NOTE: temp commit, started rolling back changes to auth system

Signed-off-by: limited_dev <loginakkisativ@gmail.com>
This commit is contained in:
limited_dev 2023-06-12 20:46:44 +02:00
parent e2ce6cbf37
commit ce201207d4
13 changed files with 97 additions and 63 deletions

View file

@ -27,15 +27,15 @@ public class CustomAuthenticationStateProvider : AuthenticationStateProvider
var claimsPrincipal = new ClaimsPrincipal(new ClaimsIdentity(new List<Claim> var claimsPrincipal = new ClaimsPrincipal(new ClaimsIdentity(new List<Claim>
{ {
//new Claim(ClaimTypes.Email, userSession.Email), //new Claim(ClaimTypes.Email, userSession.Email),
new Claim(ClaimTypes.Name, userSession.UserID.ToString()), new Claim(ClaimTypes.Name, userSession.Email),
new Claim(ClaimTypes.Role, userSession.Role) new Claim(ClaimTypes.Role, userSession.Role)
}, "CustomAuth")); }, "CustomAuth"));
return new AuthenticationState(claimsPrincipal); return await Task.FromResult(new AuthenticationState(claimsPrincipal));
} }
catch catch
{ {
Console.WriteLine("Returned Anon Auth due to err"); Console.WriteLine("Resorting to Anon");
return new AuthenticationState(_anonymous); return await Task.FromResult(new AuthenticationState(_anonymous));
} }
} }
@ -48,8 +48,8 @@ public class CustomAuthenticationStateProvider : AuthenticationStateProvider
await _sessionStorage.SetAsync("UserSession", session); await _sessionStorage.SetAsync("UserSession", session);
claimsPrincipal = new ClaimsPrincipal(new ClaimsIdentity(new List<Claim> claimsPrincipal = new ClaimsPrincipal(new ClaimsIdentity(new List<Claim>
{ {
new Claim(ClaimTypes.Email, session.UserID.ToString()), new Claim(ClaimTypes.Name, session.Email),
new Claim(ClaimTypes.Email, session.Role) new Claim(ClaimTypes.Role, session.Role)
})); }));
} }
else else

View file

@ -9,11 +9,11 @@
<div class="login"> <div class="login">
<form> <form>
<RadzenFormField Text="New Password" Variant="Variant.Outlined"> <RadzenFormField Text="New Password" Variant="Variant.Outlined">
<RadzenPassword @bind-Value="@Password" /> <RadzenPassword @bind-Value="@Password"/>
</RadzenFormField> </RadzenFormField>
<br/> <br/>
<br/> <br/>
<RadzenButton Click=@reset Text="reset" ButtonStyle="ButtonStyle.Secondary" /> <RadzenButton Click=@reset Text="reset" ButtonStyle="ButtonStyle.Secondary" ButtonType="ButtonType.Submit"/>
<br/> <br/>
</form> </form>
@if (msg != null) @if (msg != null)
@ -25,13 +25,13 @@
@code { @code {
private string Password { get; set; } private string Password { get; set; }
private string msg { get; set; } private string msg { get; set; }
[Parameter] [Parameter]
[Required] [Required]
public string userid { get; set; } public string userid { get; set; }
[Parameter] [Parameter]
[Required] [Required]
public string hash { get; set; } public string hash { get; set; }
@ -55,7 +55,7 @@
msg = "The token does not match the account."; msg = "The token does not match the account.";
return; return;
} }
if (user.ResetPasswordExpiresAt == -1 || user.ResetPasswordToken == "-1") if (user.ResetPasswordExpiresAt < 0 || user.ResetPasswordToken == "-1")
{ {
msg = "There is currently no valid link to reset this accounts password."; msg = "There is currently no valid link to reset this accounts password.";
return; return;
@ -73,6 +73,6 @@
await UsersRepository.updateUserAsync(user); await UsersRepository.updateUserAsync(user);
msg = "Your Password has been updated."; msg = "Your Password has been updated.";
} }
} }

