From 72ff6fa0e79d42d107bd8ad1c0b2703a1556a709 Mon Sep 17 00:00:00 2001
From: Shaun Walker <shaun.walker@siliqon.com>
Date: Wed, 16 Jun 2021 16:31:02 -0400
Subject: [PATCH] improvements to refresh logic, module template enhancements

---
 Oqtane.Client/Modules/Admin/Login/Index.razor |   2 +-
 .../Admin/ModuleDefinitions/Index.razor       |   2 +-
 Oqtane.Client/Modules/Admin/Sites/Index.razor |   4 +-
 .../Modules/Admin/Themes/Index.razor          |   2 +-
 Oqtane.Client/Modules/ModuleBase.cs           |  10 ++
 .../Controls/Container/ModuleActionsBase.cs   |  16 +-
 .../Themes/Controls/Theme/ControlPanel.razor  |   2 +-
 .../Themes/Controls/Theme/LoginBase.cs        |   2 +-
 Oqtane.Client/Themes/ThemeBase.cs             |  10 ++
 Oqtane.Client/UI/{Reload.cs => Refresh.cs}    |   4 +-
 Oqtane.Client/UI/SiteRouter.razor             |  34 ++---
 .../Modules/[Owner].[Module]/Edit.razor       |  39 +++--
 .../Modules/[Owner].[Module]/Index.razor      |  15 +-
 .../Modules/[Owner].[Module]/Settings.razor   |   3 +-
 .../Resources/[Owner].[Module]/Edit.resx      | 141 ++++++++++++++++++
 .../Resources/[Owner].[Module]/Index.resx     | 138 +++++++++++++++++
 .../Resources/[Owner].[Module]/Settings.resx  | 126 ++++++++++++++++
 .../Server/Controllers/[Module]Controller.cs  |  39 ++++-
 .../Server/Repository/I[Module]Repository.cs  |   1 +
 .../Server/Repository/[Module]Repository.cs   |  14 +-
 20 files changed, 540 insertions(+), 64 deletions(-)
 rename Oqtane.Client/UI/{Reload.cs => Refresh.cs} (62%)
 create mode 100644 Oqtane.Server/wwwroot/Modules/Templates/External/Client/Resources/[Owner].[Module]/Edit.resx
 create mode 100644 Oqtane.Server/wwwroot/Modules/Templates/External/Client/Resources/[Owner].[Module]/Index.resx
 create mode 100644 Oqtane.Server/wwwroot/Modules/Templates/External/Client/Resources/[Owner].[Module]/Settings.resx

diff --git a/Oqtane.Client/Modules/Admin/Login/Index.razor b/Oqtane.Client/Modules/Admin/Login/Index.razor
index 45f4e246..790265c7 100644
--- a/Oqtane.Client/Modules/Admin/Login/Index.razor
+++ b/Oqtane.Client/Modules/Admin/Login/Index.razor
@@ -142,7 +142,7 @@
                     await logger.LogInformation("Login Successful For Username {Username}", _username);
                     var authstateprovider = (IdentityAuthenticationStateProvider)ServiceProvider.GetService(typeof(IdentityAuthenticationStateProvider));
                     authstateprovider.NotifyAuthenticationChanged();
-                    NavigationManager.NavigateTo(NavigateUrl(_returnUrl, "reload"));
+                    NavigationManager.NavigateTo(NavigateUrl(_returnUrl, true));
                 }
                 else
                 {
diff --git a/Oqtane.Client/Modules/Admin/ModuleDefinitions/Index.razor b/Oqtane.Client/Modules/Admin/ModuleDefinitions/Index.razor
index c9c47456..44bc1b8f 100644
--- a/Oqtane.Client/Modules/Admin/ModuleDefinitions/Index.razor
+++ b/Oqtane.Client/Modules/Admin/ModuleDefinitions/Index.razor
@@ -103,7 +103,7 @@ else
         {
             await ModuleDefinitionService.DeleteModuleDefinitionAsync(moduleDefinition.ModuleDefinitionId, moduleDefinition.SiteId);
             AddModuleMessage(Localizer["Module Deleted Successfully"], MessageType.Success);
-            NavigationManager.NavigateTo(NavigateUrl(PageState.Page.Path, "reload"));
+            NavigationManager.NavigateTo(NavigateUrl(PageState.Page.Path, true));
         }
         catch (Exception ex)
         {
diff --git a/Oqtane.Client/Modules/Admin/Sites/Index.razor b/Oqtane.Client/Modules/Admin/Sites/Index.razor
index d181fe68..0f0ef0fc 100644
--- a/Oqtane.Client/Modules/Admin/Sites/Index.razor
+++ b/Oqtane.Client/Modules/Admin/Sites/Index.razor
@@ -51,11 +51,11 @@ else
 
     private void Edit(string name)
     {
-        NavigationManager.NavigateTo(_scheme + name + "/admin/site/?redirect");
+        NavigationManager.NavigateTo(_scheme + name + "/admin/site/?reload");
     }
 
     private void Browse(string name)
     {
-        NavigationManager.NavigateTo(_scheme + name + "/?redirect", true);
+        NavigationManager.NavigateTo(_scheme + name + "/?reload");
     }
 }
diff --git a/Oqtane.Client/Modules/Admin/Themes/Index.razor b/Oqtane.Client/Modules/Admin/Themes/Index.razor
index fc13417f..7cbba5f3 100644
--- a/Oqtane.Client/Modules/Admin/Themes/Index.razor
+++ b/Oqtane.Client/Modules/Admin/Themes/Index.razor
@@ -104,7 +104,7 @@ else
         {
             await ThemeService.DeleteThemeAsync(Theme.ThemeName);
             AddModuleMessage(Localizer["Theme Deleted Successfully"], MessageType.Success);
-            NavigationManager.NavigateTo(NavigateUrl(PageState.Page.Path, "reload"));
+            NavigationManager.NavigateTo(NavigateUrl(PageState.Page.Path, true));
         }
         catch (Exception ex)
         {
diff --git a/Oqtane.Client/Modules/ModuleBase.cs b/Oqtane.Client/Modules/ModuleBase.cs
index 3fd548ac..e7c6658d 100644
--- a/Oqtane.Client/Modules/ModuleBase.cs
+++ b/Oqtane.Client/Modules/ModuleBase.cs
@@ -84,11 +84,21 @@ namespace Oqtane.Modules
             return NavigateUrl(path, "");
         }
 
