Merge pull request #2169 from oqtane/master

Merge pull request #2168 from oqtane/dev

.gitignore

@@ -12,9 +12,7 @@ msbuild.binlog
 *.idea
 
 Oqtane.Server/appsettings.json
-Oqtane.Server/Data/*.mdf
+Oqtane.Server/Data
-Oqtane.Server/Data/*.ldf
-Oqtane.Server/Data/*.db
 
 /Oqtane.Server/Properties/PublishProfiles/FolderProfile.pubxml
 Oqtane.Server/Content
@@ -22,3 +20,10 @@ Oqtane.Server/Packages
 Oqtane.Server/wwwroot/Content
 Oqtane.Server/wwwroot/Packages/*.log
 
+Oqtane.Server/wwwroot/Modules
+!Oqtane.Server/wwwroot/Modules/Oqtane.Modules.*
+!Oqtane.Server/wwwroot/Modules/Templates
+
+Oqtane.Server/wwwroot/Themes
+!Oqtane.Server/wwwroot/Themes/Oqtane.Themes.*
+!Oqtane.Server/wwwroot/Themes/Templates

Oqtane.Client/App.razor

@@ -45,6 +45,9 @@
 	[Parameter]
 	public string RemoteIPAddress { get; set; }
 
+	[Parameter]
+	public string AuthorizationToken { get; set; }
+
 	private bool _initialized = false;
 	private string _display = "display: none;";
 	private Installation _installation = new Installation { Success = false, Message = "" };
@@ -55,7 +58,7 @@
 	{
 		SiteState.RemoteIPAddress = RemoteIPAddress;
 		SiteState.AntiForgeryToken = AntiForgeryToken;
-		InstallationService.SetAntiForgeryTokenHeader(AntiForgeryToken);
+		SiteState.AuthorizationToken = AuthorizationToken;
 
         _installation = await InstallationService.IsInstalled();
         if (_installation.Alias != null)

Oqtane.Client/Installer/Controls/MySQLConfig.razor

@@ -28,7 +28,7 @@
 <div class="row mb-1 align-items-center">
     <Label Class="col-sm-3" For="pwd" HelpText="Enter the password to use for the database" ResourceKey="Pwd">Password:</Label>
     <div class="col-sm-9">
-        <input id="pwd" type="password" class="form-control" @bind="@_pwd" />
+        <input id="pwd" type="password" class="form-control" @bind="@_pwd" autocomplete="new-password" />
     </div>
 </div>
 

Oqtane.Client/Installer/Controls/PostgreSQLConfig.razor

@@ -40,7 +40,7 @@
     <div class="row mb-1 align-items-center">
         <Label Class="col-sm-3" For="pwd" HelpText="Enter the password to use for the database" ResourceKey="Pwd">Password:</Label>
         <div class="col-sm-9">
-            <input id="pwd" type="password" class="form-control" @bind="@_pwd" />
+            <input id="pwd" type="password" class="form-control" @bind="@_pwd" autocomplete="new-password" />
         </div>
     </div>
 }

Oqtane.Client/Installer/Controls/SqlServerConfig.razor

@@ -35,7 +35,7 @@
     <div class="row mb-1 align-items-center">
         <Label Class="col-sm-3" For="pwd" HelpText="Enter the password to use for the database" ResourceKey="Pwd">Password:</Label>
         <div class="col-sm-9">
-            <input id="pwd" type="password" class="form-control" @bind="@_pwd" />
+            <input id="pwd" type="password" class="form-control" @bind="@_pwd" autocomplete="new-password" />
         </div>
     </div>
 }

Oqtane.Client/Installer/Installer.razor

@@ -62,13 +62,19 @@
                 <div class="row mb-1 align-items-center">
                     <Label Class="col-sm-3" For="password" HelpText="Provide a password for the primary user account" ResourceKey="Password">Password:</Label>
                     <div class="col-sm-9">
-                        <input id="password" type="password" class="form-control" @bind="@_hostPassword" />
+						<div class="input-group">
+							<input id="password" type="@_passwordtype" class="form-control" @bind="@_hostPassword" autocomplete="new-password" />
+							<button type="button" class="btn btn-secondary" @onclick="@TogglePassword">@_togglepassword</button>
+						</div>
                     </div>
                 </div>
                 <div class="row mb-1 align-items-center">
                     <Label Class="col-sm-3" For="confirm" HelpText="Please confirm the password entered above by entering it again" ResourceKey="Confirm">Confirm:</Label>
                     <div class="col-sm-9">
-                        <input id="confirm" type="password" class="form-control" @bind="@_confirmPassword" />
+						<div class="input-group">
+							<input id="confirm" type="@_passwordtype" class="form-control" @bind="@_confirmPassword" autocomplete="new-password" />
+							<button type="button" class="btn btn-secondary" @onclick="@TogglePassword">@_togglepassword</button>
+						</div>
                     </div>
                 </div>
                 <div class="row mb-1 align-items-center">
@@ -104,6 +110,8 @@
 
 	private string _hostUsername = string.Empty;
 	private string _hostPassword = string.Empty;
+	private string _passwordtype = "password";
+	private string _togglepassword = string.Empty;
 	private string _confirmPassword = string.Empty;
 	private string _hostEmail = string.Empty;
 	private bool _register = true;
@@ -112,6 +120,7 @@
 
 	protected override async Task OnInitializedAsync()
 	{
+		_togglepassword = SharedLocalizer["ShowPassword"];
 		_databases = await DatabaseService.GetDatabasesAsync();
 		if (_databases.Exists(item => item.IsDefault))
 		{
@@ -121,94 +130,115 @@
 		{
 			_databaseName = "LocalDB";
 		}
-        LoadDatabaseConfigComponent();
+		LoadDatabaseConfigComponent();
-    }
+	}
 
-    private void DatabaseChanged(ChangeEventArgs eventArgs)
+	private void DatabaseChanged(ChangeEventArgs eventArgs)
-    {
+	{
-        try
+		try
-        {
+		{
-            _databaseName = (string)eventArgs.Value;
+			_databaseName = (string)eventArgs.Value;
 