View file

@ -10,15 +10,15 @@
<div class="login"> <div class="login">
<form> <form>
<RadzenFormField Text="Email" Variant="Variant.Outlined"> <RadzenFormField Text="Email" Variant="Variant.Outlined">
<RadzenTextBox @bind-Value="@Email" /> <RadzenTextBox @bind-Value="@Email"/>
</RadzenFormField> </RadzenFormField>
<br/> <br/>
<RadzenFormField Text="Password" Variant="Variant.Outlined"> <RadzenFormField Text="Password" Variant="Variant.Outlined">
<RadzenPassword @bind-Value="@Password" /> <RadzenPassword @bind-Value="@Password"/>
</RadzenFormField> </RadzenFormField>
<br/> <br/>
<br/> <br/>
<RadzenButton Click=@login Text="login" ButtonStyle="ButtonStyle.Secondary" /> <RadzenButton Click=@login Text="login" ButtonStyle="ButtonStyle.Secondary" ButtonType="ButtonType.Submit"/>
<br/> <br/>
</form> </form>
</div> </div>
@ -28,13 +28,12 @@
private Variant vari = Variant.Outlined; private Variant vari = Variant.Outlined;
private bool verified; private bool verified;
public string Email { get; set; } public string Email { get; set; }
public string Password { get; set; } public string Password { get; set; }
private async Task login() private async Task login()
{ {
Console.WriteLine("loggin you in...");
var user = await UsersRepository.getUserByEmailRawAsync(Email); var user = await UsersRepository.getUserByEmailRawAsync(Email);
if (user == null) if (user == null)
{ {
@ -42,10 +41,10 @@
verified = false; verified = false;
return; return;
} }
Console.WriteLine("loggin you in...");
verified = BCrypt.Net.BCrypt.Verify(Password, user.Password); verified = BCrypt.Net.BCrypt.Verify(Password, user.Password);
if (verified) if (verified)
{ {
verified = true;
var customAuthStateProvider = (CustomAuthenticationStateProvider)authStateProvider; var customAuthStateProvider = (CustomAuthenticationStateProvider)authStateProvider;
await customAuthStateProvider.UpdateAuthenticationStateAsync(user); await customAuthStateProvider.UpdateAuthenticationStateAsync(user);
navManager.NavigateTo("/", true); navManager.NavigateTo("/", true);
@ -53,4 +52,5 @@
} }
await js.InvokeVoidAsync("alert", $"Wrong Password"); await js.InvokeVoidAsync("alert", $"Wrong Password");
} }
} }