+        public string NavigateUrl(bool refresh)
+        {
+            return NavigateUrl(PageState.Page.Path, refresh);
+        }
+
         public string NavigateUrl(string path, string parameters)
         {
             return Utilities.NavigateUrl(PageState.Alias.Path, path, parameters);
         }
 
+        public string NavigateUrl(string path, bool refresh)
+        {
+            return Utilities.NavigateUrl(PageState.Alias.Path, path, refresh ? "refresh" : "");
+        }
+
         public string EditUrl(string action)
         {
             return EditUrl(ModuleState.ModuleId, action);
diff --git a/Oqtane.Client/Themes/Controls/Container/ModuleActionsBase.cs b/Oqtane.Client/Themes/Controls/Container/ModuleActionsBase.cs
index f8b0b065..edf5b8e4 100644
--- a/Oqtane.Client/Themes/Controls/Container/ModuleActionsBase.cs
+++ b/Oqtane.Client/Themes/Controls/Container/ModuleActionsBase.cs
@@ -115,7 +115,7 @@ namespace Oqtane.Themes.Controls
             await PageModuleService.UpdatePageModuleAsync(pagemodule);
             await PageModuleService.UpdatePageModuleOrderAsync(pagemodule.PageId, pagemodule.Pane);
             await PageModuleService.UpdatePageModuleOrderAsync(pagemodule.PageId, oldPane);
-            return NavigateUrl(url, "reload");
+            return NavigateUrl(url, true);
         }
 
         private async Task<string> DeleteModule(string url, PageModule pagemodule)
@@ -123,7 +123,7 @@ namespace Oqtane.Themes.Controls
             pagemodule.IsDeleted = true;
             await PageModuleService.UpdatePageModuleAsync(pagemodule);
             await PageModuleService.UpdatePageModuleOrderAsync(pagemodule.PageId, pagemodule.Pane);
-            return NavigateUrl(url, "reload");
+            return NavigateUrl(url, true);
         }
 
         private async Task<string> Settings(string url, PageModule pagemodule)
@@ -148,7 +148,7 @@ namespace Oqtane.Themes.Controls
             }
             pagemodule.Module.Permissions = UserSecurity.SetPermissionStrings(permissions);
             await ModuleService.UpdateModuleAsync(pagemodule.Module);
-            return NavigateUrl(s, "reload");
+            return NavigateUrl(s, true);
         }
 
         private async Task<string> Unpublish(string s, PageModule pagemodule)
@@ -166,7 +166,7 @@ namespace Oqtane.Themes.Controls
             }
             pagemodule.Module.Permissions = UserSecurity.SetPermissionStrings(permissions);
             await ModuleService.UpdateModuleAsync(pagemodule.Module);
-            return NavigateUrl(s, "reload");
+            return NavigateUrl(s, true);
         }
 
         private async Task<string> MoveTop(string s, PageModule pagemodule)
@@ -174,7 +174,7 @@ namespace Oqtane.Themes.Controls
             pagemodule.Order = 0;
             await PageModuleService.UpdatePageModuleAsync(pagemodule);
             await PageModuleService.UpdatePageModuleOrderAsync(pagemodule.PageId, pagemodule.Pane);
-            return NavigateUrl(s, "reload");
+            return NavigateUrl(s, true);
         }
 
         private async Task<string> MoveBottom(string s, PageModule pagemodule)
@@ -182,7 +182,7 @@ namespace Oqtane.Themes.Controls
             pagemodule.Order = int.MaxValue;
             await PageModuleService.UpdatePageModuleAsync(pagemodule);
             await PageModuleService.UpdatePageModuleOrderAsync(pagemodule.PageId, pagemodule.Pane);
-            return NavigateUrl(s, "reload");
+            return NavigateUrl(s, true);
         }
 
         private async Task<string> MoveUp(string s, PageModule pagemodule)
@@ -190,7 +190,7 @@ namespace Oqtane.Themes.Controls
             pagemodule.Order -= 3;
             await PageModuleService.UpdatePageModuleAsync(pagemodule);
             await PageModuleService.UpdatePageModuleOrderAsync(pagemodule.PageId, pagemodule.Pane);
-            return NavigateUrl(s, "reload");
+            return NavigateUrl(s, true);
         }
 
         private async Task<string> MoveDown(string s, PageModule pagemodule)
@@ -198,7 +198,7 @@ namespace Oqtane.Themes.Controls
             pagemodule.Order += 3;
             await PageModuleService.UpdatePageModuleAsync(pagemodule);
             await PageModuleService.UpdatePageModuleOrderAsync(pagemodule.PageId, pagemodule.Pane);
-            return NavigateUrl(s, "reload");
+            return NavigateUrl(s, true);
         }
 
         public class ActionViewModel
diff --git a/Oqtane.Client/Themes/Controls/Theme/ControlPanel.razor b/Oqtane.Client/Themes/Controls/Theme/ControlPanel.razor
index 14e985e1..51486db8 100644
--- a/Oqtane.Client/Themes/Controls/Theme/ControlPanel.razor
+++ b/Oqtane.Client/Themes/Controls/Theme/ControlPanel.razor
@@ -537,7 +537,7 @@
             }
             page.Permissions = UserSecurity.SetPermissionStrings(permissions);
             await PageService.UpdatePageAsync(page);
-            NavigationManager.NavigateTo(NavigateUrl(PageState.Page.Path, "reload"));
+            NavigationManager.NavigateTo(NavigateUrl(PageState.Page.Path, true));
         }
     }
 
diff --git a/Oqtane.Client/Themes/Controls/Theme/LoginBase.cs b/Oqtane.Client/Themes/Controls/Theme/LoginBase.cs
index 972f005c..cc454412 100644
--- a/Oqtane.Client/Themes/Controls/Theme/LoginBase.cs
+++ b/Oqtane.Client/Themes/Controls/Theme/LoginBase.cs
@@ -47,7 +47,7 @@ namespace Oqtane.Themes.Controls
                 // client-side Blazor
                 var authstateprovider = (IdentityAuthenticationStateProvider)ServiceProvider.GetService(typeof(IdentityAuthenticationStateProvider));
                 authstateprovider.NotifyAuthenticationChanged();
-                NavigationManager.NavigateTo(NavigateUrl(!authorizedtoviewpage ? PageState.Alias.Path : PageState.Page.Path, "reload"));
+                NavigationManager.NavigateTo(NavigateUrl(!authorizedtoviewpage ? PageState.Alias.Path : PageState.Page.Path, true));
             }
         }
     }
diff --git a/Oqtane.Client/Themes/ThemeBase.cs b/Oqtane.Client/Themes/ThemeBase.cs
index a2ca3c86..158321f9 100644
--- a/Oqtane.Client/Themes/ThemeBase.cs
+++ b/Oqtane.Client/Themes/ThemeBase.cs
@@ -64,6 +64,16 @@ namespace Oqtane.Themes
             return NavigateUrl(path, "");
         }
 