-            LoadDatabaseConfigComponent();
+			LoadDatabaseConfigComponent();
-        }
+		}
-        catch
+		catch
-        {
+		{
-            _message = Localizer["Error.DbConfig.Load"];
+			_message = Localizer["Error.DbConfig.Load"];
-        }
+		}
-    }
+	}
 
-    private void LoadDatabaseConfigComponent()
+	private void LoadDatabaseConfigComponent()
-    {
+	{
-        var database = _databases.SingleOrDefault(d => d.Name == _databaseName);
+		var database = _databases.SingleOrDefault(d => d.Name == _databaseName);
-        if (database != null)
+		if (database != null)
-        {
+		{
-            _databaseConfigType = Type.GetType(database.ControlType);
+			_databaseConfigType = Type.GetType(database.ControlType);
-            DatabaseConfigComponent = builder =>
+			DatabaseConfigComponent = builder =>
-            {
+			{
-                builder.OpenComponent(0, _databaseConfigType);
+				builder.OpenComponent(0, _databaseConfigType);
-                builder.AddComponentReferenceCapture(1, inst => { _databaseConfig = Convert.ChangeType(inst, _databaseConfigType); });
+				builder.AddComponentReferenceCapture(1, inst => { _databaseConfig = Convert.ChangeType(inst, _databaseConfigType); });
-                builder.CloseComponent();
+				builder.CloseComponent();
-            };
+			};
-        }
+		}
-    }
+	}
 
-    protected override async Task OnAfterRenderAsync(bool firstRender)
+	protected override async Task OnAfterRenderAsync(bool firstRender)
-    {
+	{
-        if (firstRender)
+		if (firstRender)
-        {
+		{
-            var interop = new Interop(JSRuntime);
+			var interop = new Interop(JSRuntime);
-            await interop.IncludeLink("", "stylesheet", "https://cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/css/bootstrap.min.css", "text/css", "sha512-GQGU0fMMi238uA+a/bdWJfpUGKUkBdgfFdgBm72SUQ6BeyWjoY/ton0tEjH+OSH9iP4Dfh+7HM0I9f5eR0L/4w==", "anonymous", "");
+			await interop.IncludeLink("", "stylesheet", "https://cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/css/bootstrap.min.css", "text/css", "sha512-GQGU0fMMi238uA+a/bdWJfpUGKUkBdgfFdgBm72SUQ6BeyWjoY/ton0tEjH+OSH9iP4Dfh+7HM0I9f5eR0L/4w==", "anonymous", "");
-            await interop.IncludeScript("", "https://cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/js/bootstrap.bundle.min.js", "sha512-pax4MlgXjHEPfCwcJLQhigY7+N8rt6bVvWLFyUMuxShv170X53TRzGPmPkZmGBhk+jikR8WBM4yl7A9WMHHqvg==", "anonymous", "", "head", "");
+			await interop.IncludeScript("", "https://cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/js/bootstrap.bundle.min.js", "sha512-pax4MlgXjHEPfCwcJLQhigY7+N8rt6bVvWLFyUMuxShv170X53TRzGPmPkZmGBhk+jikR8WBM4yl7A9WMHHqvg==", "anonymous", "", "head");
-        }
+		}
-    }
+	}
 
-    private async Task Install()
+	private async Task Install()
-    {
+	{
-        var connectionString = String.Empty;
+		var connectionString = String.Empty;
-        if (_databaseConfig is IDatabaseConfigControl databaseConfigControl)
+		if (_databaseConfig is IDatabaseConfigControl databaseConfigControl)
-        {
+		{
-            connectionString = databaseConfigControl.GetConnectionString();
+			connectionString = databaseConfigControl.GetConnectionString();
-        }
+		}
 
-        if (connectionString != "" && !string.IsNullOrEmpty(_hostUsername) && _hostPassword.Length >= 6 && _hostPassword == _confirmPassword && !string.IsNullOrEmpty(_hostEmail) && _hostEmail.Contains("@"))
+		if (connectionString != "" && !string.IsNullOrEmpty(_hostUsername) && !string.IsNullOrEmpty(_hostPassword) && _hostPassword == _confirmPassword && !string.IsNullOrEmpty(_hostEmail) && _hostEmail.Contains("@"))
-        {
+		{
-            _loadingDisplay = "";
+			if (await UserService.ValidatePasswordAsync(_hostPassword))
-            StateHasChanged();
+			{
+				_loadingDisplay = "";
+				StateHasChanged();
 
-            Uri uri = new Uri(NavigationManager.Uri);
+				Uri uri = new Uri(NavigationManager.Uri);
 
-            var database = _databases.SingleOrDefault(d => d.Name == _databaseName);
+				var database = _databases.SingleOrDefault(d => d.Name == _databaseName);
 
-            var config = new InstallConfig
+				var config = new InstallConfig
-            {
+				{
-                DatabaseType = database.DBType,
+					DatabaseType = database.DBType,
-                ConnectionString = connectionString,
+					ConnectionString = connectionString,
-                Aliases = uri.Authority,
+					Aliases = uri.Authority,
-                HostUsername = _hostUsername,
+					HostUsername = _hostUsername,
-                HostPassword = _hostPassword,
+					HostPassword = _hostPassword,
-                HostEmail = _hostEmail,
+					HostEmail = _hostEmail,
-                HostName = _hostUsername,
+					HostName = _hostUsername,
-                TenantName = TenantNames.Master,
+					TenantName = TenantNames.Master,
-                IsNewTenant = true,
+					IsNewTenant = true,
-                SiteName = Constants.DefaultSite,
+					SiteName = Constants.DefaultSite,
-                Register = _register
+					Register = _register
-            };
+				};
 
