From f4c564748aeef949f09985288fea09000c977418 Mon Sep 17 00:00:00 2001 From: YuukanOO Date: Fri, 11 Dec 2020 17:43:46 +0100 Subject: [PATCH] default to needing authentication and apply anonymous to some actions --- .../Website/Controllers/AccountsController.cs | 5 ++ Apps/Website/Controllers/HomeController.cs | 54 +++++++++---------- Apps/Website/Controllers/LinksController.cs | 3 ++ Apps/Website/Startup.cs | 6 ++- 4 files changed, 39 insertions(+), 29 deletions(-) diff --git a/Apps/Website/Controllers/AccountsController.cs b/Apps/Website/Controllers/AccountsController.cs index 15b69e0..c62e13e 100644 --- a/Apps/Website/Controllers/AccountsController.cs +++ b/Apps/Website/Controllers/AccountsController.cs @@ -1,6 +1,7 @@ using System.Linq; using System.Threading.Tasks; using HN.Infrastructure; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Identity; using Microsoft.AspNetCore.Mvc; using Website.Models; @@ -18,6 +19,7 @@ namespace Website.Controllers _signInManager = signInManager; } + [AllowAnonymous] public IActionResult Register() { return View(); @@ -25,6 +27,7 @@ namespace Website.Controllers [HttpPost] [ValidateAntiForgeryToken] + [AllowAnonymous] public async Task Register(RegisterViewModel command) { if (!ModelState.IsValid) @@ -46,6 +49,7 @@ namespace Website.Controllers return RedirectToAction(nameof(Login)); } + [AllowAnonymous] public IActionResult Login() { return View(); @@ -53,6 +57,7 @@ namespace Website.Controllers [HttpPost] [ValidateAntiForgeryToken] + [AllowAnonymous] public async Task Login(LoginViewModel command) { if (!ModelState.IsValid) diff --git a/Apps/Website/Controllers/HomeController.cs b/Apps/Website/Controllers/HomeController.cs index 75c56b8..d24ca8f 100644 --- a/Apps/Website/Controllers/HomeController.cs +++ b/Apps/Website/Controllers/HomeController.cs @@ -1,37 +1,35 @@ -using System; -using System.Collections.Generic; -using System.Diagnostics; -using System.Linq; -using System.Threading.Tasks; +using System.Diagnostics; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Microsoft.Extensions.Logging; using Website.Models; namespace Website.Controllers { - public class HomeController : Controller + [AllowAnonymous] + public class HomeController : Controller + { + private readonly ILogger _logger; + + public HomeController(ILogger logger) { - private readonly ILogger _logger; - - public HomeController(ILogger logger) - { - _logger = logger; - } - - public IActionResult Index() - { - return View(); - } - - public IActionResult Privacy() - { - return View(); - } - - [ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)] - public IActionResult Error() - { - return View(new ErrorViewModel { RequestId = Activity.Current?.Id ?? HttpContext.TraceIdentifier }); - } + _logger = logger; } + + public IActionResult Index() + { + return View(); + } + + public IActionResult Privacy() + { + return View(); + } + + [ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)] + public IActionResult Error() + { + return View(new ErrorViewModel { RequestId = Activity.Current?.Id ?? HttpContext.TraceIdentifier }); + } + } } diff --git a/Apps/Website/Controllers/LinksController.cs b/Apps/Website/Controllers/LinksController.cs index 09e2bb7..95589cc 100644 --- a/Apps/Website/Controllers/LinksController.cs +++ b/Apps/Website/Controllers/LinksController.cs @@ -5,6 +5,7 @@ using System.Threading.Tasks; using System; using HN.Domain; using Website.Models; +using Microsoft.AspNetCore.Authorization; namespace Website.Controllers { @@ -18,12 +19,14 @@ namespace Website.Controllers } [HttpGet] + [AllowAnonymous] public async Task Index() { return View(await _bus.Send(new ListLinksQuery())); } [HttpGet("{controller}/{id:guid}")] + [AllowAnonymous] public async Task Show(Guid id) { var link = await _bus.Send(new GetLinkQuery(id)); diff --git a/Apps/Website/Startup.cs b/Apps/Website/Startup.cs index 3e6f979..393d96c 100644 --- a/Apps/Website/Startup.cs +++ b/Apps/Website/Startup.cs @@ -6,6 +6,7 @@ using Microsoft.AspNetCore.Authentication.Cookies; using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.Hosting; using Microsoft.AspNetCore.Identity; +using Microsoft.AspNetCore.Mvc.Authorization; using Microsoft.AspNetCore.Routing; using Microsoft.EntityFrameworkCore; using Microsoft.Extensions.Configuration; @@ -55,7 +56,10 @@ namespace Website o.LogoutPath = "/accounts/logout"; }); - services.AddControllersWithViews(); + services.AddControllersWithViews(o => + { + o.Filters.Add(new AuthorizeFilter()); // Nécessite l'authentification par défaut + }); } // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.