+        public string NavigateUrl(bool refresh)
+        {
+            return NavigateUrl(PageState.Page.Path, refresh);
+        }
+
+        public string NavigateUrl(string path, bool refresh)
+        {
+            return Utilities.NavigateUrl(PageState.Alias.Path, path, refresh ? "refresh" : "");
+        }
+
         public string NavigateUrl(string path, string parameters)
         {
             return Utilities.NavigateUrl(PageState.Alias.Path, path, parameters);
diff --git a/Oqtane.Client/UI/Reload.cs b/Oqtane.Client/UI/Refresh.cs
similarity index 62%
rename from Oqtane.Client/UI/Reload.cs
rename to Oqtane.Client/UI/Refresh.cs
index 6fb632c6..0c0d7871 100644
--- a/Oqtane.Client/UI/Reload.cs
+++ b/Oqtane.Client/UI/Refresh.cs
@@ -1,6 +1,6 @@
-namespace Oqtane.UI
+namespace Oqtane.UI
 {
-    public enum Reload
+    public enum Refresh
     {
         None,
         Page,
diff --git a/Oqtane.Client/UI/SiteRouter.razor b/Oqtane.Client/UI/SiteRouter.razor
index 6c690fe8..cbe7783a 100644
--- a/Oqtane.Client/UI/SiteRouter.razor
+++ b/Oqtane.Client/UI/SiteRouter.razor
@@ -77,7 +77,7 @@
         var action = Constants.DefaultAction;
         var urlparameters = string.Empty;
         var editmode = false;
-        var reload = Reload.None;
+        var refresh = UI.Refresh.None;
         var lastsyncdate = DateTime.UtcNow.AddHours(-1);
         var runtime = GetRuntime();
 
@@ -89,17 +89,17 @@
         // parse querystring
         var querystring = ParseQueryString(uri.Query);
 
-        // the reload parameter is used to reload the PageState
-        if (querystring.ContainsKey("reload"))
+        // the refresh parameter is used to refresh the PageState
+        if (querystring.ContainsKey("refresh"))
         {
-            reload = Reload.Site;
+            refresh = UI.Refresh.Site;
         }
         else
         {
-            // reload the client application if the user navigated to a site with a different alias or there is a forced redirect
-            if ((!path.StartsWith(SiteState.Alias.Path) && SiteState.Alias.Path != "") || querystring.ContainsKey("redirect"))
+            // reload the client application if the user navigated to a site with a different alias or there is a forced reload
+            if ((!path.StartsWith(SiteState.Alias.Path) && SiteState.Alias.Path != "") || querystring.ContainsKey("reload"))
             {
-                NavigationManager.NavigateTo(_absoluteUri.Replace("?redirect", ""), true);
+                NavigationManager.NavigateTo(_absoluteUri.Replace("?reload", ""), true);
                 return;
             }
         }
@@ -113,7 +113,7 @@
         // process any sync events
         var sync = await SyncService.GetSyncAsync(lastsyncdate);
         lastsyncdate = sync.SyncDate;
-        if (reload != Reload.Site && sync.SyncEvents.Any())
+        if (refresh != UI.Refresh.Site && sync.SyncEvents.Any())
         {
             // if running on WebAssembly reload the client application if the server application was restarted
             if (runtime == Shared.Runtime.WebAssembly && PageState != null && sync.SyncEvents.Exists(item => item.TenantId == -1))
@@ -123,14 +123,14 @@
             }
             if (sync.SyncEvents.Exists(item => item.EntityName == EntityNames.Site && item.EntityId == SiteState.Alias.SiteId))
             {
-                reload = Reload.Site;
+                refresh = UI.Refresh.Site;
             }
         }
 
-        if (reload == Reload.Site || PageState == null || PageState.Alias.SiteId != SiteState.Alias.SiteId)
+        if (refresh == UI.Refresh.Site || PageState == null || PageState.Alias.SiteId != SiteState.Alias.SiteId)
         {
             site = await SiteService.GetSiteAsync(SiteState.Alias.SiteId);
-            reload = Reload.Site;
+            refresh = UI.Refresh.Site;
         }
         else
         {
@@ -139,7 +139,7 @@
 
         if (site != null)
         {
-            if (PageState == null || reload == Reload.Site)
+            if (PageState == null || refresh == UI.Refresh.Site)
             {
                 // get user
                 var authState = await AuthenticationStateProvider.GetAuthenticationStateAsync();
@@ -154,15 +154,15 @@
             }
 
             // process any sync events for user
-            if (reload != Reload.Site && user != null && sync.SyncEvents.Any())
+            if (refresh != UI.Refresh.Site && user != null && sync.SyncEvents.Any())
             {
                 if (sync.SyncEvents.Exists(item => item.EntityName == EntityNames.User && item.EntityId == user.UserId))
                 {
-                    reload = Reload.Site;
+                    refresh = UI.Refresh.Site;
                 }
             }
 
-            if (PageState == null || reload == Reload.Site)
+            if (PageState == null || refresh == UI.Refresh.Site)
             {
                 pages = await PageService.GetPagesAsync(site.SiteId);
             }
@@ -239,7 +239,7 @@
             // remove trailing slash so it can be used as a key for Pages
             if (path.EndsWith("/")) path = path.Substring(0, path.Length - 1);
 
-            if (PageState == null || reload == Reload.Site)
+            if (PageState == null || refresh == UI.Refresh.Site)
             {
                 page = pages.FirstOrDefault(item => item.Path.Equals(path, StringComparison.OrdinalIgnoreCase));
             }
@@ -274,7 +274,7 @@
                 {
                     page = await ProcessPage(page, site, user);
 