-            var installation = await InstallationService.Install(config);
+				var installation = await InstallationService.Install(config);
-            if (installation.Success)
+				if (installation.Success)
-            {
+				{
-                NavigationManager.NavigateTo(uri.Scheme + "://" + uri.Authority, true);
+					NavigationManager.NavigateTo(uri.Scheme + "://" + uri.Authority, true);
-            }
+				}
-            else
+				else
-            {
+				{
-                _message = installation.Message;
+					_message = installation.Message;
-                _loadingDisplay = "display: none;";
+					_loadingDisplay = "display: none;";
-            }
+				}				
+			}
+			else
+			{
+				_message = Localizer["Message.Password.Invalid"];				
+			}
         }
         else
         {
             _message = Localizer["Message.Require.DbInfo"];
         }
     }
+
+	private void TogglePassword()
+	{
+		if (_passwordtype == "password")
+		{
+			_passwordtype = "text";
+			_togglepassword = SharedLocalizer["HidePassword"];
+		}
+		else
+		{
+			_passwordtype = "password";
+			_togglepassword = SharedLocalizer["ShowPassword"];
+		}
+	}
 }

Oqtane.Client/Modules/Admin/Dashboard/Index.razor

@@ -27,6 +27,6 @@
     protected override void OnInitialized()
     {
         var admin = PageState.Pages.FirstOrDefault(item => item.Path == "admin");
-        _pages = PageState.Pages.Where(item => item.ParentId == admin?.PageId && !item.IsDeleted).ToList();
+        _pages = PageState.Pages.Where(item => item.ParentId == admin?.PageId).ToList();
     }
 }

Oqtane.Client/Modules/Admin/Languages/Index.razor

@@ -84,7 +84,7 @@ else
             var package = _packages.Where(item => item.PackageId == (Constants.PackageId + ".Client." + code)).FirstOrDefault();
             if (package != null)
             {
-                upgradeavailable = (Version.Parse(package.Version).CompareTo(Version.Parse(Constants.Version)) > 0);
+                upgradeavailable = (Version.Parse(package.Version).CompareTo(Version.Parse(Constants.Version)) == 0);
             }
 
         }

Oqtane.Client/Modules/Admin/Login/Index.razor

@@ -7,10 +7,6 @@
 @inject IStringLocalizer<Index> Localizer
 @inject IStringLocalizer<SharedResources> SharedLocalizer
 
-@if (_message != string.Empty)
-{
-    <ModuleMessage Message="@_message" Type="@_type" />
-}
 <AuthorizeView Roles="@RoleNames.Registered">
     <Authorizing>
         <text>...</text>
@@ -19,185 +15,301 @@
 		<div>@Localizer["Info.SignedIn"]</div>
     </Authorized>
     <NotAuthorized>
-        <form @ref="login" class="@(validated ? "was-validated" : "needs-validation")" novalidate>
+		@if (!twofactor)
-            <div class="container Oqtane-Modules-Admin-Login" @onkeypress="@(e => KeyPressed(e))">
+		{
-                <div class="form-group">
+			<form @ref="login" class="@(validated ? "was-validated" : "needs-validation")" novalidate>
-                    <label for="Username" class="control-label">@SharedLocalizer["Username"] </label>
+				<div class="Oqtane-Modules-Admin-Login" @onkeypress="@(e => KeyPressed(e))">
-                    <input type="text" @ref="username" name="Username" class="form-control username" placeholder="Username" @bind="@_username" id="Username" required />
+				@if (_allowexternallogin)
-                </div>
+				{
-                <div class="form-group">
+					<button type="button" class="btn btn-primary" @onclick="ExternalLogin">@Localizer["Use"] @PageState.Site.Settings["ExternalLogin:ProviderName"]</button>						
-                    <label for="Password" class="control-label">@SharedLocalizer["Password"] </label>
+					<br /><br />
-                    <input type="password" name="Password" class="form-control password" placeholder="Password" @bind="@_password" id="Password" required />
+				}
-                </div>
+				@if (_allowsitelogin)
-                <div class="form-group">
+				{
-                    <div class="form-check form-check-inline">
+					<div class="form-group">
-                        <label class="form-check-label" for="Remember">@Localizer["RememberMe"]</label>&nbsp;
+						<Label Class="control-label" For="username" HelpText="Please enter your Username" ResourceKey="Username">Username:</Label>
-                        <input type="checkbox" class="form-check-input" name="Remember" @bind="@_remember" id="Remember" />
+						<input id="username" type="text" @ref="username" class="form-control" placeholder="@Localizer["Username.Placeholder"]" @bind="@_username" required />
-                    </div>
+					</div>
-                </div>
+					<div class="form-group mt-2">
-                <button type="button" class="btn btn-primary" @onclick="Login">@SharedLocalizer["Login"]</button>
+						<Label Class="control-label" For="password" HelpText="Please enter your Password" ResourceKey="Password">Password:</Label>
-                <button type="button" class="btn btn-secondary" @onclick="Cancel">@SharedLocalizer["Cancel"]</button>
+						<div class="input-group">
-                <br /><br />
+							<input id="password" type="@_passwordtype" name="Password" class="form-control" placeholder="@Localizer["Password.Placeholder"]" @bind="@_password" required />
-                <button type="button" class="btn btn-secondary" @onclick="Forgot">@Localizer["ForgotPassword"]</button>
+							<button type="button" class="btn btn-secondary" @onclick="@TogglePassword">@_togglepassword</button>
-            </div>
+						</div>
-        </form>
+					</div>
-    </NotAuthorized>
+					<div class="form-group mt-2">
+						<div class="form-check">
+							<input id="remember" type="checkbox" class="form-check-input" @bind="@_remember" />
+							<Label Class="control-label" For="remember" HelpText="Specify if you would like to be signed back in automatically the next time you visit this site" ResourceKey="Remember">Remember Me?</Label>
+						</div>
+					</div>
+					<button type="button" class="btn btn-primary" @onclick="Login">@SharedLocalizer["Login"]</button>
+					<button type="button" class="btn btn-secondary" @onclick="Cancel">@SharedLocalizer["Cancel"]</button>
+					<br /><br />
+					<button type="button" class="btn btn-secondary" @onclick="Forgot">@Localizer["ForgotPassword"]</button>		
+				}
+				</div>
+			</form>
+		}
+		else
+		{
+			<form @ref="login" class="@(validated ? "was-validated" : "needs-validation")" novalidate>
+				<div class="container Oqtane-Modules-Admin-Login">
+					<div class="form-group">
+						<Label Class="control-label" For="code" HelpText="Please enter the secure verification code which was sent to you by email" ResourceKey="Code">Verification Code:</Label>
+						<input id="code" class="form-control" @bind="@_code" placeholder="@Localizer["Code.Placeholder"]" maxlength="6" required />
+					</div>
+					<br />
+					<button type="button" class="btn btn-primary" @onclick="Login">@SharedLocalizer["Login"]</button>
+					<button type="button" class="btn btn-secondary" @onclick="Reset">@SharedLocalizer["Cancel"]</button>
+				</div>
+			</form>
+		}
+	</NotAuthorized>
 </AuthorizeView>
 
