WorkTracker/Services/Auth/MongoAuthService.cs

using Microsoft.AspNetCore.Identity;
using Microsoft.Extensions.Options;
using MongoDB.Driver;
using WorkTracker.Configuration;

namespace WorkTracker.Services.Auth;

public sealed class MongoAuthService : IMongoAuthService
{
    private const string UsersCollectionName = "users";

    private readonly IMongoCollection<MongoAuthUser> users;
    private readonly PasswordHasher<MongoAuthUser> passwordHasher = new();
    private readonly IOptions<SingleUserOptions> options;
    private readonly ILogger<MongoAuthService> logger;

    public MongoAuthService(
        IMongoDatabase database,
        IOptions<SingleUserOptions> options,
        ILogger<MongoAuthService> logger)
    {
        users = database.GetCollection<MongoAuthUser>(UsersCollectionName);
        this.options = options;
        this.logger = logger;
    }

    public async Task EnsureSeedUserAsync(CancellationToken cancellationToken)
    {
        var email = options.Value.Email.Trim();
        var normalizedEmail = NormalizeEmail(email);

        var existingUser = await users
            .Find(x => x.EmailNormalized == normalizedEmail)
            .FirstOrDefaultAsync(cancellationToken);

        if (existingUser is not null)
        {
            return;
        }

        var user = new MongoAuthUser
        {
            Email = email,
            EmailNormalized = normalizedEmail,
            PasswordHash = string.Empty
        };

        var passwordHash = passwordHasher.HashPassword(user, options.Value.Password);
        var userToCreate = new MongoAuthUser
        {
            Email = email,
            EmailNormalized = normalizedEmail,
            PasswordHash = passwordHash
        };

        await users.InsertOneAsync(userToCreate, cancellationToken: cancellationToken);
        logger.LogInformation("Seeded single user account {Email} in MongoDB", email);
    }

    public async Task<MongoAuthUser?> ValidateCredentialsAsync(string email, string password, CancellationToken cancellationToken)
    {
        var normalizedEmail = NormalizeEmail(email);
        var user = await users
            .Find(x => x.EmailNormalized == normalizedEmail)
            .FirstOrDefaultAsync(cancellationToken);

        if (user is null)
        {
            return null;
        }

        var result = passwordHasher.VerifyHashedPassword(user, user.PasswordHash, password);
        return result == PasswordVerificationResult.Failed ? null : user;
    }

    private static string NormalizeEmail(string email) => email.Trim().ToUpperInvariant();
}
Refactor authentication system to use MongoDB - Removed Entity Framework Core identity schema and related migrations. - Introduced MongoDB-based authentication service with user seeding functionality. - Updated Program.cs to configure authentication and authorization using cookies. - Created new Login.razor component for user login interface. - Added RedirectToLogin component for handling unauthorized access. - Updated Dockerfile and docker-compose files for development and production environments. - Removed SQLite connection strings and related configurations. - Added MongoDB connection settings in appsettings.json and Docker configurations. - Implemented IMongoAuthService interface and MongoAuthService class for user management. - Created MongoAuthUser model for MongoDB user representation. 2026-03-16 21:54:44 +01:00			`using Microsoft.AspNetCore.Identity;`
			`using Microsoft.Extensions.Options;`
			`using MongoDB.Driver;`
			`using WorkTracker.Configuration;`

			`namespace WorkTracker.Services.Auth;`

			`public sealed class MongoAuthService : IMongoAuthService`
			`{`
			`private const string UsersCollectionName = "users";`

			`private readonly IMongoCollection<MongoAuthUser> users;`
			`private readonly PasswordHasher<MongoAuthUser> passwordHasher = new();`
			`private readonly IOptions<SingleUserOptions> options;`
			`private readonly ILogger<MongoAuthService> logger;`

			`public MongoAuthService(`
			`IMongoDatabase database,`
			`IOptions<SingleUserOptions> options,`
			`ILogger<MongoAuthService> logger)`
			`{`
			`users = database.GetCollection<MongoAuthUser>(UsersCollectionName);`
			`this.options = options;`
			`this.logger = logger;`
			`}`

			`public async Task EnsureSeedUserAsync(CancellationToken cancellationToken)`
			`{`
			`var email = options.Value.Email.Trim();`
			`var normalizedEmail = NormalizeEmail(email);`

			`var existingUser = await users`
			`.Find(x => x.EmailNormalized == normalizedEmail)`
			`.FirstOrDefaultAsync(cancellationToken);`

			`if (existingUser is not null)`
			`{`
			`return;`
			`}`

			`var user = new MongoAuthUser`
			`{`
			`Email = email,`
			`EmailNormalized = normalizedEmail,`
			`PasswordHash = string.Empty`
			`};`

			`var passwordHash = passwordHasher.HashPassword(user, options.Value.Password);`
			`var userToCreate = new MongoAuthUser`
			`{`
			`Email = email,`
			`EmailNormalized = normalizedEmail,`
			`PasswordHash = passwordHash`
			`};`

			`await users.InsertOneAsync(userToCreate, cancellationToken: cancellationToken);`
			`logger.LogInformation("Seeded single user account {Email} in MongoDB", email);`
			`}`

			`public async Task<MongoAuthUser?> ValidateCredentialsAsync(string email, string password, CancellationToken cancellationToken)`
			`{`
			`var normalizedEmail = NormalizeEmail(email);`
			`var user = await users`
			`.Find(x => x.EmailNormalized == normalizedEmail)`
			`.FirstOrDefaultAsync(cancellationToken);`

			`if (user is null)`
			`{`
			`return null;`
			`}`

			`var result = passwordHasher.VerifyHashedPassword(user, user.PasswordHash, password);`
			`return result == PasswordVerificationResult.Failed ? null : user;`
			`}`

			`private static string NormalizeEmail(string email) => email.Trim().ToUpperInvariant();`
			`}`