Refactor authentication system to use MongoDB
Some checks failed
Publish Container / publish (push) Has been cancelled
Some checks failed
Publish Container / publish (push) Has been cancelled
- Removed Entity Framework Core identity schema and related migrations. - Introduced MongoDB-based authentication service with user seeding functionality. - Updated Program.cs to configure authentication and authorization using cookies. - Created new Login.razor component for user login interface. - Added RedirectToLogin component for handling unauthorized access. - Updated Dockerfile and docker-compose files for development and production environments. - Removed SQLite connection strings and related configurations. - Added MongoDB connection settings in appsettings.json and Docker configurations. - Implemented IMongoAuthService interface and MongoAuthService class for user management. - Created MongoAuthUser model for MongoDB user representation.
This commit is contained in:
parent
7a919491d2
commit
7029e374cc
64 changed files with 338 additions and 3556 deletions
10
Services/Auth/IMongoAuthService.cs
Normal file
10
Services/Auth/IMongoAuthService.cs
Normal file
|
|
@ -0,0 +1,10 @@
|
|||
using System.Threading;
|
||||
|
||||
namespace WorkTracker.Services.Auth;
|
||||
|
||||
public interface IMongoAuthService
|
||||
{
|
||||
Task EnsureSeedUserAsync(CancellationToken cancellationToken);
|
||||
|
||||
Task<MongoAuthUser?> ValidateCredentialsAsync(string email, string password, CancellationToken cancellationToken);
|
||||
}
|
||||
77
Services/Auth/MongoAuthService.cs
Normal file
77
Services/Auth/MongoAuthService.cs
Normal file
|
|
@ -0,0 +1,77 @@
|
|||
using Microsoft.AspNetCore.Identity;
|
||||
using Microsoft.Extensions.Options;
|
||||
using MongoDB.Driver;
|
||||
using WorkTracker.Configuration;
|
||||
|
||||
namespace WorkTracker.Services.Auth;
|
||||
|
||||
public sealed class MongoAuthService : IMongoAuthService
|
||||
{
|
||||
private const string UsersCollectionName = "users";
|
||||
|
||||
private readonly IMongoCollection<MongoAuthUser> users;
|
||||
private readonly PasswordHasher<MongoAuthUser> passwordHasher = new();
|
||||
private readonly IOptions<SingleUserOptions> options;
|
||||
private readonly ILogger<MongoAuthService> logger;
|
||||
|
||||
public MongoAuthService(
|
||||
IMongoDatabase database,
|
||||
IOptions<SingleUserOptions> options,
|
||||
ILogger<MongoAuthService> logger)
|
||||
{
|
||||
users = database.GetCollection<MongoAuthUser>(UsersCollectionName);
|
||||
this.options = options;
|
||||
this.logger = logger;
|
||||
}
|
||||
|
||||
public async Task EnsureSeedUserAsync(CancellationToken cancellationToken)
|
||||
{
|
||||
var email = options.Value.Email.Trim();
|
||||
var normalizedEmail = NormalizeEmail(email);
|
||||
|
||||
var existingUser = await users
|
||||
.Find(x => x.EmailNormalized == normalizedEmail)
|
||||
.FirstOrDefaultAsync(cancellationToken);
|
||||
|
||||
if (existingUser is not null)
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
var user = new MongoAuthUser
|
||||
{
|
||||
Email = email,
|
||||
EmailNormalized = normalizedEmail,
|
||||
PasswordHash = string.Empty
|
||||
};
|
||||
|
||||
var passwordHash = passwordHasher.HashPassword(user, options.Value.Password);
|
||||
var userToCreate = new MongoAuthUser
|
||||
{
|
||||
Email = email,
|
||||
EmailNormalized = normalizedEmail,
|
||||
PasswordHash = passwordHash
|
||||
};
|
||||
|
||||
await users.InsertOneAsync(userToCreate, cancellationToken: cancellationToken);
|
||||
logger.LogInformation("Seeded single user account {Email} in MongoDB", email);
|
||||
}
|
||||
|
||||
public async Task<MongoAuthUser?> ValidateCredentialsAsync(string email, string password, CancellationToken cancellationToken)
