||||
using DysonNetwork.Sphere.Auth;
|
||||
using DysonNetwork.Sphere.Account;
|
||||
|
||||
namespace DysonNetwork.Sphere.Pages.Auth;
|
||||
|
||||
public class SelectFactorModel(
|
||||
AppDatabase db,
|
||||
AccountService accounts
|
||||
)
|
||||
: PageModel
|
||||
{
|
||||
[BindProperty(SupportsGet = true)] public Guid Id { get; set; }
|
||||
[BindProperty(SupportsGet = true)] public string? ReturnUrl { get; set; }
|
||||
[BindProperty] public Guid SelectedFactorId { get; set; }
|
||||
[BindProperty] public string? Hint { get; set; }
|
||||
|
||||
public Challenge? AuthChallenge { get; set; }
|
||||
public List<AccountAuthFactor> AuthFactors { get; set; } = [];
|
||||
|
||||
public async Task<IActionResult> OnGetAsync()
|
||||
{
|
||||
await LoadChallengeAndFactors();
|
||||
if (AuthChallenge == null) return NotFound();
|
||||
if (AuthChallenge.StepRemain == 0) return await ExchangeTokenAndRedirect();
|
||||
return Page();
|
||||
}
|
||||
|
||||
public async Task<IActionResult> OnPostSelectFactorAsync()
|
||||
{
|
||||
var challenge = await db.AuthChallenges
|
||||
.Include(e => e.Account)
|
||||
.FirstOrDefaultAsync(e => e.Id == Id);
|
||||
|
||||
if (challenge == null) return NotFound();
|
||||
|
||||
var factor = await db.AccountAuthFactors.FindAsync(SelectedFactorId);
|
||||
if (factor?.EnabledAt == null || factor.Trustworthy <= 0)
|
||||
return BadRequest("Invalid authentication method.");
|
||||
|
||||
// Store return URL in TempData to pass to the next step
|
||||
if (!string.IsNullOrEmpty(ReturnUrl))
|
||||
{
|
||||
TempData["ReturnUrl"] = ReturnUrl;
|
||||
}
|
||||
|
||||
// For OTP factors that require code delivery
|
||||
try
|
||||
{
|
||||
// For OTP factors that require code delivery
|
||||
if (
|
||||
factor.Type == AccountAuthFactorType.EmailCode
|
||||
&& string.IsNullOrWhiteSpace(Hint)
|
||||
)
|
||||
{
|
||||
ModelState.AddModelError(string.Empty,
|
||||
$"Please provide a {factor.Type.ToString().ToLower().Replace("code", "")} to send the code to."
|
||||
);
|
||||
await LoadChallengeAndFactors();
|
||||
return Page();
|
||||
}
|
||||
|
||||
await accounts.SendFactorCode(challenge.Account, factor, Hint);
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
ModelState.AddModelError(string.Empty,
|
||||
$"An error occurred while sending the verification code: {ex.Message}");
|
||||
await LoadChallengeAndFactors();
|
||||
return Page();
|
||||
}
|
||||
|
||||
// Redirect to verify page with return URL if available
|
||||
return !string.IsNullOrEmpty(ReturnUrl)
|
||||
? RedirectToPage("VerifyFactor", new { id = Id, factorId = factor.Id, returnUrl = ReturnUrl })
|
||||
: RedirectToPage("VerifyFactor", new { id = Id, factorId = factor.Id });
|
||||
}
|
||||
|
||||
private async Task LoadChallengeAndFactors()
|
||||
{
|
||||
AuthChallenge = await db.AuthChallenges
|
||||
.Include(e => e.Account)
|
||||
.FirstOrDefaultAsync(e => e.Id == Id);
|
||||
|
||||
if (AuthChallenge != null)
|
||||
{
|
||||
AuthFactors = await db.AccountAuthFactors
|
||||
.Where(e => e.AccountId == AuthChallenge.Account.Id)
|
||||
.Where(e => e.EnabledAt != null && e.Trustworthy >= 1)
|
||||
.ToListAsync();
|
||||
}
|
||||
}
|
||||
|
||||
private async Task<IActionResult> ExchangeTokenAndRedirect()
|
||||
{
|
||||
// This method is kept for backward compatibility
|
||||
// The actual token exchange is now handled in the VerifyFactor page
|
||||