View file

@ -11,18 +11,18 @@
<div class="login"> <div class="login">
<form> <form>
<RadzenFormField Text="Email" Variant="Variant.Outlined"> <RadzenFormField Text="Email" Variant="Variant.Outlined">
<RadzenTextBox @bind-Value="@Email" /> <RadzenTextBox @bind-Value="@Email"/>
</RadzenFormField> </RadzenFormField>
<br/> <br/>
<RadzenFormField Text="Password" Variant="Variant.Outlined"> <RadzenFormField Text="Password" Variant="Variant.Outlined">
<RadzenPassword @bind-Value="@Password" /> <RadzenPassword @bind-Value="@Password"/>
</RadzenFormField> </RadzenFormField>
<br/> <br/>
<RadzenCheckBox @bind-Value=@is18 Name="is_18" /> <RadzenCheckBox @bind-Value=@is18 Name="is_18"/>
<RadzenLabel Text="I am atleast 18 Years old." Component="is_18" /> <RadzenLabel Text="I am atleast 18 Years old." Component="is_18"/>
<br/> <br/>
<br/> <br/>
<RadzenButton Click=@login Text="register" ButtonStyle="ButtonStyle.Secondary" /> <RadzenButton Click=@login Text="register" ButtonStyle="ButtonStyle.Secondary" ButtonType="ButtonType.Submit"/>
</form> </form>
<br/> <br/>
<br/> <br/>
@ -38,7 +38,7 @@
private string Email { get; set; } private string Email { get; set; }
private string Password { get; set; } private string Password { get; set; }
private bool is18 { get; set; } private bool is18 { get; set; }
private string msg { get; set; } private string msg { get; set; }
private bool verified; private bool verified;
@ -70,7 +70,7 @@
LastUsedName = "Anonymous", LastUsedName = "Anonymous",
BanReason = "Not banned", BanReason = "Not banned",
ConfirmedEmail = false, ConfirmedEmail = false,
ResetPasswordExpiresAt = DateTimeOffset.Now.ToUnixTimeMilliseconds() + 300000, ResetPasswordExpiresAt = -1,
ConfirmEmailToken = TheManager.getmd5Hash(), ConfirmEmailToken = TheManager.getmd5Hash(),
ResetPasswordToken = "-1" ResetPasswordToken = "-1"
}; };
@ -79,22 +79,20 @@
msg = "This Email is already registered."; msg = "This Email is already registered.";
return; return;
} }
await UsersRepository.createUserAsync(userToCreate); await UsersRepository.createUserAsync(userToCreate);
Postman.sendMail(Email, "Confirm Email", ""); Postman.sendMail(Email, "Confirm Email", "");
var user = await UsersRepository.getUserByEmailRawAsync(Email); var user = await UsersRepository.getUserByEmailRawAsync(Email);
if (user == null) if (user == null)
{ {
await js.InvokeVoidAsync("alert", "User does not exist"); await js.InvokeVoidAsync("alert", "User does not exist");
verified = false;
return; return;
} }
verified = BCrypt.Net.BCrypt.Verify(Password, user.Password); verified = BCrypt.Net.BCrypt.Verify(Password, user.Password);
if (verified) if (verified)
{ {
verified = true;
var customAuthStateProvider = (CustomAuthenticationStateProvider)authStateProvider; var customAuthStateProvider = (CustomAuthenticationStateProvider)authStateProvider;
await customAuthStateProvider.UpdateAuthenticationStateAsync(user); await customAuthStateProvider.UpdateAuthenticationStateAsync(user);
navManager.NavigateTo("/", true); navManager.NavigateTo("/", true);
@ -102,4 +100,5 @@
} }
await js.InvokeVoidAsync("alert", $"Wrong Password"); await js.InvokeVoidAsync("alert", $"Wrong Password");
} }
} }

View file

@ -6,11 +6,11 @@
<div class="login"> <div class="login">
<form> <form>
<RadzenFormField Text="Email" Variant="Variant.Outlined"> <RadzenFormField Text="Email" Variant="Variant.Outlined">
<RadzenTextBox @bind-Value="@Email" /> <RadzenTextBox @bind-Value="@Email"/>
</RadzenFormField> </RadzenFormField>
<br/> <br/>
<br/> <br/>
<RadzenButton Click=@resetPassword Text="Send reset Email" ButtonStyle="ButtonStyle.Secondary" /> <RadzenButton Click=@resetPassword Text="Send reset email" ButtonStyle="ButtonStyle.Secondary" ButtonType="ButtonType.Submit"/>
<br/> <br/>
</form> </form>
@if (msg != null) @if (msg != null)
@ -37,7 +37,7 @@
Console.WriteLine("Resetting a password..."); Console.WriteLine("Resetting a password...");
msg = "Generating"; msg = "Generating";
var hash = TheManager.getmd5Hash(); var hash = TheManager.getmd5Hash();
user.ResetPasswordToken = hash; user.ResetPasswordToken = hash;
user.ResetPasswordExpiresAt = DateTimeOffset.Now.ToUnixTimeMilliseconds() + 300000; user.ResetPasswordExpiresAt = DateTimeOffset.Now.ToUnixTimeMilliseconds() + 300000;
@ -45,11 +45,12 @@
await UsersRepository.updateUserAsync(user); await UsersRepository.updateUserAsync(user);
msg = "Sending..."; msg = "Sending...";
Postman.sendMail(user.Email, Postman.sendMail(user.Email,
"Password Reset", "Password Reset",
"Reset your Password using this link:\n" + "Reset your Password using this link:\n" +
$"https://bulletboards.xyz/sys/click/resetpw/{user.UserID}/{hash}"); $"https://bulletboards.xyz/sys/click/resetpw/{user.UserID}/{hash}");
msg = "A reset email has been sent to the selected email, if that email is registered here. The link expires in 5 Minutes"; msg = "A reset email has been sent to the selected email, if that email is registered here. The link expires in 5 Minutes";
} }
} }