|
||||
{
|
||||
var normalizedEmail = NormalizeEmail(email);
|
||||
var user = await users
|
||||
.Find(x => x.EmailNormalized == normalizedEmail)
|
||||
.FirstOrDefaultAsync(cancellationToken);
|
||||
|
||||
if (user is null)
|
||||
{
|
||||
return null;
|
||||
}
|
||||
|
||||
var result = passwordHasher.VerifyHashedPassword(user, user.PasswordHash, password);
|
||||
return result == PasswordVerificationResult.Failed ? null : user;
|
||||
}
|
||||
|
||||
private static string NormalizeEmail(string email) => email.Trim().ToUpperInvariant();
|
||||
}
|
||||
20
Services/Auth/MongoAuthUser.cs
Normal file
20
Services/Auth/MongoAuthUser.cs
Normal file
|
|
@ -0,0 +1,20 @@
|
|||
using MongoDB.Bson;
|
||||
using MongoDB.Bson.Serialization.Attributes;
|
||||
|
||||
namespace WorkTracker.Services.Auth;
|
||||
|
||||
public sealed class MongoAuthUser
|
||||
{
|
||||
[BsonId]
|
||||
[BsonRepresentation(BsonType.ObjectId)]
|
||||
public string Id { get; init; } = string.Empty;
|
||||
|
||||
[BsonElement("email")]
|
||||
public string Email { get; init; } = string.Empty;
|
||||
|
||||
[BsonElement("emailNormalized")]
|
||||
public string EmailNormalized { get; init; } = string.Empty;
|
||||
|
||||
[BsonElement("passwordHash")]
|
||||
public string PasswordHash { get; init; } = string.Empty;
|
||||
}
|
||||
|
|
@ -1,22 +1,20 @@
|
|||
using Microsoft.AspNetCore.Identity;
|
||||
using Microsoft.Extensions.Options;
|
||||
using WorkTracker.Configuration;
|
||||
using WorkTracker.Data;
|
||||
|
||||
namespace WorkTracker.Services.Auth;
|
||||
|
||||
public sealed class SingleUserSeedService : IHostedService
|
||||
{
|
||||
private readonly IServiceProvider serviceProvider;
|
||||
private readonly IMongoAuthService authService;
|
||||
private readonly IOptions<SingleUserOptions> options;
|
||||
private readonly ILogger<SingleUserSeedService> logger;
|
||||
|
||||
public SingleUserSeedService(
|
||||
IServiceProvider serviceProvider,
|
||||
IMongoAuthService authService,
|
||||
IOptions<SingleUserOptions> options,
|
||||
ILogger<SingleUserSeedService> logger)
|
||||
{
|
||||
this.serviceProvider = serviceProvider;
|
||||
this.authService = authService;
|
||||
this.options = options;
|
||||
this.logger = logger;
|
||||
}
|
||||
|
|
@ -28,33 +26,14 @@ public sealed class SingleUserSeedService : IHostedService
|
|||
return;
|
||||
}
|
||||
|
||||
using var scope = serviceProvider.CreateScope();
|
||||
var userManager = scope.ServiceProvider.GetRequiredService<UserManager<ApplicationUser>>();
|
||||
|
||||
var configuredEmail = options.Value.Email;
|
||||
var existingUser = await userManager.FindByEmailAsync(configuredEmail);
|
||||
|
||||
if (existingUser is not null)
|
||||
try
|
||||
{
|
||||
return;
|
||||
await authService.EnsureSeedUserAsync(cancellationToken);
|
||||
}
|
||||
|
||||
var user = new ApplicationUser
|
||||
catch (Exception ex)
|
||||
{
|
||||
UserName = configuredEmail,
|
||||
Email = configuredEmail,
|
||||
EmailConfirmed = true
|
||||
};
|
||||
|
||||
var result = await userManager.CreateAsync(user, options.Value.Password);
|
||||
if (!result.Succeeded)
|
||||
{
|
||||
var errors = string.Join("; ", result.Errors.Select(x => x.Description));
|
||||
logger.LogError("Unable to seed single user account {Email}. Errors: {Errors}", configuredEmail, errors);
|
||||
return;
|
||||
logger.LogError(ex, "Unable to seed MongoDB single user account {Email}", options.Value.Email);
|
||||
}
|
||||
|
||||
logger.LogInformation("Seeded single user account {Email}", configuredEmail);
|
||||
}
|
||||
|
||||
public Task StopAsync(CancellationToken cancellationToken) => Task.CompletedTask;
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue