Refactoring authentication to support server-side Blazor using a seamless login flow.

Oqtane.Server/Pages/Login.cshtml

@@ -0,0 +1,3 @@
+@page "/login"
+@namespace  Oqtane.Pages
+@model Oqtane.Pages.LoginModel

Oqtane.Server/Pages/Login.cshtml.cs

@@ -0,0 +1,52 @@
+using System;
+using System.Collections.Generic;
+using System.Security.Claims;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Identity;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.RazorPages;
+
+namespace Oqtane.Pages
+{
+    [AllowAnonymous]
+    public class LoginModel : PageModel
+    {
+
+        private readonly UserManager<IdentityUser> identityUserManager;
+        private readonly SignInManager<IdentityUser> identitySignInManager;
+
+        public LoginModel(UserManager<IdentityUser> IdentityUserManager, SignInManager<IdentityUser> IdentitySignInManager)
+        {
+            identityUserManager = IdentityUserManager;
+            identitySignInManager = IdentitySignInManager;
+        }
+
+        public async Task<IActionResult> OnPostAsync(string username, string password, bool remember, string returnurl)
+        {
+            await HttpContext.SignOutAsync(IdentityConstants.ApplicationScheme);
+
+            bool validuser = false;
+            IdentityUser identityuser = await identityUserManager.FindByNameAsync(username);
+            if (identityuser != null)
+            {
+                var result = await identitySignInManager.CheckPasswordSignInAsync(identityuser, password, false);
+                if (result.Succeeded)
+                {
+                    validuser = true;
+                }
+            }
+
+            if (validuser)
+            {
+                var claims = new List<Claim>{ new Claim(ClaimTypes.Name, username) };
+                var claimsIdentity = new ClaimsIdentity(claims, IdentityConstants.ApplicationScheme);
+                var authProperties = new AuthenticationProperties{IsPersistent = remember};
+                await HttpContext.SignInAsync(IdentityConstants.ApplicationScheme, new ClaimsPrincipal(claimsIdentity), authProperties);
+            }
+
+            return LocalRedirect(Url.Content("~/" + returnurl));
+        }
+    }
+}

Oqtane.Server/Pages/Logout.cshtml

@@ -0,0 +1,3 @@
+@page "/logout"
+@namespace Oqtane.Pages
+@model Oqtane.Pages.LogoutModel

Oqtane.Server/Pages/Logout.cshtml.cs

@@ -0,0 +1,26 @@
+using System;
+using System.Collections.Generic;
+using System.Security.Claims;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authentication.Cookies;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Identity;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.RazorPages;
+using Oqtane.Models;
+
+namespace Oqtane.Pages
+{
+    [IgnoreAntiforgeryToken(Order = 1001)]
+    [AllowAnonymous]
+    public class LogoutModel : PageModel
+    {
+        public async Task<IActionResult> OnPostAsync()
+        {
+            await HttpContext.SignOutAsync(IdentityConstants.ApplicationScheme);
+
+            return LocalRedirect(Url.Content("~/"));
+        }
+    }
+}

Oqtane.Server/Pages/_Host.cshtml

@@ -14,6 +14,7 @@
     <link href="css/site.css" rel="stylesheet" />
 </head>
 <body>
+    @(Html.AntiForgeryToken())
     <app>@(await Html.RenderComponentAsync<App>())</app>
 
     <script src="js/site.js"></script>