 @code {
-    private string _returnUrl = string.Empty;
+	private bool _allowsitelogin = true;
-    private string _message = string.Empty;
+	private bool _allowexternallogin = false;
-    private MessageType _type = MessageType.Info;
+	private ElementReference login;
-    private string _username = string.Empty;
+	private bool validated = false;
-    private string _password = string.Empty;
+	private bool twofactor = false;
-    private bool _remember = false;
+	private string _username = string.Empty;
-    private bool validated = false;
+	private ElementReference username;
+	private string _password = string.Empty;
+	private string _passwordtype = "password";
+	private string _togglepassword = string.Empty;
+	private bool _remember = false;
+	private string _code = string.Empty;
 
-    private ElementReference login;
+	private string _returnUrl = string.Empty;
-    private ElementReference username;
 
-    public override SecurityAccessLevel SecurityAccessLevel => SecurityAccessLevel.Anonymous;
+	public override SecurityAccessLevel SecurityAccessLevel => SecurityAccessLevel.Anonymous;
 
-    public override List<Resource> Resources => new List<Resource>()
+	public override List<Resource> Resources => new List<Resource>()
     {
         new Resource { ResourceType = ResourceType.Stylesheet, Url = ModulePath() + "Module.css" }
     };
 
-    protected override async Task OnInitializedAsync()
+	protected override async Task OnInitializedAsync()
-    {
+	{
-        if (PageState.QueryString.ContainsKey("returnurl"))
+		try
-        {
+		{
-            _returnUrl = PageState.QueryString["returnurl"];
+			_togglepassword = SharedLocalizer["ShowPassword"];
-        }
 
-        if (PageState.QueryString.ContainsKey("name"))
+			if (PageState.Site.Settings.ContainsKey("LoginOptions:AllowSiteLogin") && !string.IsNullOrEmpty(PageState.Site.Settings["LoginOptions:AllowSiteLogin"]))
-        {
+			{
-            _username = PageState.QueryString["name"];
+				_allowsitelogin = bool.Parse(PageState.Site.Settings["LoginOptions:AllowSiteLogin"]);
-        }
+			}
 
-        if (PageState.QueryString.ContainsKey("token"))
+			if (PageState.Site.Settings.ContainsKey("ExternalLogin:ProviderType") && !string.IsNullOrEmpty(PageState.Site.Settings["ExternalLogin:ProviderType"]))
-        {
+			{
-            var user = new User();
+				_allowexternallogin = true;
-            user.SiteId = PageState.Site.SiteId;
+			}
-            user.Username = _username;
-            user = await UserService.VerifyEmailAsync(user, PageState.QueryString["token"]);
 
-            if (user != null)
+			if (PageState.QueryString.ContainsKey("returnurl"))
-            {
+			{
-                await logger.LogInformation(LogFunction.Security, "Email Verified For For Username {Username}", _username);
+				_returnUrl = PageState.QueryString["returnurl"];
-                _message = Localizer["Success.Account.Verified"];
+			}
-            }
-            else
-            {
-                await logger.LogError(LogFunction.Security, "Email Verification Failed For Username {Username}", _username);
-                _message = Localizer["Message.Account.NotVerfied"];
-                _type = MessageType.Warning;
-            }
-        }
-    }
 
-    protected override async Task OnAfterRenderAsync(bool firstRender)
+			if (PageState.QueryString.ContainsKey("name"))
-    {
+			{
-        if (firstRender)
+				_username = PageState.QueryString["name"];
-        {
+			}
-            if(PageState.User == null)
-            {
-                await username.FocusAsync();
-            }
-        }
-    }
 
-    private async Task Login()
+			if (PageState.QueryString.ContainsKey("token") && !string.IsNullOrEmpty(_username))
-    {
+			{
-        validated = true;
+				var user = new User();
-        var interop = new Interop(JSRuntime);
+				user.SiteId = PageState.Site.SiteId;
-        if (await interop.FormValid(login))
+				user.Username = _username;
-        {
-            if (PageState.Runtime == Oqtane.Shared.Runtime.Server)
-            {
-                var user = new User();
-                user.SiteId = PageState.Site.SiteId;
-                user.Username = _username;
-                user.Password = _password;
-                user = await UserService.LoginUserAsync(user, false, false);
 