-                    if (PageState == null || reload == Reload.Site)
+                    if (PageState == null || refresh == UI.Refresh.Site)
                     {
                         modules = await ModuleService.GetModulesAsync(site.SiteId);
                     }
diff --git a/Oqtane.Server/wwwroot/Modules/Templates/External/Client/Modules/[Owner].[Module]/Edit.razor b/Oqtane.Server/wwwroot/Modules/Templates/External/Client/Modules/[Owner].[Module]/Edit.razor
index b866069a..d901cb4f 100644
--- a/Oqtane.Server/wwwroot/Modules/Templates/External/Client/Modules/[Owner].[Module]/Edit.razor
+++ b/Oqtane.Server/wwwroot/Modules/Templates/External/Client/Modules/[Owner].[Module]/Edit.razor
@@ -6,25 +6,27 @@
 @inherits ModuleBase
 @inject I[Module]Service [Module]Service
 @inject NavigationManager NavigationManager
+@inject IStringLocalizer<Edit> Localizer
 
+<form @ref="form" class="@(validated ? "was-validated" : "needs-validation")" novalidate>
 <table class="table table-borderless">
     <tr>
         <td>
-            <Label For="name" HelpText="Enter a name">Name: </Label>
+            <Label For="name" HelpText="Enter a name" ResourceKey="Name">Name: </Label>
         </td>
         <td>
-            <input id="name" class="form-control" @bind="@_name" />
+            <input id="name" class="form-control" @bind="@_name" required />
         </td>
     </tr>
 </table>
-<button type="button" class="btn btn-success" @onclick="Save">Save</button>
-<NavLink class="btn btn-secondary" href="@NavigateUrl()">Cancel</NavLink>
-<br />
-<br />
+<button type="button" class="btn btn-success" @onclick="Save">@Localizer["Save"]</button>
+<NavLink class="btn btn-secondary" href="@NavigateUrl()">@Localizer["Cancel"]</NavLink>
+<br /><br />
 @if (PageState.Action == "Edit")
 {
     <AuditInfo CreatedBy="@_createdby" CreatedOn="@_createdon" ModifiedBy="@_modifiedby" ModifiedOn="@_modifiedon"></AuditInfo>
 }
+</form>
 
 @code {
     public override SecurityAccessLevel SecurityAccessLevel => SecurityAccessLevel.Edit;
@@ -38,12 +40,15 @@
         new Resource { ResourceType = ResourceType.Stylesheet, Url = ModulePath() + "Module.css" }
     };
 
-    int _id;
-    string _name;
-    string _createdby;
-    DateTime _createdon;
-    string _modifiedby;
-    DateTime _modifiedon;
+    private ElementReference form;
+    private bool validated = false;
+
+    private int _id;
+    private string _name;
+    private string _createdby;
+    private DateTime _createdon;
+    private string _modifiedby;
+    private DateTime _modifiedon;
 
     protected override async Task OnInitializedAsync()
     {
@@ -66,7 +71,7 @@
         catch (Exception ex)
         {
             await logger.LogError(ex, "Error Loading [Module] {[Module]Id} {Error}", _id, ex.Message);
-            AddModuleMessage("Error Loading [Module]", MessageType.Error);
+            AddModuleMessage(Localizer["Message.LoadError"], MessageType.Error);
         }
     }
 
@@ -74,7 +79,9 @@
     {
         try
         {
-            if (!string.IsNullOrEmpty(_name))
+            validated = true;
+            var interop = new Interop(JSRuntime);
+            if (await interop.FormValid(form))
             {
                 if (PageState.Action == "Add")
                 {
@@ -95,13 +102,13 @@
             }
             else
             {
-                AddModuleMessage("The Name Is Required", MessageType.Warning);
+                AddModuleMessage(Localizer["Message.SaveValidation"], MessageType.Warning);
             }
         }
         catch (Exception ex)
         {
             await logger.LogError(ex, "Error Saving [Module] {Error}", ex.Message);
-            AddModuleMessage("Error Saving [Module]", MessageType.Error);
+            AddModuleMessage(Localizer["Message.SaveError"], MessageType.Error);
         }
     }
 }
diff --git a/Oqtane.Server/wwwroot/Modules/Templates/External/Client/Modules/[Owner].[Module]/Index.razor b/Oqtane.Server/wwwroot/Modules/Templates/External/Client/Modules/[Owner].[Module]/Index.razor
index 4f5e0f37..d93cdb20 100644
--- a/Oqtane.Server/wwwroot/Modules/Templates/External/Client/Modules/[Owner].[Module]/Index.razor
+++ b/Oqtane.Server/wwwroot/Modules/Templates/External/Client/Modules/[Owner].[Module]/Index.razor
@@ -5,6 +5,7 @@
 @inherits ModuleBase
 @inject I[Module]Service [Module]Service
 @inject NavigationManager NavigationManager
+@inject IStringLocalizer<Index> Localizer
 
 @if (_[Module]s == null)
 {
@@ -12,7 +13,7 @@
 }
 else
 {
-    <ActionLink Action="Add" Security="SecurityAccessLevel.Edit" Text="Add [Module]" />
+    <ActionLink Action="Add" Security="SecurityAccessLevel.Edit" Text="Add [Module]" ResourceKey="Add" />
     <br />
     <br />
     @if (@_[Module]s.Count != 0)
@@ -21,18 +22,18 @@ else
             <Header>
                 <th style="width: 1px;">&nbsp;</th>
                 <th style="width: 1px;">&nbsp;</th>
-                <th>Name</th>
+                <th>@Localizer["Name"]</th>
             </Header>
             <Row>
-                <td><ActionLink Action="Edit" Parameters="@($"id=" + context.[Module]Id.ToString())" /></td>
-                <td><ActionDialog Header="Delete [Module]" Message="@("Are You Sure You Wish To Delete The " + context.Name + " [Module]?")" Action="Delete" Security="SecurityAccessLevel.Edit" Class="btn btn-danger" OnClick="@(async () => await Delete(context))" /></td>
+                <td><ActionLink Action="Edit" Parameters="@($"id=" + context.[Module]Id.ToString())" ResourceKey="Edit"  /></td>
+                <td><ActionDialog Header="Delete [Module]" Message="@("Are You Sure You Wish To Delete The " + context.Name + " [Module]?")" Action="Delete" Security="SecurityAccessLevel.Edit" Class="btn btn-danger" OnClick="@(async () => await Delete(context))" ResourceKey="Delete"  /></td>
                 <td>@context.Name</td>
             </Row>
         </Pager>
     }
     else
     {
-        <p>No [Module]s To Display</p>
+        <p>@Localizer["Message.DisplayNone"]</p>
     }
 }
 