View file

@ -8,15 +8,36 @@
<AuthorizeView> <AuthorizeView>
<Authorized> <Authorized>
<h3>YOU</h3> <h3>YOUR ACCOUNT</h3>
<br/> <br/>
<span>Email: @mail</span> <span>UserId: @userid</span>
<br/> <br/>
@if (u != null)
{
<span>Current email: @u.Email</span>
<br/>
}
<span>Email: </span> <span>Email: </span>
<input type="email" id="email" @bind="newMail"/> <form>
<a @onclick="changeEmail" href="javascript:void(0)">[Change Email]</a> <RadzenFormField Text="Enter new email address" Variant="Variant.Outlined">
<RadzenTextBox @bind-Value="@newMail"/>
</RadzenFormField>
<br/>
<br/>
<RadzenButton Click=@changeEmail Text="Set Email" ButtonStyle="ButtonStyle.Secondary" ButtonType="ButtonType.Submit"/>
<br/>
</form>
@if (msg != null)
{
<div>
<span class="msg">@msg</span>
</div>
}
<br/>
<br/>
<br/>
<a href="/sys/resetpw">[Click here to change your password]</a>
<br/> <br/>
<a href="/sys/resetpw">[Change Password]</a>
<br/> <br/>
<a href="/sys/logout">[Logout]</a> <a href="/sys/logout">[Logout]</a>
</Authorized> </Authorized>
@ -28,8 +49,12 @@
@code { @code {
private string mail { get; set; } = ""; private string userid { get; set; } = "";
private string newMail { get; set; } private string newMail { get; set; }
private string msg { get; set; }
private UserData u { get; set; }
private string isMailConfirmedMsg { get; set; }
protected override async Task OnInitializedAsync() protected override async Task OnInitializedAsync()
{ {
@ -37,7 +62,7 @@
var user = await cauthStateProvder.GetAuthenticationStateAsync(); var user = await cauthStateProvder.GetAuthenticationStateAsync();
if (user.User.Identity.IsAuthenticated) if (user.User.Identity.IsAuthenticated)
{ {
mail = user.User.Identity.Name; userid = user.User.Identity.Name;
} }
} }
@ -46,18 +71,31 @@
var cauthStateProvder = (CustomAuthenticationStateProvider)authStateProvider; var cauthStateProvder = (CustomAuthenticationStateProvider)authStateProvider;
var user = await cauthStateProvder.GetAuthenticationStateAsync(); var user = await cauthStateProvder.GetAuthenticationStateAsync();
var usr = user.User; var usr = user.User;
UserData foundusr = await UsersRepository.getUserByIdAsync(int.Parse(usr.Identity.Name)); UserData foundusr = await UsersRepository.getUserByEmailRawAsync(usr.Identity.Name);
if (foundusr == null) if (foundusr == null)
{ {
msg = "Could not find user.";
return; return;
} }
if (newMail == null || newMail == "" || !newMail.Contains("@")) if (newMail == null || newMail == "" || !newMail.Contains("@") || !newMail.Contains("."))
{ {
msg = "The new email is not valid.";
return; return;
} }
foundusr.Email = newMail; foundusr.Email = newMail;
foundusr.lastActionTimeStamp = DateTimeOffset.Now.ToUnixTimeMilliseconds(); foundusr.lastActionTimeStamp = DateTimeOffset.Now.ToUnixTimeMilliseconds();
foundusr.ConfirmedEmail = false;
await UsersRepository.updateUserAsync(foundusr); await UsersRepository.updateUserAsync(foundusr);
} }
protected override async Task OnAfterRenderAsync(bool firstRender)
{
var cauthStateProvder = (CustomAuthenticationStateProvider)authStateProvider;
var user = await cauthStateProvder.GetAuthenticationStateAsync();
var usr = user.User;
u = await UsersRepository.getUserByEmailRawAsync(usr.Identity.Name);
isMailConfirmedMsg = u.ConfirmedEmail ? "Email is confirmed" : "Email is NOT confirmed";
await base.OnAfterRenderAsync(firstRender);
}
} }