-                if (user.IsAuthenticated)
+				if (PageState.QueryString.ContainsKey("key"))
-                {
+				{
-                    await logger.LogInformation(LogFunction.Security, "Login Successful For Username {Username}", _username);
+					user = await UserService.LinkUserAsync(user, PageState.QueryString["token"], PageState.Site.Settings["ExternalLogin:ProviderType"], PageState.QueryString["key"], PageState.Site.Settings["ExternalLogin:ProviderName"]);
-                    // server-side Blazor needs to post to the Login page so that the cookies are set correctly
+					if (user != null)
-                    var fields = new { __RequestVerificationToken = SiteState.AntiForgeryToken, username = _username, password = _password, remember = _remember, returnurl = _returnUrl };
+					{
-                    string url = Utilities.TenantUrl(PageState.Alias, "/pages/login/");
+						await logger.LogInformation(LogFunction.Security, "External Login Linkage Successful For Username {Username}", _username);
-                    await interop.SubmitForm(url, fields);
+						AddModuleMessage(Localizer["Success.Account.Linked"], MessageType.Info);						
-                }
+					}
-                else
+					else
-                {
+					{
-                    await logger.LogError(LogFunction.Security, "Login Failed For Username {Username}", _username);
+						await logger.LogError(LogFunction.Security, "External Login Linkage Failed For Username {Username}", _username);
-                    AddModuleMessage(Localizer["Error.Login.Fail"], MessageType.Error);
+						AddModuleMessage(Localizer["Message.Account.NotLinked"], MessageType.Warning);						
-                }
+					}
-            }
+					_username = "";
-            else
+				}
-            {
+				else
-                // client-side Blazor
+				{
-                var user = new User();
+					user = await UserService.VerifyEmailAsync(user, PageState.QueryString["token"]);
-                user.SiteId = PageState.Site.SiteId;
+					if (user != null)
-                user.Username = _username;
+					{
-                user.Password = _password;
+						await logger.LogInformation(LogFunction.Security, "Email Verified For For Username {Username}", _username);
-                user = await UserService.LoginUserAsync(user, true, _remember);
+						AddModuleMessage(Localizer["Success.Account.Verified"], MessageType.Info);						
-                if (user.IsAuthenticated)
+					}
-                {
+					else
-                    await logger.LogInformation(LogFunction.Security, "Login Successful For Username {Username}", _username);
+					{
-                    var authstateprovider = (IdentityAuthenticationStateProvider)ServiceProvider.GetService(typeof(IdentityAuthenticationStateProvider));
+						await logger.LogError(LogFunction.Security, "Email Verification Failed For Username {Username}", _username);
-                    authstateprovider.NotifyAuthenticationChanged();
+						AddModuleMessage(Localizer["Message.Account.NotVerified"], MessageType.Warning);						
-                    NavigationManager.NavigateTo(NavigateUrl(_returnUrl, true));
+					}
-                }
+				}
-                else
+			}
-                {
+			else
-                    await logger.LogError(LogFunction.Security, "Login Failed For Username {Username}", _username);
+			{
-                    AddModuleMessage(Localizer["Error.Login.Fail"], MessageType.Error);
+				if (PageState.QueryString.ContainsKey("status"))
-                }
+				{
-            }
+					AddModuleMessage(Localizer["ExternalLoginStatus." + PageState.QueryString["status"]], MessageType.Info);
-        }
+				}
-        else
+			}
-        {
+		}
-            AddModuleMessage(Localizer["Message.Required.UserInfo"], MessageType.Warning);
+		catch (Exception ex)
-        }
+		{
-    }
+			await logger.LogError(ex, "Error Loading Login {Error}", ex.Message);
+			AddModuleMessage(Localizer["Error.LoadLogin"], MessageType.Error);
+		}
+	}
 
-    private void Cancel()
+	protected override async Task OnAfterRenderAsync(bool firstRender)
-    {
+	{
-        NavigationManager.NavigateTo(_returnUrl);
+		if (firstRender && PageState.User == null)
-    }
+		{
+			await username.FocusAsync();
+		}
+	}
 
-    private async Task Forgot()
+	private async Task Login()
-    {
+	{
-        if (_username != string.Empty)
+		try
-        {
+		{
-            var user = await UserService.GetUserAsync(_username, PageState.Site.SiteId);
+			validated = true;
-            if (user != null)
+			var interop = new Interop(JSRuntime);
-            {
+			if (await interop.FormValid(login))
-                await UserService.ForgotPasswordAsync(user);
+			{
-                await logger.LogInformation(LogFunction.Security, "Password Reset Notification Sent For Username {Username}", _username);
+				var user = new User { SiteId = PageState.Site.SiteId, Username = _username, Password = _password};
-                _message = Localizer["Message.ForgotUser"];
-            }
-            else
-            {
-                _message = Localizer["Message.UserDoesNotExist"];
-                _type = MessageType.Warning;
-            }
-        }
-        else
-        {
-            _message = Localizer["Message.ForgotPassword"];
-        }
 