@@ -54,7 +55,7 @@ else
         catch (Exception ex)
         {
             await logger.LogError(ex, "Error Loading [Module] {Error}", ex.Message);
-            AddModuleMessage("Error Loading [Module]", MessageType.Error);
+            AddModuleMessage(Localizer["Message.LoadError"], MessageType.Error);
         }
     }
 
@@ -70,7 +71,7 @@ else
         catch (Exception ex)
         {
             await logger.LogError(ex, "Error Deleting [Module] {[Module]} {Error}", [Module], ex.Message);
-            AddModuleMessage("Error Deleting [Module]", MessageType.Error);
+            AddModuleMessage(Localizer["Message.DeleteError"], MessageType.Error);
         }
     }
 }
\ No newline at end of file
diff --git a/Oqtane.Server/wwwroot/Modules/Templates/External/Client/Modules/[Owner].[Module]/Settings.razor b/Oqtane.Server/wwwroot/Modules/Templates/External/Client/Modules/[Owner].[Module]/Settings.razor
index 7989d7c9..20e042fd 100644
--- a/Oqtane.Server/wwwroot/Modules/Templates/External/Client/Modules/[Owner].[Module]/Settings.razor
+++ b/Oqtane.Server/wwwroot/Modules/Templates/External/Client/Modules/[Owner].[Module]/Settings.razor
@@ -1,11 +1,12 @@
 @namespace [Owner].[Module]
 @inherits ModuleBase
 @inject ISettingService SettingService
+@inject IStringLocalizer<Settings> Localizer
 