await Task.CompletedTask; // Add this to fix the async warning
|
||||
return RedirectToPage("/Account/Profile");
|
||||
}
|
||||
}
|
||||
@@ -1,99 +0,0 @@
|
||||
@page "//auth/challenge/{id:guid}/verify/{factorId:guid}"
|
||||
@using DysonNetwork.Sphere.Account
|
||||
@model DysonNetwork.Sphere.Pages.Auth.VerifyFactorModel
|
||||
@{
|
||||
ViewData["Title"] = "Verify Your Identity | Solar Network";
|
||||
}
|
||||
|
||||
<div class="hero min-h-full bg-base-200">
|
||||
<div class="hero-content w-full max-w-md">
|
||||
<div class="card w-full bg-base-100 shadow-xl">
|
||||
<div class="card-body px-8 py-7">
|
||||
<h1 class="card-title justify-center text-2xl font-bold">Verify Your Identity</h1>
|
||||
<p class="text-center">
|
||||
@switch (Model.FactorType)
|
||||
{
|
||||
case AccountAuthFactorType.EmailCode:
|
||||
<span>We've sent a verification code to your email.</span>
|
||||
break;
|
||||
case AccountAuthFactorType.InAppCode:
|
||||
<span>Enter the code from your authenticator app.</span>
|
||||
break;
|
||||
case AccountAuthFactorType.TimedCode:
|
||||
<span>Enter your time-based verification code.</span>
|
||||
break;
|
||||
case AccountAuthFactorType.PinCode:
|
||||
<span>Enter your PIN code.</span>
|
||||
break;
|
||||
case AccountAuthFactorType.Password:
|
||||
<span>Enter your password.</span>
|
||||
break;
|
||||
default:
|
||||
<span>Please verify your identity.</span>
|
||||
break;
|
||||
}
|
||||
</p>
|
||||
|
||||
@if (Model.AuthChallenge != null && Model.AuthChallenge.StepRemain > 0)
|
||||
{
|
||||
<div class="text-center mt-4">
|
||||
<p class="text-sm text-info mb-2">Progress: @(Model.AuthChallenge.StepTotal - Model.AuthChallenge.StepRemain) of @Model.AuthChallenge.StepTotal steps completed</p>
|
||||
<progress class="progress progress-info w-full" value="@(Model.AuthChallenge.StepTotal - Model.AuthChallenge.StepRemain)" max="@Model.AuthChallenge.StepTotal"></progress>
|
||||
</div>
|
||||
}
|
||||
|
||||
@if (Model.AuthChallenge == null)
|
||||
{
|
||||
<div class="alert alert-error">
|
||||
<svg xmlns="http://www.w3.org/2000/svg" class="stroke-current shrink-0 h-6 w-6" fill="none" viewBox="0 0 24 24"><path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M10 14l2-2m0 0l2-2m-2 2l-2-2m2 2l2 2m7-2a9 9 0 11-18 0 9 9 0 0118 0z" /></svg>
|
||||
<span>Challenge not found or expired.</span>
|
||||
</div>
|
||||
}
|
||||
else if (Model.AuthChallenge.StepRemain == 0)
|
||||
{
|
||||
<div class="alert alert-success">
|
||||
<svg xmlns="http://www.w3.org/2000/svg" class="stroke-current shrink-0 h-6 w-6" fill="none" viewBox="0 0 24 24"><path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M9 12l2 2 4-4m6 2a9 9 0 11-18 0 9 9 0 0118 0z" /></svg>
|
||||
<span>Verification successful. Redirecting...</span>
|
||||
</div>
|
||||
}
|
||||
else
|
||||
{
|
||||
<form method="post" class="space-y-4">
|
||||
@if (!ViewData.ModelState.IsValid && ViewData.ModelState.Any(m => m.Value.Errors.Any()))
|
||||
{
|
||||
<div role="alert" class="alert alert-error mb-4">
|
||||
<span>@Html.ValidationSummary(true)</span>
|
||||
</div>
|
||||
}
|
||||
|
||||
<div class="form-control">
|
||||
<label asp-for="Code" class="label">
|
||||
<span class="label-text">@(Model.FactorType == AccountAuthFactorType.Password ? "Use your password" : "Verification Code")</span>
|
||||
</label>
|
||||
<input asp-for="Code"
|
||||
class="input input-bordered w-full"
|
||||
autocomplete="one-time-code"
|
||||
type="password"
