Create minimal app

CSR.WebUI/Pages/Auth.cshtml.cs

@@ -0,0 +1,166 @@
+namespace CSR.WebUI.Pages;
+
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.RazorPages;
+using System.ComponentModel.DataAnnotations;
+using System.Threading.Tasks;
+using CSR.Application.Interfaces;
+using CSR.Domain.Entities;
+using System.Collections.Generic;
+using System.Linq;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authentication.Cookies;
+using System.Security.Claims;
+using System.Runtime.InteropServices;
+
+// If you are using ASP.NET Core Identity for sign-in management, you might need:
+// using Microsoft.AspNetCore.Identity;
+// using System.Security.Claims;
+
+public class AuthModel(IUserService userService) : PageModel
+{
+    private readonly IUserService _userService = userService;
+
+    [BindProperty]
+    public LoginModel LoginInput { get; set; } = new();
+
+    [BindProperty]
+    public RegisterModel RegisterInput { get; set; } = new();
+
+    public List<string> LoginErrorMessages { get; set; } = [];
+    public List<string> RegisterErrorMessages { get; set; } = [];
+
+    public class LoginModel
+    {
+        [Required(ErrorMessage = "Username is required.")]
+        [Display(Name = "Username")]
+        public string Username { get; set; } = string.Empty;
+
+        [Required]
+        [DataType(DataType.Password)]
+        [Display(Name = "Password")]
+        public string Password { get; set; } = string.Empty;
+    }
+
+    public class RegisterModel
+    {
+        [Required(ErrorMessage = "Username is required.")]
+        [Display(Name = "Username")]
+        [StringLength(32, ErrorMessage = "Username cannot be longer than 32 characters.")]
+        [RegularExpression(@"^[a-zA-Z0-9_]+$", ErrorMessage = "Username can only contain letters, numbers and underscore.")]
+        [DataType(DataType.Text)]
+        public string Username { get; set; } = string.Empty;
+
+        [Required(ErrorMessage = "Email is required for registration.")]
+        [EmailAddress]
+        [Display(Name = "Email")]
+        public string Email { get; set; } = string.Empty;
+
+        [Required]
+        [DataType(DataType.Password)]
+        [Display(Name = "Password")]
+        public string Password { get; set; } = string.Empty;
+    }
+
+    public void OnGet()
+    {
+    }
+
+    public async Task<IActionResult> OnPostRegisterAsync()
+    {
+        if (!ModelState.IsValid)
+        {
+            RegisterErrorMessages.Add("Please correct the form errors.");
+            return Page();
+        }
+
+        // Email is required for registration
+        if (string.IsNullOrWhiteSpace(RegisterInput.Email))
+        {
+            RegisterErrorMessages.Add("Email is required for registration.");
+            return Page();
+        }
+
+
+        var result = await _userService.RegisterNewUser(RegisterInput.Username, RegisterInput.Email, RegisterInput.Password);
+
+        if (result.User != null)
+        {
+            // Registration successful
+            await _userService.Login(RegisterInput.Username, RegisterInput.Password);
+
+            await SendCookies(result.User.Username, result.User.Role.Name);
+
+            return RedirectToPageBasedOnRole(result.User);
+        }
+        else
+        {
+            if (result.Errors != null)
+            {
+                RegisterErrorMessages.AddRange(result.Errors);
+            }
+            else
+            {
+                RegisterErrorMessages.Add("An unknown error occurred during registration.");
+            }
+            return Page();
+        }
+    }
+
+    public async Task<IActionResult> OnPostLoginAsync()
+    {
+        if (string.IsNullOrWhiteSpace(LoginInput.Username) || string.IsNullOrWhiteSpace(LoginInput.Password))
+        {
+            LoginErrorMessages.Add("Username and Password are required.");
+            return Page();
+        }
+        
+        var (user, error) = await _userService.Login(LoginInput.Username, LoginInput.Password);
+        
+        if (user == null)
+        {
+            LoginErrorMessages.Add(error ?? "Login failed.");
+            return Page();
+        }
+        
+        await SendCookies(user.Username, user.Role.Name);
+
+        return RedirectToPageBasedOnRole(user);
+    }
+    
+    private async Task SendCookies(string username, string role)
+    {
+        var claims = new List<Claim>
+        {
+            new(ClaimTypes.Name, username),
+            new(ClaimTypes.Role, role)
+        };
+
+        var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
+        var claimsPrincipal = new ClaimsPrincipal(claimsIdentity);
+
+        var authProperties = new AuthenticationProperties
+        {
+            IsPersistent = true,
+            ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(5)
+        };
+
+        await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, claimsPrincipal, authProperties);
+    }
+
+    private RedirectToPageResult RedirectToPageBasedOnRole(User user)
+    {
+        if (user == null || string.IsNullOrWhiteSpace(user.Role.Name))
+        {
+            // Default redirect if role is not defined or user is null
+            return RedirectToPage("/Index");
+        }
+
+        return user.Role.Name switch
+        {
+            "Admin" => RedirectToPage("/Admin"),
+            "User" => RedirectToPage("/User"),
+            _ => RedirectToPage("/Index"),
+        };
+    }
+}