 <table class="table table-borderless">
     <tr>
         <td>
-            <Label For="value" HelpText="Enter a value">Name: </Label>
+            <Label For="value" HelpText="Enter a value" ResourceKey="SettingName">Name: </Label>
         </td>
         <td>
             <input id="value" type="text" class="form-control" @bind="@_value" />
diff --git a/Oqtane.Server/wwwroot/Modules/Templates/External/Client/Resources/[Owner].[Module]/Edit.resx b/Oqtane.Server/wwwroot/Modules/Templates/External/Client/Resources/[Owner].[Module]/Edit.resx
new file mode 100644
index 00000000..eebd66cd
--- /dev/null
+++ b/Oqtane.Server/wwwroot/Modules/Templates/External/Client/Resources/[Owner].[Module]/Edit.resx
@@ -0,0 +1,141 @@
+<?xml version="1.0" encoding="utf-8"?>
+<root>
+  <!-- 
+            Microsoft ResX Schema 
+
+            Version 2.0
+
+            The primary goals of this format is to allow a simple XML format 
+            that is mostly human readable. The generation and parsing of the 
+            various data types are done through the TypeConverter classes 
+            associated with the data types.
+
+            Example:
+
+            ... ado.net/XML headers & schema ...
+            <resheader name="resmimetype">text/microsoft-resx</resheader>
+            <resheader name="version">2.0</resheader>
+            <resheader name="reader">System.Resources.ResXResourceReader, System.Windows.Forms, ...</resheader>
+            <resheader name="writer">System.Resources.ResXResourceWriter, System.Windows.Forms, ...</resheader>
+            <data name="Name1"><value>this is my long string</value><comment>this is a comment</comment></data>
+            <data name="Color1" type="System.Drawing.Color, System.Drawing">Blue</data>
+            <data name="Bitmap1" mimetype="application/x-microsoft.net.object.binary.base64">
+                <value>[base64 mime encoded serialized .NET Framework object]</value>
+            </data>
+            <data name="Icon1" type="System.Drawing.Icon, System.Drawing" mimetype="application/x-microsoft.net.object.bytearray.base64">
+                <value>[base64 mime encoded string representing a byte array form of the .NET Framework object]</value>
+                <comment>This is a comment</comment>
+            </data>
+
+            There are any number of "resheader" rows that contain simple 
+            name/value pairs.
+
+            Each data row contains a name, and value. The row also contains a 
+            type or mimetype. Type corresponds to a .NET class that support 
+            text/value conversion through the TypeConverter architecture. 
+            Classes that don't support this are serialized and stored with the 
+            mimetype set.
+
+            The mimetype is used for serialized objects, and tells the 
+            ResXResourceReader how to depersist the object. This is currently not 
+            extensible. For a given mimetype the value must be set accordingly:
+
+            Note - application/x-microsoft.net.object.binary.base64 is the format 
+            that the ResXResourceWriter will generate, however the reader can 
+            read any of the formats listed below.
+
+            mimetype: application/x-microsoft.net.object.binary.base64
+            value   : The object must be serialized with 
+                    : System.Runtime.Serialization.Formatters.Binary.BinaryFormatter
+                    : and then encoded with base64 encoding.
+
+            mimetype: application/x-microsoft.net.object.soap.base64
+            value   : The object must be serialized with 
+                    : System.Runtime.Serialization.Formatters.Soap.SoapFormatter
+                    : and then encoded with base64 encoding.
+
+            mimetype: application/x-microsoft.net.object.bytearray.base64
+            value   : The object must be serialized into a byte array 
+                    : using a System.ComponentModel.TypeConverter
+                    : and then encoded with base64 encoding.
+            -->
+  <xsd:schema xmlns="" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:msdata="urn:schemas-microsoft-com:xml-msdata" id="root">
+    <xsd:import namespace="http://www.w3.org/XML/1998/namespace" />
+    <xsd:element name="root" msdata:IsDataSet="true">
+      <xsd:complexType>
+        <xsd:choice maxOccurs="unbounded">
+          <xsd:element name="metadata">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" />
+              </xsd:sequence>
+              <xsd:attribute name="name" use="required" type="xsd:string" />
+              <xsd:attribute name="type" type="xsd:string" />
+              <xsd:attribute name="mimetype" type="xsd:string" />
+              <xsd:attribute ref="xml:space" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="assembly">
+            <xsd:complexType>
+              <xsd:attribute name="alias" type="xsd:string" />
+              <xsd:attribute name="name" type="xsd:string" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="data">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
+                <xsd:element name="comment" type="xsd:string" minOccurs="0" msdata:Ordinal="2" />
+              </xsd:sequence>
+              <xsd:attribute name="name" type="xsd:string" use="required" msdata:Ordinal="1" />
+              <xsd:attribute name="type" type="xsd:string" msdata:Ordinal="3" />
+              <xsd:attribute name="mimetype" type="xsd:string" msdata:Ordinal="4" />
+              <xsd:attribute ref="xml:space" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="resheader">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
+              </xsd:sequence>
+              <xsd:attribute name="name" type="xsd:string" use="required" />
+            </xsd:complexType>
+          </xsd:element>
+        </xsd:choice>
+      </xsd:complexType>
+    </xsd:element>
+  </xsd:schema>
+  <resheader name="resmimetype">
+    <value>text/microsoft-resx</value>
+  </resheader>
+  <resheader name="version">
+    <value>2.0</value>
+  </resheader>
+  <resheader name="reader">
+    <value>System.Resources.ResXResourceReader, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
+  </resheader>
+  <resheader name="writer">
+    <value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
+  </resheader>
+  <data name="Name.Text" xml:space="preserve">
+    <value>Name: </value>
+  </data>
+  <data name="Name.HelpText" xml:space="preserve">
+    <value>Enter the name</value>
+  </data>
+  <data name="Save" xml:space="preserve">
+    <value>Save</value>
+  </data>
+  <data name="Cancel" xml:space="preserve">
+    <value>Cancel</value>
+  </data>
+  <data name="Message.LoadError" xml:space="preserve">
+    <value>Error Loading [Module]</value>
+  </data>
+  <data name="Message.SaveValidation" xml:space="preserve">
+    <value>Please Provide All Required Information</value>
+  </data>
+  <data name="Message.SaveError" xml:space="preserve">
+    <value>Error Saving [Module]</value>
+  </data>
+</root>
\ No newline at end of file
diff --git a/Oqtane.Server/wwwroot/Modules/Templates/External/Client/Resources/[Owner].[Module]/Index.resx b/Oqtane.Server/wwwroot/Modules/Templates/External/Client/Resources/[Owner].[Module]/Index.resx
new file mode 100644
index 00000000..2c863947
--- /dev/null
+++ b/Oqtane.Server/wwwroot/Modules/Templates/External/Client/Resources/[Owner].[Module]/Index.resx
@@ -0,0 +1,138 @@
+<?xml version="1.0" encoding="utf-8"?>
+<root>
+  <!-- 
+            Microsoft ResX Schema 
+
+            Version 2.0
+
+            The primary goals of this format is to allow a simple XML format 
+            that is mostly human readable. The generation and parsing of the 
+            various data types are done through the TypeConverter classes 
+            associated with the data types.
+
+            Example:
+
+            ... ado.net/XML headers & schema ...
+            <resheader name="resmimetype">text/microsoft-resx</resheader>
+            <resheader name="version">2.0</resheader>
+            <resheader name="reader">System.Resources.ResXResourceReader, System.Windows.Forms, ...</resheader>
+            <resheader name="writer">System.Resources.ResXResourceWriter, System.Windows.Forms, ...</resheader>
+            <data name="Name1"><value>this is my long string</value><comment>this is a comment</comment></data>
+            <data name="Color1" type="System.Drawing.Color, System.Drawing">Blue</data>
+            <data name="Bitmap1" mimetype="application/x-microsoft.net.object.binary.base64">
+                <value>[base64 mime encoded serialized .NET Framework object]</value>
+            </data>
+            <data name="Icon1" type="System.Drawing.Icon, System.Drawing" mimetype="application/x-microsoft.net.object.bytearray.base64">
+                <value>[base64 mime encoded string representing a byte array form of the .NET Framework object]</value>
+                <comment>This is a comment</comment>
+            </data>
+
+            There are any number of "resheader" rows that contain simple 
+            name/value pairs.
+
+            Each data row contains a name, and value. The row also contains a 
+            type or mimetype. Type corresponds to a .NET class that support 
+            text/value conversion through the TypeConverter architecture. 
+            Classes that don't support this are serialized and stored with the 
+            mimetype set.
+
+            The mimetype is used for serialized objects, and tells the 
+            ResXResourceReader how to depersist the object. This is currently not 
+            extensible. For a given mimetype the value must be set accordingly:
+
+            Note - application/x-microsoft.net.object.binary.base64 is the format 
+            that the ResXResourceWriter will generate, however the reader can 
+            read any of the formats listed below.
+
+            mimetype: application/x-microsoft.net.object.binary.base64
+            value   : The object must be serialized with 
+                    : System.Runtime.Serialization.Formatters.Binary.BinaryFormatter
+                    : and then encoded with base64 encoding.
+