|
||||
autofocus />
|
||||
<span asp-validation-for="Code" class="text-error text-sm mt-1"></span>
|
||||
</div>
|
||||
|
||||
<div class="form-control mt-6">
|
||||
<button type="submit" class="btn btn-primary w-full">Verify</button>
|
||||
</div>
|
||||
|
||||
<div class="text-center mt-4">
|
||||
<a asp-page="SelectFactor" asp-route-id="@Model.Id" class="link link-primary text-sm">
|
||||
← Back to authentication methods
|
||||
</a>
|
||||
</div>
|
||||
</form>
|
||||
}
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
@section Scripts {
|
||||
@{ await Html.RenderPartialAsync("_ValidationScriptsPartial"); }
|
||||
}
|
||||
@@ -1,194 +0,0 @@
|
||||
using System.ComponentModel.DataAnnotations;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.AspNetCore.Mvc.RazorPages;
|
||||
using Microsoft.EntityFrameworkCore;
|
||||
using DysonNetwork.Sphere.Auth;
|
||||
using DysonNetwork.Sphere.Account;
|
||||
using NodaTime;
|
||||
|
||||
namespace DysonNetwork.Sphere.Pages.Auth
|
||||
{
|
||||
public class VerifyFactorModel(
|
||||
AppDatabase db,
|
||||
AccountService accounts,
|
||||
AuthService auth,
|
||||
ActionLogService als,
|
||||
IConfiguration configuration,
|
||||
IHttpClientFactory httpClientFactory
|
||||
)
|
||||
: PageModel
|
||||
{
|
||||
[BindProperty(SupportsGet = true)] public Guid Id { get; set; }
|
||||
|
||||
[BindProperty(SupportsGet = true)] public Guid FactorId { get; set; }
|
||||
|
||||
[BindProperty(SupportsGet = true)] public string? ReturnUrl { get; set; }
|
||||
|
||||
[BindProperty, Required] public string Code { get; set; } = string.Empty;
|
||||
|
||||
public Challenge? AuthChallenge { get; set; }
|
||||
public AccountAuthFactor? Factor { get; set; }
|
||||
public AccountAuthFactorType FactorType => Factor?.Type ?? AccountAuthFactorType.EmailCode;
|
||||
|
||||
public async Task<IActionResult> OnGetAsync()
|
||||
{
|
||||
if (!string.IsNullOrEmpty(ReturnUrl))
|
||||
{
|
||||
TempData["ReturnUrl"] = ReturnUrl;
|
||||
}
|
||||
await LoadChallengeAndFactor();
|
||||
if (AuthChallenge == null) return NotFound("Challenge not found or expired.");
|
||||
if (Factor == null) return NotFound("Authentication method not found.");
|
||||
if (AuthChallenge.StepRemain == 0) return await ExchangeTokenAndRedirect(AuthChallenge);
|
||||
|
||||
return Page();
|
||||
}
|
||||
|
||||
public async Task<IActionResult> OnPostAsync()
|
||||
{
|
||||
if (!string.IsNullOrEmpty(ReturnUrl))
|
||||
{
|
||||
TempData["ReturnUrl"] = ReturnUrl;
|
||||
}
|
||||
if (!ModelState.IsValid)
|
||||
{
|
||||
await LoadChallengeAndFactor();
|
||||
return Page();
|
||||
}
|
||||
|
||||
await LoadChallengeAndFactor();
|
||||
if (AuthChallenge == null) return NotFound("Challenge not found or expired.");
|
||||
if (Factor == null) return NotFound("Authentication method not found.");
|
||||
|
||||
if (AuthChallenge.BlacklistFactors.Contains(Factor.Id))
|
||||
{
|
||||
ModelState.AddModelError(string.Empty, "This authentication method has already been used for this challenge.");
|
||||
return Page();
|
||||
}
|
||||
|
||||
try
|
||||
{
|
||||
if (await accounts.VerifyFactorCode(Factor, Code))
|
||||
{
|
||||
AuthChallenge.StepRemain -= Factor.Trustworthy;
|
||||
AuthChallenge.StepRemain = Math.Max(0, AuthChallenge.StepRemain);
|
||||
AuthChallenge.BlacklistFactors.Add(Factor.Id);
|
||||
db.Update(AuthChallenge);
|
||||
|
||||
als.CreateActionLogFromRequest(ActionLogType.ChallengeSuccess,
|
||||
new Dictionary<string, object>
|
||||
{
|
||||
{ "challenge_id", AuthChallenge.Id },
|
||||
{ "factor_id", Factor?.Id.ToString() ?? string.Empty }
|
||||
}, Request, AuthChallenge.Account);
|
||||
|
||||
await db.SaveChangesAsync();
|
||||
|
||||
if (AuthChallenge.StepRemain == 0)
|
||||
{
|
||||
als.CreateActionLogFromRequest(ActionLogType.NewLogin,
|
||||
new Dictionary<string, object>
|
||||
{
|
||||
{ "challenge_id", AuthChallenge.Id },
|
||||
{ "account_id", AuthChallenge.AccountId }
|
||||
}, Request, AuthChallenge.Account);
|
||||
|
||||
return await ExchangeTokenAndRedirect(AuthChallenge);
|
||||
}
|
||||
|
||||
else
|
||||
{
|
||||
// If more steps are needed, redirect back to select factor
|
||||
return RedirectToPage("SelectFactor", new { id = Id, returnUrl = ReturnUrl });
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
throw new InvalidOperationException("Invalid verification code.");
|
||||
}
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
if (AuthChallenge != null)
|
||||
{
|
||||
AuthChallenge.FailedAttempts++;
|
||||
db.Update(AuthChallenge);
|
||||
await db.SaveChangesAsync();
|
||||
|
||||
als.CreateActionLogFromRequest(ActionLogType.ChallengeFailure,
|
||||
new Dictionary<string, object>
|
||||
{
|
||||
{ "challenge_id", AuthChallenge.Id },
|
||||
{ "factor_id", Factor?.Id.ToString() ?? string.Empty }
|
||||
}, Request, AuthChallenge.Account);
|
||||
}
|
||||
|
||||
|
||||
ModelState.AddModelError(string.Empty, ex.Message);
|
||||
return Page();
|
||||
}
|
||||
}
|
||||
|
||||
private async Task LoadChallengeAndFactor()
|
||||
{
|
||||
AuthChallenge = await db.AuthChallenges
|
||||
.Include(e => e.Account)
|
||||
.FirstOrDefaultAsync(e => e.Id == Id);
|
||||
|
||||
if (AuthChallenge?.Account != null)
|
||||
{
|
||||
Factor = await db.AccountAuthFactors
|
||||
.FirstOrDefaultAsync(e => e.Id == FactorId &&
|
||||
e.AccountId == AuthChallenge.Account.Id &&
|
||||
e.EnabledAt != null &&
|
||||
e.Trustworthy > 0);
|
||||
}
|
||||
}
|
||||
|
||||
private async Task<IActionResult> ExchangeTokenAndRedirect(Challenge challenge)
|
||||
{
|
||||
await db.Entry(challenge).ReloadAsync();
|
||||
if (challenge.StepRemain != 0) return BadRequest($"Challenge not yet completed. Remaining steps: {challenge.StepRemain}");
|
||||
|
||||
var session = await db.AuthSessions
|
||||
.FirstOrDefaultAsync(e => e.ChallengeId == challenge.Id);
|
||||
|
||||
if (session == null)
|
||||
{
|
||||
session = new Session
|
||||
{
|
||||
LastGrantedAt = Instant.FromDateTimeUtc(DateTime.UtcNow),
|
||||
ExpiredAt = Instant.FromDateTimeUtc(DateTime.UtcNow.AddDays(30)),
|
||||
Account = challenge.Account,
|
||||
Challenge = challenge,
|
||||
};
|
||||
db.AuthSessions.Add(session);
|
||||
await db.SaveChangesAsync();
|
||||
}
|
||||
|
||||
var token = auth.CreateToken(session);
|
||||
Response.Cookies.Append(AuthConstants.CookieTokenName, token, new CookieOptions
|
||||
{
|
||||
HttpOnly = true,
|
||||
Secure = Request.IsHttps,
|
||||
SameSite = SameSiteMode.Strict,
|
||||
Path = "/"
|
||||
});
|
||||
|
||||
// Redirect to the return URL if provided and valid, otherwise to the home page
|
||||
if (!string.IsNullOrEmpty(ReturnUrl) && Url.IsLocalUrl(ReturnUrl))
|
||||
{
|
||||
return Redirect(ReturnUrl);
|
||||
}
|
||||
|
||||
// Check TempData for return URL (in case it was passed through multiple steps)
|
||||
if (TempData.TryGetValue("ReturnUrl", out var tempReturnUrl) && tempReturnUrl is string returnUrl &&
|
||||
!string.IsNullOrEmpty(returnUrl) && Url.IsLocalUrl(returnUrl))
|
||||
{
|
||||
return Redirect(returnUrl);
|
||||
}
|
||||
|
||||
return RedirectToPage("/Index");
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -1,110 +0,0 @@
|
||||
@page "/auth/captcha"
|
||||
@model DysonNetwork.Sphere.Pages.Checkpoint.CheckpointPage
|
||||
|
||||
@{
|
||||
ViewData["Title"] = "Security Checkpoint";
|
||||
var cfg = ViewData.Model.Configuration;
|
||||
var provider = cfg.GetSection("Captcha")["Provider"]?.ToLower();
|
||||
var apiKey = cfg.GetSection("Captcha")["ApiKey"];
|
||||
}
|
||||
|
||||
@section Scripts {
|
||||
@switch (provider)
|
||||
{
|
||||
case "recaptcha":
|
||||
<script src="https://www.recaptcha.net/recaptcha/api.js" async defer></script>
|
||||
break;
|
||||
case "cloudflare":
|
||||
<script src="https://challenges.cloudflare.com/turnstile/v0/api.js" async defer></script>
|
||||
break;
|
||||
case "hcaptcha":
|
||||
<script src="https://js.hcaptcha.com/1/api.js" async defer></script>
|
||||
break;
|
||||
}
|
||||
|
||||
<script>
|
||||
function getQueryParam(name) {
|
||||
const urlParams = new URLSearchParams(window.location.search);
|
||||
return urlParams.get(name);
|
||||
}
|
||||
|
||||
function onSuccess(token) {
|
||||
window.parent.postMessage("captcha_tk=" + token, "*");
|
||||
const redirectUri = getQueryParam("redirect_uri");
|
||||
if (redirectUri) {
|
||||
window.location.href = `${redirectUri}?captcha_tk=${encodeURIComponent(token)}`;
|
||||
}
|
||||
}
|
||||
</script>
|
||||
}
|
||||
|
||||
<div class="hero min-h-full bg-base-200">
|
||||
<div class="hero-content text-center">
|
||||
<div class="max-w-md">
|
||||
<div class="card bg-base-100 shadow-xl">
|
||||
<div class="card-body">
|
||||
<h1 class="card-title">Security Check</h1>
|
||||
<p>Please complete the contest below to confirm you're not a robot</p>
|
||||
|
||||
<div class="flex justify-center my-8">
|
||||
@switch (provider)
|
||||
{
|
||||
case "cloudflare":
|
||||
<div class="cf-turnstile"
|
||||
data-sitekey="@apiKey"
|
||||
data-callback="onSuccess">
|
||||
</div>
|
||||
break;
|
||||
case "recaptcha":
|
||||
<div class="g-recaptcha"
|
||||
data-sitekey="@apiKey"
|
||||
data-callback="onSuccess">
|
||||
</div>
|
||||
break;
|
||||
case "hcaptcha":
|
||||
<div class="h-captcha"
|
||||
data-sitekey="@apiKey"
|
||||
data-callback="onSuccess">
|
||||
</div>
|
||||
break;
|
||||
default:
|
||||
<div class="alert alert-warning">
|
||||
<svg xmlns="http://www.w3.org/2000/svg" class="stroke-current shrink-0 h-6 w-6" fill="none" viewBox="0 0 24 24"><path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M12 9v2m0 4h.01m-6.938 4h13.856c1.54 0 2.502-1.667 1.732-3L13.732 4c-.77-1.333-2.694-1.333-3.464 0L3.34 16c-.77 1.333.192 3 1.732 3z" /></svg>
|
||||
<span>Captcha provider not configured correctly.</span>
|
||||
</div>
|
||||
break;
|
||||
}
|
||||
</div>
|
||||
|
||||
<div class="text-center text-sm">
|
||||
<div class="font-semibold mb-1">Solar Network Anti-Robot</div>
|
||||
<div class="text-base-content/70">
|
||||
Powered by
|
||||
@switch (provider)
|
||||
{
|
||||
case "cloudflare":
|
||||
<a href="https://www.cloudflare.com/turnstile/" class="link link-hover">
|
||||
Cloudflare Turnstile
|
||||
</a>
|
||||
break;
|
||||
case "recaptcha":
|
||||
<a href="https://www.google.com/recaptcha/" class="link link-hover">
|
||||
Google reCaptcha
|
||||
</a>
|
||||
break;
|
||||
default:
|
||||
<span>Nothing</span>
|
||||
break;
|
||||
}
|
||||
<br/>
|
||||
Hosted by
|
||||
<a href="https://github.com/Solsynth/DysonNetwork" class="link link-hover">
|
||||
DysonNetwork.Sphere
|
||||
</a>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
@@ -1,14 +0,0 @@
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.AspNetCore.Mvc.RazorPages;
|
||||
|
||||
namespace DysonNetwork.Sphere.Pages.Checkpoint;
|
||||
|
||||
public class CheckpointPage(IConfiguration configuration) : PageModel
|
||||
{
|
||||
[BindProperty] public IConfiguration Configuration { get; set; } = configuration;
|
||||
|
||||
public ActionResult OnGet()
|
||||
{
|
||||
return Page();
|
||||
}
|
||||
}
|
||||
@@ -7,14 +7,14 @@
|
||||
}
|
||||
|
||||
@section Head {
|
||||
<meta property="og:title" content="@Model.Post?.Title" />
|
||||
<meta property="og:type" content="article" />
|
||||
<meta property="og:title" content="@Model.Post?.Title"/>
|
||||
<meta property="og:type" content="article"/>
|
||||
@if (imageUrl != null)
|
||||
{
|
||||
<meta property="og:image" content="/api/files/@imageUrl" />
|
||||
<meta property="og:image" content="/api/files/@imageUrl"/>
|
||||
}
|
||||
<meta property="og:url" content="@Request.Scheme://@Request.Host@Request.Path" />
|
||||
<meta property="og:description" content="@Model.Post?.Description" />
|
||||
<meta property="og:url" content="@Request.Scheme://@Request.Host@Request.Path"/>
|
||||
<meta property="og:description" content="@Model.Post?.Description"/>
|
||||
}
|
||||
|
||||
<div class="container mx-auto p-4">
|
||||
@@ -23,10 +23,7 @@
|
||||
<h1 class="text-3xl font-bold mb-4">@Model.Post.Title</h1>
|
||||
<p class="text-gray-600 mb-2">
|
||||
Created at: @Model.Post.CreatedAt
|
||||
@if (Model.Post.Publisher?.Account != null)
|
||||
{
|
||||
<span>by <a href="#" class="text-blue-500">@@@Model.Post.Publisher.Name</a></span>
|
||||
}
|
||||
<span>by <a href="#" class="text-blue-500">@@@Model.Post.Publisher.Name</a></span>
|
||||
</p>
|
||||
<div class="prose lg:prose-xl mb-4">
|
||||
@Html.Raw(Markdown.ToHtml(Model.Post.Content ?? string.Empty))
|
||||
@@ -41,7 +38,8 @@
|
||||
<div class="border p-2 rounded-md">
|
||||
@if (attachment.MimeType != null && attachment.MimeType.StartsWith("image/"))
|
||||
{
|
||||
<img src="/api/files/@attachment.Id" alt="@attachment.Name" class="w-full h-auto object-cover mb-2" />
|
||||
<img src="/api/files/@attachment.Id" alt="@attachment.Name"
|
||||
class="w-full h-auto object-cover mb-2"/>
|
||||
}
|
||||
else if (attachment.MimeType != null && attachment.MimeType.StartsWith("video/"))
|
||||
{
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
using DysonNetwork.Sphere.Account;
|
||||
using DysonNetwork.Shared.Proto;
|
||||
using DysonNetwork.Sphere.Post;
|
||||
using DysonNetwork.Sphere.Publisher;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
@@ -10,11 +10,10 @@ namespace DysonNetwork.Sphere.Pages.Posts;
|
||||
public class PostDetailModel(
|
||||
AppDatabase db,
|
||||
PublisherService pub,
|
||||
RelationshipService rels
|
||||
AccountService.AccountServiceClient accounts
|
||||
) : PageModel
|
||||
{
|
||||
[BindProperty(SupportsGet = true)]
|
||||
public Guid PostId { get; set; }
|
||||
[BindProperty(SupportsGet = true)] public Guid PostId { get; set; }
|
||||
|
||||
public Post.Post? Post { get; set; }
|
||||
|
||||
