added Login Authentication
This commit is contained in:
@@ -1,4 +1,5 @@
|
||||
@page "/books"
|
||||
@attribute [Microsoft.AspNetCore.Authorization.Authorize]
|
||||
@using SecDevOpsLab.Models
|
||||
@using SecDevOpsLab.Data
|
||||
@inject AppDbContext Db
|
||||
|
||||
39
Components/Pages/Login.razor
Normal file
39
Components/Pages/Login.razor
Normal file
@@ -0,0 +1,39 @@
|
||||
@page "/login"
|
||||
@using System.Security.Claims
|
||||
@using Microsoft.AspNetCore.Authentication
|
||||
@using Microsoft.AspNetCore.Authentication.Cookies
|
||||
@inject NavigationManager Navigation
|
||||
|
||||
<h3>SecDevOps Lab Login</h3>
|
||||
|
||||
@if (!string.IsNullOrEmpty(errorMessage))
|
||||
{
|
||||
<div class="alert alert-danger">@errorMessage</div>
|
||||
}
|
||||
|
||||
@* Wichtig: Ein traditionelles HTML-Formular nutzen, um Cookies setzen zu können *@
|
||||
<form action="/api/auth/login" method="post">
|
||||
<div class="mb-3">
|
||||
<label class="form-label">Benutzername</label>
|
||||
<input type="text" name="username" class="form-control" required />
|
||||
</div>
|
||||
<div class="mb-3">
|
||||
<label class="form-label">Passwort</label>
|
||||
<input type="password" name="password" class="form-control" required />
|
||||
</div>
|
||||
<button type="submit" class="btn btn-primary">Einloggen</button>
|
||||
</form>
|
||||
|
||||
@code {
|
||||
private string? errorMessage;
|
||||
|
||||
protected override void OnInitialized()
|
||||
{
|
||||
// Falls ein Fehler beim Login auftrat, fangen wir ihn über die URL ab
|
||||
var uri = Navigation.ToAbsoluteUri(Navigation.Uri);
|
||||
if (Microsoft.AspNetCore.WebUtilities.QueryHelpers.ParseQuery(uri.Query).TryGetValue("error", out var error))
|
||||
{
|
||||
errorMessage = "Ungültige Zugangsdaten.";
|
||||
}
|
||||
}
|
||||
}
|
||||
49
Program.cs
49
Program.cs
@@ -3,10 +3,29 @@ using Microsoft.EntityFrameworkCore;
|
||||
// Importieren der Klassen
|
||||
using SecDevOpsLab.Data;
|
||||
using SecDevOpsLab.Components;
|
||||
// NEU: Namespaces für Authentifizierung und Routing hinzufügen
|
||||
using Microsoft.AspNetCore.Authentication.Cookies;
|
||||
using Microsoft.AspNetCore.Components.Authorization;
|
||||
using Microsoft.AspNetCore.Components.Server;
|
||||
using System.Security.Claims;
|
||||
using Microsoft.AspNetCore.Authentication;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
|
||||
// Initialisieren des Web Builders, der den Server und die Umgebung vorbereitet
|
||||
var builder = WebApplication.CreateBuilder(args);
|
||||
|
||||
// NEU: Blazor-Authentifizierungsdienste registrieren
|
||||
builder.Services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
|
||||
.AddCookie(options =>
|
||||
{
|
||||
options.LoginPath = "/login"; // Wohin unberechtigte Nutzer geleitet werden
|
||||
options.ExpireTimeSpan = TimeSpan.FromHours(2);
|
||||
});
|
||||
|
||||
// NEU: Erlaubt Blazor-Komponenten, den Login-Status abzufragen
|
||||
builder.Services.AddCascadingAuthenticationState();
|
||||
builder.Services.AddScoped<AuthenticationStateProvider, ServerAuthenticationStateProvider>();
|
||||
|
||||
// Hinzufügen des Blazor Service und die Interagierbarkeit des Frontends
|
||||
builder.Services.AddRazorComponents()
|
||||
.AddInteractiveServerComponents();
|
||||
@@ -36,6 +55,11 @@ if (!app.Environment.IsDevelopment())
|
||||
|
||||
// Erlauben des Zugriffs auf wwwroot Dir
|
||||
app.UseStaticFiles();
|
||||
|
||||
// NEU: Authentifizierungs-Middleware aktivieren (MUSS vor Antiforgery stehen!)
|
||||
app.UseAuthentication();
|
||||
app.UseAuthorization();
|
||||
|
||||
// Schützen vor CSRF Attacken
|
||||
app.UseAntiforgery();
|
||||
|
||||
@@ -43,5 +67,30 @@ app.UseAntiforgery();
|
||||
app.MapRazorComponents<App>()
|
||||
.AddInteractiveServerRenderMode();
|
||||
|
||||
// ==========================================
|
||||
// SCHRITT 3: HIER EINGEFÜGT (Login-Endpunkt)
|
||||
// ==========================================
|
||||
app.MapPost("/api/auth/login", async (
|
||||
[FromForm] string username,
|
||||
[FromForm] string password,
|
||||
HttpContext httpContext) =>
|
||||
{
|
||||
// Statischer User (Für SecDevOps später via Environment Variable aus K8s-Secret laden!)
|
||||
const string StaticUser = "admin";
|
||||
const string StaticPassword = "DevOpsPassword2026!";
|
||||
|
||||
if (username == StaticUser && password == StaticPassword)
|
||||
{
|
||||
var claims = new List<Claim> { new Claim(ClaimTypes.Name, username) };
|
||||
var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
|
||||
|
||||
await httpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity));
|
||||
|
||||
return Results.Redirect("/"); // Erfolgreich eingeloggt -> zur Startseite
|
||||
}
|
||||
|
||||
return Results.Redirect("/login?error=true"); // Fehler -> zurück zum Login
|
||||
});
|
||||
|
||||
// Webserver wird gestartet. Port 8080 wird eröffnet
|
||||
app.Run();
|
||||
|
||||
Reference in New Issue
Block a user