View file

@ -23,7 +23,7 @@
<br/> <br/>
<span>Explain further (optional)</span> <span>Explain further (optional)</span>
<div class="pd centered marg"> <div class="pd centered marg">
<RadzenTextArea Placeholder="Specify..." @bind-Value="@explaination" Cols="30" Rows="6" Class="w-100"/> <RadzenTextArea Placeholder="Specify..." @bind-Value="@explaination" Cols="30" Rows="6" Class="w-100"/>
</div> </div>
<RadzenButton class="pd" Click="@onReportClick" Text="Report"></RadzenButton> <RadzenButton class="pd" Click="@onReportClick" Text="Report"></RadzenButton>
</Authorized> </Authorized>
@ -41,11 +41,11 @@
[Parameter] [Parameter]
[Required] [Required]
public string type { get; set; } public string type { get; set; }
[Parameter] [Parameter]
[Required] [Required]
public string board { get; set; } public string board { get; set; }
[Parameter] [Parameter]
[Required] [Required]
public string id { get; set; } public string id { get; set; }
@ -58,12 +58,12 @@
var cauthStateProvder = (CustomAuthenticationStateProvider)authStateProvider; var cauthStateProvder = (CustomAuthenticationStateProvider)authStateProvider;
var user = await cauthStateProvder.GetAuthenticationStateAsync(); var user = await cauthStateProvder.GetAuthenticationStateAsync();
var usr = user.User; var usr = user.User;
UserData foundusr = await UsersRepository.getUserByIdAsync(int.Parse(usr.Identity.Name)); UserData foundusr = await UsersRepository.getUserByEmailRawAsync(usr.Identity.Name);
if (foundusr == null) if (foundusr == null)
{ {
return; return;
} }
if (foundusr.TimeBanned != -1) if (foundusr.TimeBanned != -1)
{ {
return; return;
@ -94,7 +94,7 @@
}; };
List<ReportData> submittedReports = foundusr.RecivedReports; List<ReportData> submittedReports = foundusr.RecivedReports;
foreach(var r in submittedReports) foreach (var r in submittedReports)
{ {
if (r.ReportedPostID == reportData.ReportedPostID && r.ReportedCommentID == reportData.ReportedCommentID) if (r.ReportedPostID == reportData.ReportedPostID && r.ReportedCommentID == reportData.ReportedCommentID)
return; return;
@ -103,4 +103,5 @@
await ReportsRepository.createReportAsync(reportData); await ReportsRepository.createReportAsync(reportData);
js.InvokeVoidAsync("window.close"); js.InvokeVoidAsync("window.close");
} }
} }

View file

@ -31,9 +31,4 @@
} }
} }
protected override async Task OnAfterRenderAsync(bool firstRender)
{
await base.OnAfterRenderAsync(firstRender);
}
} }

View file

@ -121,7 +121,7 @@
var cauthStateProvder = (CustomAuthenticationStateProvider)authStateProvider; var cauthStateProvder = (CustomAuthenticationStateProvider)authStateProvider;
var user = await cauthStateProvder.GetAuthenticationStateAsync(); var user = await cauthStateProvder.GetAuthenticationStateAsync();
var usr = user.User; var usr = user.User;
UserData foundusr = await UsersRepository.getUserByIdAsync(int.Parse(usr.Identity.Name)); UserData foundusr = await UsersRepository.getUserByEmailRawAsync(usr.Identity.Name);
if (foundusr.Role != "User" || comment.UserID == foundusr.UserID) if (foundusr.Role != "User" || comment.UserID == foundusr.UserID)
{ {
await TheManager.deleteComment(comment); await TheManager.deleteComment(comment);
@ -186,7 +186,7 @@
var cauthStateProvder = (CustomAuthenticationStateProvider)authStateProvider; var cauthStateProvder = (CustomAuthenticationStateProvider)authStateProvider;
var user = await cauthStateProvder.GetAuthenticationStateAsync(); var user = await cauthStateProvder.GetAuthenticationStateAsync();
var usr = user.User; var usr = user.User;
UserData foundusr = await UsersRepository.getUserByIdAsync(int.Parse(usr.Identity.Name)); UserData foundusr = await UsersRepository.getUserByEmailRawAsync(usr.Identity.Name);
if (foundusr != null && (foundusr.Role != "User" || comment.UserID == foundusr.UserID)) if (foundusr != null && (foundusr.Role != "User" || comment.UserID == foundusr.UserID))
{ {
canDel = true; canDel = true;