+            mimetype: application/x-microsoft.net.object.soap.base64
+            value   : The object must be serialized with 
+                    : System.Runtime.Serialization.Formatters.Soap.SoapFormatter
+                    : and then encoded with base64 encoding.
+
+            mimetype: application/x-microsoft.net.object.bytearray.base64
+            value   : The object must be serialized into a byte array 
+                    : using a System.ComponentModel.TypeConverter
+                    : and then encoded with base64 encoding.
+            -->
+  <xsd:schema xmlns="" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:msdata="urn:schemas-microsoft-com:xml-msdata" id="root">
+    <xsd:import namespace="http://www.w3.org/XML/1998/namespace" />
+    <xsd:element name="root" msdata:IsDataSet="true">
+      <xsd:complexType>
+        <xsd:choice maxOccurs="unbounded">
+          <xsd:element name="metadata">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" />
+              </xsd:sequence>
+              <xsd:attribute name="name" use="required" type="xsd:string" />
+              <xsd:attribute name="type" type="xsd:string" />
+              <xsd:attribute name="mimetype" type="xsd:string" />
+              <xsd:attribute ref="xml:space" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="assembly">
+            <xsd:complexType>
+              <xsd:attribute name="alias" type="xsd:string" />
+              <xsd:attribute name="name" type="xsd:string" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="data">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
+                <xsd:element name="comment" type="xsd:string" minOccurs="0" msdata:Ordinal="2" />
+              </xsd:sequence>
+              <xsd:attribute name="name" type="xsd:string" use="required" msdata:Ordinal="1" />
+              <xsd:attribute name="type" type="xsd:string" msdata:Ordinal="3" />
+              <xsd:attribute name="mimetype" type="xsd:string" msdata:Ordinal="4" />
+              <xsd:attribute ref="xml:space" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="resheader">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
+              </xsd:sequence>
+              <xsd:attribute name="name" type="xsd:string" use="required" />
+            </xsd:complexType>
+          </xsd:element>
+        </xsd:choice>
+      </xsd:complexType>
+    </xsd:element>
+  </xsd:schema>
+  <resheader name="resmimetype">
+    <value>text/microsoft-resx</value>
+  </resheader>
+  <resheader name="version">
+    <value>2.0</value>
+  </resheader>
+  <resheader name="reader">
+    <value>System.Resources.ResXResourceReader, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
+  </resheader>
+  <resheader name="writer">
+    <value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
+  </resheader>
+  <data name="Name" xml:space="preserve">
+    <value>Name</value>
+  </data>
+  <data name="Edit" xml:space="preserve">
+    <value>Edit</value>
+  </data>
+  <data name="Delete" xml:space="preserve">
+    <value>Delete</value>
+  </data>
+  <data name="Message.DisplayNone" xml:space="preserve">
+    <value>No [Module]s To Display</value>
+  </data>
+  <data name="Message.LoadError" xml:space="preserve">
+    <value>Error Loading [Module]</value>
+  </data>
+  <data name="Message.DeleteError" xml:space="preserve">
+    <value>Error Deleting [Module]</value>
+  </data>
+</root>
\ No newline at end of file
diff --git a/Oqtane.Server/wwwroot/Modules/Templates/External/Client/Resources/[Owner].[Module]/Settings.resx b/Oqtane.Server/wwwroot/Modules/Templates/External/Client/Resources/[Owner].[Module]/Settings.resx
new file mode 100644
index 00000000..ba0390d8
--- /dev/null
+++ b/Oqtane.Server/wwwroot/Modules/Templates/External/Client/Resources/[Owner].[Module]/Settings.resx
@@ -0,0 +1,126 @@
+<?xml version="1.0" encoding="utf-8"?>
+<root>
+  <!-- 
+            Microsoft ResX Schema 
+
+            Version 2.0
+
+            The primary goals of this format is to allow a simple XML format 
+            that is mostly human readable. The generation and parsing of the 
+            various data types are done through the TypeConverter classes 
+            associated with the data types.
+
+            Example:
+
+            ... ado.net/XML headers & schema ...
+            <resheader name="resmimetype">text/microsoft-resx</resheader>
+            <resheader name="version">2.0</resheader>
+            <resheader name="reader">System.Resources.ResXResourceReader, System.Windows.Forms, ...</resheader>
+            <resheader name="writer">System.Resources.ResXResourceWriter, System.Windows.Forms, ...</resheader>
+            <data name="Name1"><value>this is my long string</value><comment>this is a comment</comment></data>
+            <data name="Color1" type="System.Drawing.Color, System.Drawing">Blue</data>
+            <data name="Bitmap1" mimetype="application/x-microsoft.net.object.binary.base64">
+                <value>[base64 mime encoded serialized .NET Framework object]</value>
+            </data>
+            <data name="Icon1" type="System.Drawing.Icon, System.Drawing" mimetype="application/x-microsoft.net.object.bytearray.base64">
+                <value>[base64 mime encoded string representing a byte array form of the .NET Framework object]</value>
+                <comment>This is a comment</comment>
+            </data>
+
+            There are any number of "resheader" rows that contain simple 
+            name/value pairs.
+
+            Each data row contains a name, and value. The row also contains a 
+            type or mimetype. Type corresponds to a .NET class that support 
+            text/value conversion through the TypeConverter architecture. 
+            Classes that don't support this are serialized and stored with the 
+            mimetype set.
+
+            The mimetype is used for serialized objects, and tells the 
+            ResXResourceReader how to depersist the object. This is currently not 
+            extensible. For a given mimetype the value must be set accordingly:
+
+            Note - application/x-microsoft.net.object.binary.base64 is the format 
+            that the ResXResourceWriter will generate, however the reader can 
+            read any of the formats listed below.
+
+            mimetype: application/x-microsoft.net.object.binary.base64
+            value   : The object must be serialized with 
+                    : System.Runtime.Serialization.Formatters.Binary.BinaryFormatter
+                    : and then encoded with base64 encoding.
+
+            mimetype: application/x-microsoft.net.object.soap.base64
+            value   : The object must be serialized with 
+                    : System.Runtime.Serialization.Formatters.Soap.SoapFormatter
+                    : and then encoded with base64 encoding.
+
+            mimetype: application/x-microsoft.net.object.bytearray.base64
+            value   : The object must be serialized into a byte array 
+                    : using a System.ComponentModel.TypeConverter
+                    : and then encoded with base64 encoding.
+            -->
+  <xsd:schema xmlns="" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:msdata="urn:schemas-microsoft-com:xml-msdata" id="root">
+    <xsd:import namespace="http://www.w3.org/XML/1998/namespace" />
+    <xsd:element name="root" msdata:IsDataSet="true">
+      <xsd:complexType>
+        <xsd:choice maxOccurs="unbounded">
+          <xsd:element name="metadata">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" />
+              </xsd:sequence>
+              <xsd:attribute name="name" use="required" type="xsd:string" />
+              <xsd:attribute name="type" type="xsd:string" />
+              <xsd:attribute name="mimetype" type="xsd:string" />
+              <xsd:attribute ref="xml:space" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="assembly">
+            <xsd:complexType>
+              <xsd:attribute name="alias" type="xsd:string" />
+              <xsd:attribute name="name" type="xsd:string" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="data">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
+                <xsd:element name="comment" type="xsd:string" minOccurs="0" msdata:Ordinal="2" />
+              </xsd:sequence>
+              <xsd:attribute name="name" type="xsd:string" use="required" msdata:Ordinal="1" />
+              <xsd:attribute name="type" type="xsd:string" msdata:Ordinal="3" />
+              <xsd:attribute name="mimetype" type="xsd:string" msdata:Ordinal="4" />
+              <xsd:attribute ref="xml:space" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="resheader">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
+              </xsd:sequence>
+              <xsd:attribute name="name" type="xsd:string" use="required" />
+            </xsd:complexType>
+          </xsd:element>
+        </xsd:choice>
+      </xsd:complexType>
+    </xsd:element>
+  </xsd:schema>
+  <resheader name="resmimetype">
+    <value>text/microsoft-resx</value>
+  </resheader>
+  <resheader name="version">
+    <value>2.0</value>
+  </resheader>
+  <resheader name="reader">
+    <value>System.Resources.ResXResourceReader, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
+  </resheader>
+  <resheader name="writer">
+    <value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
+  </resheader>
+  <data name="SettingName.Text" xml:space="preserve">
+    <value>Name: </value>
+  </data>
+  <data name="SettingName.HelpText" xml:space="preserve">
+    <value>Enter a value</value>
+  </data>
+</root>
\ No newline at end of file
diff --git a/Oqtane.Server/wwwroot/Modules/Templates/External/Server/Controllers/[Module]Controller.cs b/Oqtane.Server/wwwroot/Modules/Templates/External/Server/Controllers/[Module]Controller.cs
index a42767ba..ca2d4bea 100644
--- a/Oqtane.Server/wwwroot/Modules/Templates/External/Server/Controllers/[Module]Controller.cs
+++ b/Oqtane.Server/wwwroot/Modules/Templates/External/Server/Controllers/[Module]Controller.cs
@@ -7,6 +7,7 @@ using Oqtane.Enums;
 using Oqtane.Infrastructure;
 using [Owner].[Module].Repository;
 using Oqtane.Controllers;
+using System.Net;
 