@@ -22,20 +21,24 @@ public class PostDetailModel(
|
||||
{
|
||||
if (PostId == Guid.Empty)
|
||||
return NotFound();
|
||||
|
||||
|
||||
HttpContext.Items.TryGetValue("CurrentUser", out var currentUserValue);
|
||||
var currentUser = currentUserValue as Sphere.Account.Account;
|
||||
var userFriends = currentUser is null ? [] : await rels.ListAccountFriends(currentUser);
|
||||
var userPublishers = currentUser is null ? [] : await pub.GetUserPublishers(currentUser.Id);
|
||||
var currentUser = currentUserValue as Account;
|
||||
var accountId = currentUser is null ? Guid.Empty : Guid.Parse(currentUser.Id);
|
||||
var userFriends = currentUser is null
|
||||
? []
|
||||
: (await accounts.ListFriendsAsync(
|
||||
new ListUserRelationshipSimpleRequest { AccountId = currentUser.Id }
|
||||
)).AccountsId.Select(Guid.Parse).ToList();
|
||||
var userPublishers = currentUser is null ? [] : await pub.GetUserPublishers(accountId);
|
||||
|
||||
Post = await db.Posts
|
||||
.Where(e => e.Id == PostId)
|
||||
.Include(e => e.Publisher)
|
||||
.ThenInclude(p => p.Account)
|
||||
.Include(e => e.Tags)
|
||||
.Include(e => e.Categories)
|
||||
.FilterWithVisibility(currentUser, userFriends, userPublishers)
|
||||
.FirstOrDefaultAsync();
|
||||
.Where(e => e.Id == PostId)
|
||||
.Include(e => e.Publisher)
|
||||
.Include(e => e.Tags)
|
||||
.Include(e => e.Categories)
|
||||
.FilterWithVisibility(currentUser, userFriends, userPublishers)
|
||||
.FirstOrDefaultAsync();
|
||||
|
||||
if (Post == null)
|
||||
return NotFound();
|
||||
|
||||
@@ -1,91 +0,0 @@
|
||||
@page "/spells/{spellWord}"
|
||||
@using DysonNetwork.Sphere.Account
|
||||
@model DysonNetwork.Sphere.Pages.Spell.MagicSpellPage
|
||||
|
||||
@{
|
||||
ViewData["Title"] = "Magic Spell";
|
||||
}
|
||||
|
||||
<div class="hero min-h-full bg-base-200">
|
||||
<div class="hero-content text-center">
|
||||
<div class="max-w-md">
|
||||
<h1 class="text-5xl font-bold mb-4">Magic Spell</h1>
|
||||
|
||||
@if (Model.IsSuccess)
|
||||
{
|
||||
<div class="alert alert-success">
|
||||
<svg xmlns="http://www.w3.org/2000/svg" class="stroke-current shrink-0 h-6 w-6" fill="none" viewBox="0 0 24 24"><path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M9 12l2 2 4-4m6 2a9 9 0 11-18 0 9 9 0 0118 0z" /></svg>
|
||||
<span>The spell was applied successfully!</span>
|
||||
<p>Now you can close this page.</p>
|
||||
</div>
|
||||
}
|
||||
else if (Model.CurrentSpell == null)
|
||||
{
|
||||
<div class="alert alert-warning">
|
||||
<svg xmlns="http://www.w3.org/2000/svg" class="stroke-current shrink-0 h-6 w-6" fill="none" viewBox="0 0 24 24"><path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M12 9v2m0 4h.01m-6.938 4h13.856c1.54 0 2.502-1.667 1.732-3L13.732 4c-.77-1.333-2.694-1.333-3.464 0L3.34 16c-.77 1.333.192 3 1.732 3z" /></svg>
|
||||
<span>The spell was expired or does not exist.</span>
|
||||
</div>
|
||||
}
|
||||
else
|
||||
{
|
||||
<div class="card bg-base-100 shadow-xl">
|
||||
<div class="card-body">
|
||||
<h2 class="card-title">
|
||||
@System.Text.RegularExpressions.Regex.Replace(Model.CurrentSpell!.Type.ToString(), "([a-z])([A-Z])", "$1 $2")
|
||||
</h2>
|
||||
<p>for @@ @Model.CurrentSpell.Account?.Name</p>
|
||||
<div class="text-sm opacity-80">
|
||||
@if (Model.CurrentSpell.ExpiresAt.HasValue)
|
||||
{
|
||||
<p>Available until @Model.CurrentSpell.ExpiresAt.Value.ToDateTimeUtc().ToString("g")</p>
|
||||
}
|
||||