View file

@ -63,7 +63,7 @@
var cauthStateProvder = (CustomAuthenticationStateProvider)authStateProvider; var cauthStateProvder = (CustomAuthenticationStateProvider)authStateProvider;
var user = await cauthStateProvder.GetAuthenticationStateAsync(); var user = await cauthStateProvder.GetAuthenticationStateAsync();
var usr = user.User; var usr = user.User;
UserData foundusr = await UsersRepository.getUserByIdAsync(int.Parse(usr.Identity.Name)); UserData foundusr = await UsersRepository.getUserByEmailRawAsync(usr.Identity.Name);
if (foundusr == null) if (foundusr == null)
{ {
hasErr = true; hasErr = true;
@ -90,7 +90,7 @@
var cauthStateProvder = (CustomAuthenticationStateProvider)authStateProvider; var cauthStateProvder = (CustomAuthenticationStateProvider)authStateProvider;
var user = await cauthStateProvder.GetAuthenticationStateAsync(); var user = await cauthStateProvder.GetAuthenticationStateAsync();
var usr = user.User; var usr = user.User;
UserData foundusr = await UsersRepository.getUserByIdAsync(int.Parse(usr.Identity.Name)); UserData foundusr = await UsersRepository.getUserByEmailRawAsync(usr.Identity.Name);
if (foundusr == null) if (foundusr == null)
{ {
hasErr = true; hasErr = true;

View file

@ -69,7 +69,7 @@
var cauthStateProvder = (CustomAuthenticationStateProvider)authStateProvider; var cauthStateProvder = (CustomAuthenticationStateProvider)authStateProvider;
var user = await cauthStateProvder.GetAuthenticationStateAsync(); var user = await cauthStateProvder.GetAuthenticationStateAsync();
var usr = user.User; var usr = user.User;
UserData foundusr = await UsersRepository.getUserByIdAsync(int.Parse(usr.Identity.Name)); UserData foundusr = await UsersRepository.getUserByEmailRawAsync(usr.Identity.Name);
if (foundusr == null) if (foundusr == null)
{ {
hasErr = true; hasErr = true;
@ -97,7 +97,7 @@
var cauthStateProvder = (CustomAuthenticationStateProvider)authStateProvider; var cauthStateProvder = (CustomAuthenticationStateProvider)authStateProvider;
var user = await cauthStateProvder.GetAuthenticationStateAsync(); var user = await cauthStateProvder.GetAuthenticationStateAsync();
var usr = user.User; var usr = user.User;
UserData foundusr = await UsersRepository.getUserByIdAsync(int.Parse(usr.Identity.Name)); UserData foundusr = await UsersRepository.getUserByEmailRawAsync(usr.Identity.Name);
if (foundusr == null) if (foundusr == null)
{ {
hasErr = true; hasErr = true;

View file

@ -157,7 +157,7 @@
var cauthStateProvder = (CustomAuthenticationStateProvider)authStateProvider; var cauthStateProvder = (CustomAuthenticationStateProvider)authStateProvider;
var user = await cauthStateProvder.GetAuthenticationStateAsync(); var user = await cauthStateProvder.GetAuthenticationStateAsync();
var usr = user.User; var usr = user.User;
UserData foundusr = await UsersRepository.getUserByIdAsync(int.Parse(usr.Identity.Name)); UserData foundusr = await UsersRepository.getUserByEmailRawAsync(usr.Identity.Name);
if (foundusr.Role != "User" || post.UserID == foundusr.UserID) if (foundusr.Role != "User" || post.UserID == foundusr.UserID)
{ {
await TheManager.deleteThread(post); await TheManager.deleteThread(post);