 namespace [Owner].[Module].Controllers
 {
@@ -25,12 +26,15 @@ namespace [Owner].[Module].Controllers
         [Authorize(Policy = PolicyNames.ViewModule)]
         public IEnumerable<Models.[Module]> Get(string moduleid)
         {
-            if (int.Parse(moduleid) == _authEntityId[EntityNames.Module])
+            int ModuleId;
+            if (int.TryParse(moduleid, out ModuleId) == _authEntityId[EntityNames.Module])
             {
-                return _[Module]Repository.Get[Module]s(int.Parse(moduleid));
+                return _[Module]Repository.Get[Module]s(int.Parse(ModuleId));
             }
             else
             {
+                _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized [Module] Get Attempt {ModuleId}", moduleid);
+                HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
                 return null;
             }
         }
@@ -43,12 +47,18 @@ namespace [Owner].[Module].Controllers
             Models.[Module] [Module] = _[Module]Repository.Get[Module](id);
             if ([Module] != null && [Module].ModuleId != _authEntityId[EntityNames.Module])
             {
-                [Module] = null;
+                return [Module];
+            }
+            else
+            { 
+                _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized [Module] Get Attempt {[Module]Id}", id);
+                HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
+                return null;
             }
-            return [Module];
         }
 
         // POST api/<controller>
+        [ValidateAntiForgeryToken]
         [HttpPost]
         [Authorize(Policy = PolicyNames.EditModule)]
         public Models.[Module] Post([FromBody] Models.[Module] [Module])
@@ -58,23 +68,37 @@ namespace [Owner].[Module].Controllers
                 [Module] = _[Module]Repository.Add[Module]([Module]);
                 _logger.Log(LogLevel.Information, this, LogFunction.Create, "[Module] Added {[Module]}", [Module]);
             }
+            else
+            {
+                _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized [Module] Post Attempt {[Module]}", [Module]);
+                HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
+                [Module] = null;
+            }
             return [Module];
         }
 
         // PUT api/<controller>/5
+        [ValidateAntiForgeryToken]
         [HttpPut("{id}")]
         [Authorize(Policy = PolicyNames.EditModule)]
         public Models.[Module] Put(int id, [FromBody] Models.[Module] [Module])
         {
-            if (ModelState.IsValid && [Module].ModuleId == _authEntityId[EntityNames.Module])
+            if (ModelState.IsValid && [Module].ModuleId == _authEntityId[EntityNames.Module] && _[Module]Repository.Get[Module]([Module].[Module]Id, false) != null)
             {
                 [Module] = _[Module]Repository.Update[Module]([Module]);
                 _logger.Log(LogLevel.Information, this, LogFunction.Update, "[Module] Updated {[Module]}", [Module]);
             }
+            else
+            {
+                _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized [Module] Put Attempt {[Module]}", [Module]);
+                HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
+                [Module] = null;
+            }
             return [Module];
         }
 
         // DELETE api/<controller>/5
+        [ValidateAntiForgeryToken]
         [HttpDelete("{id}")]
         [Authorize(Policy = PolicyNames.EditModule)]
         public void Delete(int id)
@@ -85,6 +109,11 @@ namespace [Owner].[Module].Controllers
                 _[Module]Repository.Delete[Module](id);
                 _logger.Log(LogLevel.Information, this, LogFunction.Delete, "[Module] Deleted {[Module]Id}", id);
             }
+            else
+            {
+                _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized [Module] Delete Attempt {[Module]Id}", id);
+                HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
+            }
         }
     }
 }
diff --git a/Oqtane.Server/wwwroot/Modules/Templates/External/Server/Repository/I[Module]Repository.cs b/Oqtane.Server/wwwroot/Modules/Templates/External/Server/Repository/I[Module]Repository.cs
index 52b7913a..da2db55f 100644
--- a/Oqtane.Server/wwwroot/Modules/Templates/External/Server/Repository/I[Module]Repository.cs
+++ b/Oqtane.Server/wwwroot/Modules/Templates/External/Server/Repository/I[Module]Repository.cs
@@ -7,6 +7,7 @@ namespace [Owner].[Module].Repository
     {
         IEnumerable<Models.[Module]> Get[Module]s(int ModuleId);
         Models.[Module] Get[Module](int [Module]Id);
+        Models.[Module] Get[Module](int [Module]Id, bool tracking);
         Models.[Module] Add[Module](Models.[Module] [Module]);
         Models.[Module] Update[Module](Models.[Module] [Module]);
         void Delete[Module](int [Module]Id);
diff --git a/Oqtane.Server/wwwroot/Modules/Templates/External/Server/Repository/[Module]Repository.cs b/Oqtane.Server/wwwroot/Modules/Templates/External/Server/Repository/[Module]Repository.cs
index 9c8c3628..238546dc 100644
--- a/Oqtane.Server/wwwroot/Modules/Templates/External/Server/Repository/[Module]Repository.cs
+++ b/Oqtane.Server/wwwroot/Modules/Templates/External/Server/Repository/[Module]Repository.cs
@@ -22,7 +22,19 @@ namespace [Owner].[Module].Repository
 
         public Models.[Module] Get[Module](int [Module]Id)
         {
-            return _db.[Module].Find([Module]Id);
+            return Get[Module]([Module]Id, true);
+        }
+
+        public Models.[Module] Get[Module](int [Module]Id, bool tracking)
+        {
+            if (tracking)
+            {
+                return _db.[Module].Find([Module]Id);
+            }
+            else
+            {
+                return _db.[Module].AsNoTracking().FirstOrDefault(item => item.[Module]Id == [Module]Id);
+            }
         }
 
         public Models.[Module] Add[Module](Models.[Module] [Module])