add exception filter when user not connected

Apps/Website/Controllers/LinksController.cs

@@ -34,11 +34,6 @@ namespace Website.Controllers
       return View(new ShowLinkViewModel(link, new CommentLinkCommand(id), comments));
     }
 
-    public IActionResult Create()
-    {
-      return View(new AddLinkCommand());
-    }
-
     [HttpPost("{controller}/{id:guid}/vote")]
     [ValidateAntiForgeryToken]
     public async Task<IActionResult> Vote(Guid id, string url, VoteType type, string redirectTo)
@@ -49,8 +44,14 @@ namespace Website.Controllers
       return Redirect(redirectTo);
     }
 
+    public IActionResult Create()
+    {
+      return View(new AddLinkCommand());
+    }
+
     [HttpPost]
     [ValidateAntiForgeryToken]
+
     public async Task<IActionResult> Create(AddLinkCommand command)
     {
       if (!ModelState.IsValid)

Apps/Website/CustomExceptionFilter.cs

@@ -0,0 +1,16 @@
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.Filters;
+
+namespace Website
+{
+  public sealed class CustomExceptionFilter : IExceptionFilter
+  {
+    public void OnException(ExceptionContext context)
+    {
+      if (context.Exception is UserNotConnected)
+      {
+        context.Result = new UnauthorizedResult();
+      }
+    }
+  }
+}

Apps/Website/HttpExecutingUserProvider.cs

@@ -19,7 +19,14 @@ namespace Website
 
     public Guid GetCurrentUserId()
     {
-      return Guid.Parse(_userManager.GetUserId(_httpContextAccessor.HttpContext.User));
+      var uid = _userManager.GetUserId(_httpContextAccessor.HttpContext.User);
+
+      if (!Guid.TryParse(uid, out Guid result))
+      {
+        throw new UserNotConnected();
+      }
+
+      return result;
     }
   }
 }

Apps/Website/Startup.cs

@@ -58,6 +58,7 @@ namespace Website
 
       services.AddControllersWithViews(o =>
       {
+        o.Filters.Add<CustomExceptionFilter>();
         o.Filters.Add(new AuthorizeFilter()); // Nécessite l'authentification par défaut
       });
     }
@@ -82,6 +83,19 @@ namespace Website
 
       app.UseRouting();
 
+      // Permet de rediriger selon les codes d'erreurs retournés, notamment par notre CustomExceptionFilter
+      app.UseStatusCodePages(context =>
+      {
+        var request = context.HttpContext.Request;
+        var response = context.HttpContext.Response;
+        if (response.StatusCode == (int)System.Net.HttpStatusCode.Unauthorized)
+        {
+          response.Redirect("/accounts/login");
+        }
+
+        return System.Threading.Tasks.Task.CompletedTask;
+      });
+
       app.UseAuthentication();
       app.UseAuthorization();
 

Apps/Website/UserNotConnected.cs

@@ -0,0 +1,12 @@
+using System;
+
+namespace Website
+{
+  public sealed class UserNotConnected : Exception
+  {
+    public UserNotConnected() : base("User not connected!")
+    {
+
+    }
+  }
+}