-        StateHasChanged();
+				if (!twofactor)
-    }
+				{
+					user = await UserService.LoginUserAsync(user);
+				}
+				else
+				{
+					user = await UserService.VerifyTwoFactorAsync(user, _code);
+				}
+
+				if (user.IsAuthenticated)
+				{
+					await logger.LogInformation(LogFunction.Security, "Login Successful For Username {Username}", _username);
+
+					// post back to the Login page so that the cookies are set correctly
+					var fields = new { __RequestVerificationToken = SiteState.AntiForgeryToken, username = _username, password = _password, remember = _remember, returnurl = _returnUrl };
+					string url = Utilities.TenantUrl(PageState.Alias, "/pages/login/");
+					await interop.SubmitForm(url, fields);
+				}
+				else
+				{
+					if (PageState.Site.Settings["LoginOptions:TwoFactor"] == "required" || user.TwoFactorRequired)
+					{
+						twofactor = true;
+						validated = false;
+						AddModuleMessage(Localizer["Message.TwoFactor"], MessageType.Info);
+					}
+					else
+					{
+						if (!twofactor)
+						{
+							await logger.LogInformation(LogFunction.Security, "Login Failed For Username {Username}", _username);
+							AddModuleMessage(Localizer["Error.Login.Fail"], MessageType.Error);						
+						}
+						else
+						{
+							await logger.LogInformation(LogFunction.Security, "Two Factor Verification Failed For Username {Username}", _username);
+							AddModuleMessage(Localizer["Error.TwoFactor.Fail"], MessageType.Error);						
+						}
+					}
+				}
+			}
+			else
+			{
+				AddModuleMessage(Localizer["Message.Required.UserInfo"], MessageType.Warning);
+			}
+		}
+		catch (Exception ex)
+		{
+			await logger.LogError(ex, "Error Performing Login {Error}", ex.Message);
+			AddModuleMessage(Localizer["Error.Login"], MessageType.Error);
+		}
+	}
+
+	private void Cancel()
+	{
+		NavigationManager.NavigateTo(_returnUrl);
+	}
+
+	private async Task Forgot()
+	{
+		try
+		{
+			if (_username != string.Empty)
+			{
+				var user = await UserService.GetUserAsync(_username, PageState.Site.SiteId);
+				if (user != null)
+				{
+					await UserService.ForgotPasswordAsync(user);
+					await logger.LogInformation(LogFunction.Security, "Password Reset Notification Sent For Username {Username}", _username);
+					AddModuleMessage(Localizer["Message.ForgotUser"], MessageType.Info);
+				}
+				else
+				{
+					AddModuleMessage(Localizer["Message.UserDoesNotExist"], MessageType.Warning);
+				}
+			}
+			else
+			{
+				AddModuleMessage(Localizer["Message.ForgotPassword"], MessageType.Info);
+			}
+
+			StateHasChanged();
+		}
+		catch (Exception ex)
+		{
+			await logger.LogError(ex, "Error Resetting Password {Error}", ex.Message);
+			AddModuleMessage(Localizer["Error.ResetPassword"], MessageType.Error);
+		}
+	}
+
+	private void Reset()
+	{
+		twofactor = false;
+		_username = "";
+		_password = "";
+		ClearModuleMessage();
+		StateHasChanged();
+	}
+
+	private async Task KeyPressed(KeyboardEventArgs e)
+	{
+		if (e.Code == "Enter" || e.Code == "NumpadEnter")
+		{
+			await Login();
+		}
+	}
+
+	private void TogglePassword()
+	{
+		if (_passwordtype == "password")
+		{
+			_passwordtype = "text";
+			_togglepassword = SharedLocalizer["HidePassword"];
+		}
+		else
+		{
+			_passwordtype = "password";
+			_togglepassword = SharedLocalizer["ShowPassword"];
+		}
+	}
+
+	private void ExternalLogin()
+	{
+        NavigationManager.NavigateTo(Utilities.TenantUrl(PageState.Alias, "/pages/external?returnurl=" + _returnUrl), true);
+	}
 
-    private async Task KeyPressed(KeyboardEventArgs e)
-    {
-        if (e.Code == "Enter" || e.Code == "NumpadEnter")
-        {
-            await Login();
-        }
-    }
 }

Oqtane.Client/Modules/Admin/Logs/Detail.razor

@@ -155,7 +155,7 @@
                     }
                 }
 
-                if (log.PageId != null && log.ModuleId != null)
+                if (log.PageId != null && log.ModuleId != null && log.ModuleId != -1)
                 {
                     var pagemodule = await PageModuleService.GetPageModuleAsync(log.PageId.Value, log.ModuleId.Value);
                     if (pagemodule != null)

Oqtane.Client/Modules/Admin/ModuleDefinitions/Create.razor

@@ -81,7 +81,7 @@
     private List<Template> _templates;
     private string _template = "-";
     private string[] _versions;
-    private string _reference = Constants.Version;
+    private string _reference = "local";
     private string _minversion = "2.0.0";
     private string _location = string.Empty;
 

Oqtane.Client/Modules/Admin/ModuleDefinitions/Index.razor

@@ -50,9 +50,12 @@ else
                 @((MarkupString)PurchaseLink(context.PackageName))
             </td>
             <td>
-                @if (UpgradeAvailable(context.PackageName, context.Version))
+				@{ 
+					var version = UpgradeAvailable(context.PackageName, context.Version);
+				} 
+                @if (version != context.Version)
                 {
-                    <button type="button" class="btn btn-success" @onclick=@(async () => await DownloadModule(context.PackageName, context.Version))>@SharedLocalizer["Upgrade"]</button>
+                    <button type="button" class="btn btn-success" @onclick=@(async () => await DownloadModule(context.PackageName, version))>@SharedLocalizer["Upgrade"]</button>
                 }
             </td>
         </Row>
@@ -60,62 +63,60 @@ else
 }
 
 @code {
-    private List<ModuleDefinition> _moduleDefinitions;
+	private List<ModuleDefinition> _moduleDefinitions;
-    private List<Package> _packages;
+	private List<Package> _packages;
 
-    public override SecurityAccessLevel SecurityAccessLevel => SecurityAccessLevel.Host;
+	public override SecurityAccessLevel SecurityAccessLevel => SecurityAccessLevel.Host;
 
