From 604ef537e0fabfbcc3abf9d7473b22f08dc549a6 Mon Sep 17 00:00:00 2001 From: Jake Mannens Date: Thu, 14 Sep 2023 14:41:40 +1000 Subject: Finalised login functionality --- Controllers/LoginController.cs | 26 +- HBContext.cs | 23 +- Media.cs | 2 +- Migrations/20230914040737_Users.Designer.cs | 358 ++++++++++++++++++++++++++++ Migrations/20230914040737_Users.cs | 61 +++++ Migrations/HBContextModelSnapshot.cs | 35 +++ Pages/Component/Titlebar.razor | 16 +- Program.cs | 1 - Services/UserService.cs | 13 +- User.cs | 9 + 10 files changed, 518 insertions(+), 26 deletions(-) create mode 100644 Migrations/20230914040737_Users.Designer.cs create mode 100644 Migrations/20230914040737_Users.cs create mode 100644 User.cs diff --git a/Controllers/LoginController.cs b/Controllers/LoginController.cs index fff3e6e..aa680a0 100644 --- a/Controllers/LoginController.cs +++ b/Controllers/LoginController.cs @@ -1,5 +1,7 @@ -using Microsoft.AspNetCore.Authentication; +using HyperBooru.Services; +using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Authentication.Cookies; +using Microsoft.AspNetCore.Cryptography.KeyDerivation; using Microsoft.AspNetCore.Mvc; using System.Security.Claims; @@ -15,10 +17,20 @@ public class LoginController : Controller { [HttpPost("Login")] public async Task Login( [FromForm] string username, - [FromForm] string password) { + [FromForm] string password, + HBContext db) { + + var user = db.Users.FirstOrDefault(u => u.Username == username); + if(user is null) + return StatusCode(403); + + var hash = UserService.HashPassword(password); + if(hash != user.PasswordHash) + return StatusCode(403); var claims = new Claim[] { - new Claim(ClaimTypes.NameIdentifier, username) + new Claim(ClaimTypes.Name, user.Username), + new Claim("ObjectId", user.ObjectId.ToString()) }; var claimsIdentity = new ClaimsIdentity( @@ -27,12 +39,8 @@ public class LoginController : Controller { var claimsPrincipal = new ClaimsPrincipal(claimsIdentity); - if(username == "admin" && password == "test") { - await httpContextAccessor.HttpContext!.SignInAsync(claimsPrincipal); - return Ok(); - } else { - return StatusCode(403); - } + await httpContextAccessor.HttpContext!.SignInAsync(claimsPrincipal); + return Ok(); } [HttpPost("Logout")] diff --git a/HBContext.cs b/HBContext.cs index 415b745..c15c20b 100644 --- a/HBContext.cs +++ b/HBContext.cs @@ -3,14 +3,18 @@ using HyperBooru.Services; namespace HyperBooru; -public class HBContext : DbContext { - public const int NsfwTagId = -1; - public const int IngestTagId = -2; +enum HBObjectId { + NsfwTag = -1, + IngestTag = -2, + AdminUser = -3 +} +public class HBContext : DbContext { public static readonly Guid NsfwTag = new("EBDAD4F8-455A-4351-8017-1D4854D6FA38"); public static readonly Guid IngestTag = new("EA212801-5BCC-4C0E-814F-FB9D30DB58BC"); public DbSet Objects { get; set; } + public DbSet Users { get; set; } public DbSet TagDefinitions { get; set; } public DbSet Tags { get; set; } public DbSet Media { get; set; } @@ -42,19 +46,28 @@ public class HBContext : DbContext { // These should NEVER change modelBuilder.Entity().HasData(new TagDefinition[] { new() { - ObjectId = NsfwTagId, + ObjectId = (int) HBObjectId.NsfwTag, Guid = NsfwTag, Source = TagSource.Internal, Name = "nsfw" }, new() { - ObjectId = IngestTagId, + ObjectId = (int) HBObjectId.IngestTag, Guid = IngestTag, Source = TagSource.Internal, Name = "ingest" } }); + // Seed initial admin user + modelBuilder.Entity().HasData(new User[] { + new() { + ObjectId = (int) HBObjectId.AdminUser, + Username = "admin", + PasswordHash = UserService.HashPassword("admin") + } + }); + // Some complex relationships cannot be inferred and require // additional configuration, as seen below. modelBuilder.Entity() diff --git a/Media.cs b/Media.cs index 8c15ad0..9664250 100644 --- a/Media.cs +++ b/Media.cs @@ -15,7 +15,7 @@ public class Media : HBObject { public bool IsIngest => Tags .Select(t => t.TagDefinitionId) - .Contains(HBContext.IngestTagId); + .Contains((int) HBObjectId.IngestTag); public string? DisplayName { get { diff --git a/Migrations/20230914040737_Users.Designer.cs b/Migrations/20230914040737_Users.Designer.cs new file mode 100644 index 0000000..7e3a9d9 --- /dev/null +++ b/Migrations/20230914040737_Users.Designer.cs @@ -0,0 +1,358 @@ +// +using System; +using HyperBooru; +using Microsoft.EntityFrameworkCore; +using Microsoft.EntityFrameworkCore.Infrastructure; +using Microsoft.EntityFrameworkCore.Migrations; +using Microsoft.EntityFrameworkCore.Storage.ValueConversion; +using Npgsql.EntityFrameworkCore.PostgreSQL.Metadata; + +#nullable disable + +namespace HyperBooru.Migrations +{ + [DbContext(typeof(HBContext))] + [Migration("20230914040737_Users")] + partial class Users + { + /// + protected override void BuildTargetModel(ModelBuilder modelBuilder) + { +#pragma warning disable 612, 618 + modelBuilder + .HasAnnotation("ProductVersion", "7.0.10") + .HasAnnotation("Relational:MaxIdentifierLength", 63); + + NpgsqlModelBuilderExtensions.UseIdentityByDefaultColumns(modelBuilder); + + modelBuilder.Entity("HyperBooru.HBObject", b => + { + b.Property("ObjectId") + .ValueGeneratedOnAdd() + .HasColumnType("integer"); + + NpgsqlPropertyBuilderExtensions.UseIdentityByDefaultColumn(b.Property("ObjectId")); + + b.Property("Guid") + .HasColumnType("uuid"); + + b.HasKey("ObjectId"); + + b.HasIndex("Guid"); + + b.ToTable("Objects", (string)null); + + b.UseTptMappingStrategy(); + }); + + modelBuilder.Entity("HyperBooru.OcrData", b => + { + b.Property("OcrDataId") + .ValueGeneratedOnAdd() + .HasColumnType("integer"); + + NpgsqlPropertyBuilderExtensions.UseIdentityByDefaultColumn(b.Property("OcrDataId")); + + b.Property("MediaId") + .HasColumnType("integer"); + + b.Property("SearchableText") + .IsRequired() + .HasColumnType("text"); + + b.Property("Text") + .IsRequired() + .HasColumnType("text"); + + b.Property("Timestamp") + .HasColumnType("timestamp with time zone"); + + b.HasKey("OcrDataId"); + + b.HasIndex("MediaId") + .IsUnique(); + + b.ToTable("OcrData"); + }); + + modelBuilder.Entity("TagDefinitionTagDefinition", b => + { + b.Property("ImplicitTagsObjectId") + .HasColumnType("integer"); + + b.Property("TagDefinitionObjectId") + .HasColumnType("integer"); + + b.HasKey("ImplicitTagsObjectId", "TagDefinitionObjectId"); + + b.HasIndex("TagDefinitionObjectId"); + + b.ToTable("TagDefinitionTagDefinition"); + }); + + modelBuilder.Entity("HyperBooru.Media", b => + { + b.HasBaseType("HyperBooru.HBObject"); + + b.Property("CurrentUploadedFileId") + .HasColumnType("integer"); + + b.Property("LongDescription") + .HasColumnType("text"); + + b.Property("ShortDescription") + .HasColumnType("text"); + + b.HasIndex("CurrentUploadedFileId") + .IsUnique(); + + b.ToTable("Media", (string)null); + }); + + modelBuilder.Entity("HyperBooru.Tag", b => + { + b.HasBaseType("HyperBooru.HBObject"); + + b.Property("CreateTime") + .HasColumnType("timestamp with time zone"); + + b.Property("TagDefinitionId") + .HasColumnType("integer"); + + b.Property("TargetObjectId") + .HasColumnType("integer"); + + b.HasIndex("TagDefinitionId"); + + b.HasIndex("TargetObjectId"); + + b.ToTable("Tags", (string)null); + }); + + modelBuilder.Entity("HyperBooru.TagDefinition", b => + { + b.HasBaseType("HyperBooru.HBObject"); + + b.Property("Alias") + .HasColumnType("text"); + + b.Property("Name") + .IsRequired() + .HasColumnType("text"); + + b.Property("Namespace") + .HasColumnType("text"); + + b.Property("Source") + .HasColumnType("integer"); + + b.ToTable("TagDefinitions", (string)null); + + b.HasData( + new + { + ObjectId = -1, + Guid = new Guid("ebdad4f8-455a-4351-8017-1d4854d6fa38"), + Name = "nsfw", + Source = 0 + }, + new + { + ObjectId = -2, + Guid = new Guid("ea212801-5bcc-4c0e-814f-fb9d30db58bc"), + Name = "ingest", + Source = 0 + }); + }); + + modelBuilder.Entity("HyperBooru.UploadedFile", b => + { + b.HasBaseType("HyperBooru.HBObject"); + + b.Property("Checksum") + .IsRequired() + .HasColumnType("text"); + + b.Property("ChecksumVerified") + .HasColumnType("boolean"); + + b.Property("CreateTime") + .HasColumnType("timestamp with time zone"); + + b.Property("Filename") + .HasColumnType("text"); + + b.Property("Height") + .HasColumnType("integer"); + + b.Property("LastAccessTime") + .HasColumnType("timestamp with time zone"); + + b.Property("LastWriteTime") + .HasColumnType("timestamp with time zone"); + + b.Property("Length") + .HasColumnType("bigint"); + + b.Property("MediaObjectId") + .HasColumnType("integer"); + + b.Property("MimeType") + .IsRequired() + .HasColumnType("text"); + + b.Property("UploadTime") + .HasColumnType("timestamp with time zone"); + + b.Property("Width") + .HasColumnType("integer"); + + b.HasIndex("MediaObjectId"); + + b.ToTable("UploadedFiles", (string)null); + }); + + modelBuilder.Entity("HyperBooru.User", b => + { + b.HasBaseType("HyperBooru.HBObject"); + + b.Property("PasswordHash") + .IsRequired() + .HasColumnType("text"); + + b.Property("Username") + .IsRequired() + .HasColumnType("text"); + + b.HasIndex("Username"); + + b.ToTable("Users"); + + b.HasData( + new + { + ObjectId = -3, + Guid = new Guid("4fa948f4-7c45-4f81-bb6b-e417491e6c96"), + PasswordHash = "P4geAuE2yX/PDRHuJSq74FF5vO782rWz5c0LAQPR8m45DEYAONhu1wYnAn60PSNyjocqEBdnCeKCJfK3sKyuWw==", + Username = "admin" + }); + }); + + modelBuilder.Entity("HyperBooru.OcrData", b => + { + b.HasOne("HyperBooru.Media", "Media") + .WithOne("OcrData") + .HasForeignKey("HyperBooru.OcrData", "MediaId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.Navigation("Media"); + }); + + modelBuilder.Entity("TagDefinitionTagDefinition", b => + { + b.HasOne("HyperBooru.TagDefinition", null) + .WithMany() + .HasForeignKey("ImplicitTagsObjectId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.HasOne("HyperBooru.TagDefinition", null) + .WithMany() + .HasForeignKey("TagDefinitionObjectId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + }); + + modelBuilder.Entity("HyperBooru.Media", b => + { + b.HasOne("HyperBooru.UploadedFile", "CurrentUploadedFile") + .WithOne() + .HasForeignKey("HyperBooru.Media", "CurrentUploadedFileId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.HasOne("HyperBooru.HBObject", null) + .WithOne() + .HasForeignKey("HyperBooru.Media", "ObjectId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.Navigation("CurrentUploadedFile"); + }); + + modelBuilder.Entity("HyperBooru.Tag", b => + { + b.HasOne("HyperBooru.HBObject", null) + .WithOne() + .HasForeignKey("HyperBooru.Tag", "ObjectId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.HasOne("HyperBooru.TagDefinition", "TagDefinition") + .WithMany() + .HasForeignKey("TagDefinitionId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.HasOne("HyperBooru.HBObject", "Target") + .WithMany("Tags") + .HasForeignKey("TargetObjectId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.Navigation("TagDefinition"); + + b.Navigation("Target"); + }); + + modelBuilder.Entity("HyperBooru.TagDefinition", b => + { + b.HasOne("HyperBooru.HBObject", null) + .WithOne() + .HasForeignKey("HyperBooru.TagDefinition", "ObjectId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + }); + + modelBuilder.Entity("HyperBooru.UploadedFile", b => + { + b.HasOne("HyperBooru.Media", "Media") + .WithMany("UploadedFiles") + .HasForeignKey("MediaObjectId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.HasOne("HyperBooru.HBObject", null) + .WithOne() + .HasForeignKey("HyperBooru.UploadedFile", "ObjectId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.Navigation("Media"); + }); + + modelBuilder.Entity("HyperBooru.User", b => + { + b.HasOne("HyperBooru.HBObject", null) + .WithOne() + .HasForeignKey("HyperBooru.User", "ObjectId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + }); + + modelBuilder.Entity("HyperBooru.HBObject", b => + { + b.Navigation("Tags"); + }); + + modelBuilder.Entity("HyperBooru.Media", b => + { + b.Navigation("OcrData"); + + b.Navigation("UploadedFiles"); + }); +#pragma warning restore 612, 618 + } + } +} diff --git a/Migrations/20230914040737_Users.cs b/Migrations/20230914040737_Users.cs new file mode 100644 index 0000000..3c77a28 --- /dev/null +++ b/Migrations/20230914040737_Users.cs @@ -0,0 +1,61 @@ +using System; +using Microsoft.EntityFrameworkCore.Migrations; + +#nullable disable + +namespace HyperBooru.Migrations +{ + /// + public partial class Users : Migration + { + /// + protected override void Up(MigrationBuilder migrationBuilder) + { + migrationBuilder.CreateTable( + name: "Users", + columns: table => new + { + ObjectId = table.Column(type: "integer", nullable: false), + Username = table.Column(type: "text", nullable: false), + PasswordHash = table.Column(type: "text", nullable: false) + }, + constraints: table => + { + table.PrimaryKey("PK_Users", x => x.ObjectId); + table.ForeignKey( + name: "FK_Users_Objects_ObjectId", + column: x => x.ObjectId, + principalTable: "Objects", + principalColumn: "ObjectId", + onDelete: ReferentialAction.Cascade); + }); + + migrationBuilder.InsertData( + table: "Objects", + columns: new[] { "ObjectId", "Guid" }, + values: new object[] { -3, new Guid("4fa948f4-7c45-4f81-bb6b-e417491e6c96") }); + + migrationBuilder.InsertData( + table: "Users", + columns: new[] { "ObjectId", "PasswordHash", "Username" }, + values: new object[] { -3, "P4geAuE2yX/PDRHuJSq74FF5vO782rWz5c0LAQPR8m45DEYAONhu1wYnAn60PSNyjocqEBdnCeKCJfK3sKyuWw==", "admin" }); + + migrationBuilder.CreateIndex( + name: "IX_Users_Username", + table: "Users", + column: "Username"); + } + + /// + protected override void Down(MigrationBuilder migrationBuilder) + { + migrationBuilder.DropTable( + name: "Users"); + + migrationBuilder.DeleteData( + table: "Objects", + keyColumn: "ObjectId", + keyValue: -3); + } + } +} diff --git a/Migrations/HBContextModelSnapshot.cs b/Migrations/HBContextModelSnapshot.cs index a24b920..5dc4d8d 100644 --- a/Migrations/HBContextModelSnapshot.cs +++ b/Migrations/HBContextModelSnapshot.cs @@ -209,6 +209,32 @@ namespace HyperBooru.Migrations b.ToTable("UploadedFiles", (string)null); }); + modelBuilder.Entity("HyperBooru.User", b => + { + b.HasBaseType("HyperBooru.HBObject"); + + b.Property("PasswordHash") + .IsRequired() + .HasColumnType("text"); + + b.Property("Username") + .IsRequired() + .HasColumnType("text"); + + b.HasIndex("Username"); + + b.ToTable("Users"); + + b.HasData( + new + { + ObjectId = -3, + Guid = new Guid("4fa948f4-7c45-4f81-bb6b-e417491e6c96"), + PasswordHash = "P4geAuE2yX/PDRHuJSq74FF5vO782rWz5c0LAQPR8m45DEYAONhu1wYnAn60PSNyjocqEBdnCeKCJfK3sKyuWw==", + Username = "admin" + }); + }); + modelBuilder.Entity("HyperBooru.OcrData", b => { b.HasOne("HyperBooru.Media", "Media") @@ -303,6 +329,15 @@ namespace HyperBooru.Migrations b.Navigation("Media"); }); + modelBuilder.Entity("HyperBooru.User", b => + { + b.HasOne("HyperBooru.HBObject", null) + .WithOne() + .HasForeignKey("HyperBooru.User", "ObjectId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + }); + modelBuilder.Entity("HyperBooru.HBObject", b => { b.Navigation("Tags"); diff --git a/Pages/Component/Titlebar.razor b/Pages/Component/Titlebar.razor index bcd5f61..1772519 100644 --- a/Pages/Component/Titlebar.razor +++ b/Pages/Component/Titlebar.razor @@ -1,7 +1,4 @@ -@inject IUserService userService -@inject NavigationManager navigationManager -@inject IJSRuntime jsRuntime -@inject AuthenticationStateProvider authStateProvider +@inject IJSRuntime jsRuntime