@if (Model.CurrentSpell.AffectedAt.HasValue)
|
||||
{
|
||||
<p>Available after @Model.CurrentSpell.AffectedAt.Value.ToDateTimeUtc().ToString("g")</p>
|
||||
}
|
||||
</div>
|
||||
<p class="text-sm opacity-80">Would you like to apply this spell?</p>
|
||||
|
||||
<form method="post" class="mt-4">
|
||||
<input type="hidden" asp-for="CurrentSpell!.Id"/>
|
||||
|
||||
@if (Model.CurrentSpell?.Type == MagicSpellType.AuthPasswordReset)
|
||||
{
|
||||
<div class="form-control w-full max-w-xs">
|
||||
<label class="label" asp-for="NewPassword">
|
||||
<span class="label-text">New Password</span>
|
||||
</label>
|
||||
<input type="password"
|
||||
asp-for="NewPassword"
|
||||
required
|
||||
minlength="8"
|
||||
placeholder="Your new password"
|
||||
class="input input-bordered w-full max-w-xs"/>
|
||||
</div>
|
||||
}
|
||||
|
||||
<div class="card-actions justify-end mt-4">
|
||||
<button type="submit" class="btn btn-primary">Apply</button>
|
||||
</div>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
}
|
||||
|
||||
<div class="mt-8 text-center text-sm">
|
||||
<div class="font-semibold mb-1">Solar Network</div>
|
||||
<div class="text-base-content/70">
|
||||
<a href="https://solsynth.dev" class="link link-hover">
|
||||
Solsynth LLC
|
||||
</a>
|
||||
© @DateTime.Now.Year
|
||||
<br/>
|
||||
Powered by
|
||||
<a href="https://github.com/Solsynth/DysonNetwork" class="link link-hover">
|
||||
DysonNetwork.Sphere
|
||||
</a>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
@@ -1,52 +0,0 @@
|
||||
using DysonNetwork.Sphere.Account;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.AspNetCore.Mvc.RazorPages;
|
||||
using Microsoft.EntityFrameworkCore;
|
||||
using NodaTime;
|
||||
|
||||
namespace DysonNetwork.Sphere.Pages.Spell;
|
||||
|
||||
public class MagicSpellPage(AppDatabase db, MagicSpellService spells) : PageModel
|
||||
{
|
||||
[BindProperty] public MagicSpell? CurrentSpell { get; set; }
|
||||
[BindProperty] public string? NewPassword { get; set; }
|
||||
|
||||
public bool IsSuccess { get; set; }
|
||||
|
||||
public async Task<IActionResult> OnGetAsync(string spellWord)
|
||||
{
|
||||
spellWord = Uri.UnescapeDataString(spellWord);
|
||||
var now = SystemClock.Instance.GetCurrentInstant();
|
||||
CurrentSpell = await db.MagicSpells
|
||||
.Where(e => e.Spell == spellWord)
|
||||
.Where(e => e.ExpiresAt == null || now < e.ExpiresAt)
|
||||
.Where(e => e.AffectedAt == null || now >= e.AffectedAt)
|
||||
.Include(e => e.Account)
|
||||
.FirstOrDefaultAsync();
|
||||
|
||||
return Page();
|
||||
}
|
||||
|
||||
public async Task<IActionResult> OnPostAsync()
|
||||
{
|
||||
if (CurrentSpell?.Id == null)
|
||||
return Page();
|
||||
|
||||
var now = SystemClock.Instance.GetCurrentInstant();
|
||||
var spell = await db.MagicSpells
|
||||
.Where(e => e.Id == CurrentSpell.Id)
|
||||
.Where(e => e.ExpiresAt == null || now < e.ExpiresAt)
|
||||
.Where(e => e.AffectedAt == null || now >= e.AffectedAt)
|
||||
.FirstOrDefaultAsync();
|
||||
|
||||
if (spell == null || spell.Type == MagicSpellType.AuthPasswordReset && string.IsNullOrWhiteSpace(NewPassword))
|
||||
return Page();
|
||||
|
||||
if (spell.Type == MagicSpellType.AuthPasswordReset)
|
||||
await spells.ApplyPasswordReset(spell, NewPassword!);
|
||||
else
|
||||
await spells.ApplyMagicSpell(spell);
|
||||
IsSuccess = true;
|
||||
return Page();
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user