-    protected override async Task OnParametersSetAsync()
+	protected override async Task OnParametersSetAsync()
-    {
+	{
-        try
+		try
-        {
+		{
-            _moduleDefinitions = await ModuleDefinitionService.GetModuleDefinitionsAsync(PageState.Site.SiteId);
+			_moduleDefinitions = await ModuleDefinitionService.GetModuleDefinitionsAsync(PageState.Site.SiteId);
-            _packages = await PackageService.GetPackagesAsync("module");
+			_packages = await PackageService.GetPackagesAsync("module");
+		}
+		catch (Exception ex)
+		{
+			if (_moduleDefinitions == null)
+			{
+				await logger.LogError(ex, "Error Loading Modules {Error}", ex.Message);
+				AddModuleMessage(Localizer["Error.Module.Load"], MessageType.Error);
+			}
+		}
+	}
+
+	private string PurchaseLink(string packagename)
+	{
+		string link = "";
+		if (!string.IsNullOrEmpty(packagename) && _packages != null)
+		{
+			var package = _packages.Where(item => item.PackageId == packagename).FirstOrDefault();
+			if (package != null)
+			{
+				if (package.ExpiryDate != null && package.ExpiryDate.Value.Date != DateTime.MaxValue.Date)
+				{
+					link += "<span>" + package.ExpiryDate.Value.Date.ToString("MMM dd, yyyy") + "</span>";
+					if (!string.IsNullOrEmpty(package.PaymentUrl))
+					{
+						link += "&nbsp;&nbsp;<a class=\"btn btn-primary\" style=\"text-decoration: none !important\" href=\"" + package.PaymentUrl + "\" target=\"_new\">" + SharedLocalizer["Extend"] + "</a>";
+					}
+				}
+			}
+		}
+		return link;
+	}
+
+	private string UpgradeAvailable(string packagename, string version)
+	{
+		if (!string.IsNullOrEmpty(packagename) && _packages != null)
+		{
+			var package = _packages.Where(item => item.PackageId == packagename).FirstOrDefault();
+			if (package != null && Version.Parse(package.Version).CompareTo(Version.Parse(version)) > 0)
+			{
+				return package.Version;
+			}
         }
-        catch (Exception ex)
+        return version;
-        {
-            if (_moduleDefinitions == null)
-            {
-                await logger.LogError(ex, "Error Loading Modules {Error}", ex.Message);
-                AddModuleMessage(Localizer["Error.Module.Load"], MessageType.Error);
-            }
-        }
-    }
-
-    private string PurchaseLink(string packagename)
-    {
-        string link = "";
-        if (!string.IsNullOrEmpty(packagename) && _packages != null)
-        {
-            var package = _packages.Where(item => item.PackageId == packagename).FirstOrDefault();
-            if (package != null)
-            {
-                if (package.ExpiryDate != null && package.ExpiryDate.Value.Date != DateTime.MaxValue.Date)
-                {
-                    link += "<span>" + package.ExpiryDate.Value.Date.ToString("MMM dd, yyyy") + "</span>";
-                    if (!string.IsNullOrEmpty(package.PaymentUrl))
-                    {
-                        link += "&nbsp;&nbsp;<a class=\"btn btn-primary\" style=\"text-decoration: none !important\" href=\"" + package.PaymentUrl + "\" target=\"_new\">" + SharedLocalizer["Extend"] + "</a>";
-                    }
-                }
-            }
-        }
-        return link;
-    }
-
-    private bool UpgradeAvailable(string packagename, string version)
-    {
-        var upgradeavailable = false;
-        if (!string.IsNullOrEmpty(packagename) && _packages != null)
-        {
-            var package = _packages.Where(item => item.PackageId == packagename).FirstOrDefault();
-            if (package != null)
-            {
-                upgradeavailable = (Version.Parse(package.Version).CompareTo(Version.Parse(version)) > 0);
-            }
-
-        }
-        return upgradeavailable;
     }
 
     private async Task DownloadModule(string packagename, string version)

Oqtane.Client/Modules/Admin/Pages/Edit.razor

@@ -252,7 +252,7 @@
 				_title = page.Title;
 				_meta = page.Meta;
 				_path = page.Path;
-				_pageModules = PageState.Modules.Where(m => m.PageId == page.PageId && m.IsDeleted == false).ToList();
+				_pageModules = PageState.Modules.Where(m => m.PageId == page.PageId).ToList();
 
 				if (string.IsNullOrEmpty(_path))
 				{

Oqtane.Client/Modules/Admin/Pages/Index.razor

@@ -13,6 +13,7 @@
         <Header>
         <th style="width: 1px;">&nbsp;</th>
         <th style="width: 1px;">&nbsp;</th>
+        <th style="width: 1px;">&nbsp;</th>
         <th>@SharedLocalizer["Name"]</th>
         </Header>
         <Row>

Oqtane.Client/Modules/Admin/Register/Index.razor

@@ -27,19 +27,25 @@
                     <div class="row mb-1 align-items-center">
                         <Label Class="col-sm-3" For="password" HelpText="Please choose a sufficiently secure password and enter it here" ResourceKey="Password"></Label>
                         <div class="col-sm-9">
-                            <input id="password" type="password" class="form-control" @bind="@_password" autocomplete="new-password" required />
+							<div class="input-group">
+								<input id="password" type="@_passwordtype" class="form-control" @bind="@_password" autocomplete="new-password" required />
+								<button type="button" class="btn btn-secondary" @onclick="@TogglePassword">@_togglepassword</button>
+							</div>
                         </div>
                     </div>
                     <div class="row mb-1 align-items-center">
                         <Label Class="col-sm-3" For="confirm" HelpText="Enter your password again to confirm it matches the value entered above" ResourceKey="Confirm"></Label>
                         <div class="col-sm-9">
-                            <input id="confirm" type="password" class="form-control" @bind="@_confirm" autocomplete="new-password" required />
+							<div class="input-group">
+								<input id="confirm" type="@_passwordtype" class="form-control" @bind="@_confirm" autocomplete="new-password" required />
+								<button type="button" class="btn btn-secondary" @onclick="@TogglePassword">@_togglepassword</button>
+							</div>
                         </div>
                     </div>
                     <div class="row mb-1 align-items-center">
                         <Label Class="col-sm-3" For="email" HelpText="Your email address where you wish to receive notifications" ResourceKey="Email"></Label>
                         <div class="col-sm-9">
-                            <input id="email" class="form-control" @bind="@_email" maxlength="256" required />
+							<input id="email" class="form-control" @bind="@_email" maxlength="256" required />
                         </div>
                     </div>
                     <div class="row mb-1 align-items-center">
@@ -62,15 +68,22 @@ else
 }
 
 @code {
-    private string _username = string.Empty;
+	private string _username = string.Empty;
-    private ElementReference form;
+	private ElementReference form;
-    private bool validated = false;
+	private bool validated = false;
-    private string _password = string.Empty;
+	private string _password = string.Empty;
-    private string _confirm = string.Empty;
+	private string _passwordtype = "password";
-    private string _email = string.Empty;
+	private string _togglepassword = string.Empty;
-    private string _displayname = string.Empty;
+	private string _confirm = string.Empty;
+	private string _email = string.Empty;
+	private string _displayname = string.Empty;
 
-    public override SecurityAccessLevel SecurityAccessLevel => SecurityAccessLevel.Anonymous;
+	public override SecurityAccessLevel SecurityAccessLevel => SecurityAccessLevel.Anonymous;
+
+	protected override void OnParametersSet()
+	{
+		_togglepassword = SharedLocalizer["ShowPassword"];
+	}
 
     private async Task Register()
     {
@@ -90,9 +103,10 @@ else
                         {
                             SiteId = PageState.Site.SiteId,
                             Username = _username,
-                            DisplayName = (_displayname == string.Empty ? _username : _displayname),
+                            Password = _password,
                             Email = _email,
-                            Password = _password
+                            DisplayName = (_displayname == string.Empty ? _username : _displayname),
+							PhotoFileId = null
                         };
                         user = await UserService.AddUserAsync(user);
 
@@ -133,4 +147,18 @@ else
     {
         NavigationManager.NavigateTo(NavigateUrl(string.Empty));
     }
+
+    private void TogglePassword()
+	{
+		if (_passwordtype == "password")
+		{
+			_passwordtype = "text";
+			_togglepassword = SharedLocalizer["HidePassword"];
+		}
+		else
+		{
+			_passwordtype = "password";
+			_togglepassword = SharedLocalizer["ShowPassword"];
+		}
+	}
 }

Oqtane.Client/Modules/Admin/Reset/Index.razor

@@ -16,13 +16,19 @@
         <div class="row mb-1 align-items-center">
             <Label Class="col-sm-3" For="password" HelpText="The new password. It must satisfy complexity rules for the site." ResourceKey="Password">Password: </Label>
             <div class="col-sm-9">
-                <input id="password" type="password" class="form-control" @bind="@_password" required />
+				<div class="input-group">
+					<input id="password" type="@_passwordtype" class="form-control" @bind="@_password" autocomplete="new-password" required />
+					<button type="button" class="btn btn-secondary" @onclick="@TogglePassword">@_togglepassword</button>
+				</div>
             </div>
         </div>
         <div class="row mb-1 align-items-center">
             <Label Class="col-sm-3" For="confirm" HelpText="Enter the password again. It must exactly match the password entered above." ResourceKey="Confirm">Confirm: </Label>
             <div class="col-sm-9">
-                <input id="confirm" type="password" class="form-control" @bind="@_confirm" required />
+				<div class="input-group">
+					<input id="confirm" type="@_passwordtype" class="form-control" @bind="@_confirm" autocomplete="new-password" required />
+					<button type="button" class="btn btn-secondary" @onclick="@TogglePassword">@_togglepassword</button>
+				</div>
             </div>
         </div>
     </div>
@@ -36,12 +42,16 @@
 	private bool validated = false;
 	private string _username = string.Empty;
 	private string _password = string.Empty;
+	private string _passwordtype = "password";
+	private string _togglepassword = string.Empty;
 	private string _confirm = string.Empty;
 
 	public override SecurityAccessLevel SecurityAccessLevel => SecurityAccessLevel.Anonymous;
 
 	protected override async Task OnInitializedAsync()
 	{
+		_togglepassword = SharedLocalizer["ShowPassword"];
+
 		if (PageState.QueryString.ContainsKey("name") && PageState.QueryString.ContainsKey("token"))
         {
             _username = PageState.QueryString["name"];
@@ -110,4 +120,18 @@
     {
         NavigationManager.NavigateTo(NavigateUrl(string.Empty));
     }
+
+    private void TogglePassword()
+	{
+		if (_passwordtype == "password")
+		{
+			_passwordtype = "text";
+			_togglepassword = SharedLocalizer["HidePassword"];
+		}
+		else
+		{
+			_passwordtype = "password";
+			_togglepassword = SharedLocalizer["ShowPassword"];
+		}
+	}
 }

Oqtane.Client/Modules/Admin/Roles/Users.razor

@@ -95,11 +95,7 @@ else
             roleid = Int32.Parse(PageState.QueryString["id"]);
             Role role = await RoleService.GetRoleAsync(roleid);
             name = role.Name;
-            users = await UserRoleService.GetUserRolesAsync(PageState.Site.SiteId);
+            users = await UserRoleService.GetUserRolesAsync(PageState.Site.SiteId, RoleNames.Registered);
-            users = users
-                .Where(u => u.Role.Name == RoleNames.Registered)
-                .OrderBy(u => u.User.DisplayName)
-                .ToList();
             await GetUserRoles();
         }
         catch (Exception ex)
@@ -113,8 +109,7 @@ else
     {
         try
         {
-            userroles = await UserRoleService.GetUserRolesAsync(PageState.Site.SiteId);
+            userroles = await UserRoleService.GetUserRolesAsync(PageState.Site.SiteId, name);
-            userroles = userroles.Where(item => item.RoleId == roleid).ToList();
         }
         catch (Exception ex)
         {

Oqtane.Client/Modules/Admin/Site/Index.razor

@@ -120,7 +120,10 @@
                 <div class="row mb-1 align-items-center">
                     <Label Class="col-sm-3" For="password" HelpText="Enter the password for your SMTP account" ResourceKey="SmtpPassword">Password: </Label>
                     <div class="col-sm-9">
-                        <input id="password" type="password" class="form-control" @bind="@_smtppassword" />
+						<div class="input-group">
+							<input id="password" type="@_smtppasswordtype" class="form-control" @bind="@_smtppassword" />
+							<button type="button" class="btn btn-secondary" @onclick="@ToggleSMTPPassword">@_togglesmtppassword</button>
+						</div>
                     </div>
                 </div>
                 <div class="row mb-1 align-items-center">
@@ -129,6 +132,12 @@
                         <input id="sender" class="form-control" @bind="@_smtpsender" />
                     </div>
                 </div>
+                <div class="row mb-1 align-items-center">
+					<Label Class="col-sm-3" For="retention" HelpText="Number of days of notifications to retain" ResourceKey="Retention">Retention (Days): </Label>
+					<div class="col-sm-9">
+						<input id="retention" class="form-control" @bind="@_retention" />
+					</div>
+                </div>
                 <button type="button" class="btn btn-secondary" @onclick="SendEmail">@Localizer["Smtp.TestConfig"]</button>
                 <br /><br />
             </div>
@@ -260,7 +269,10 @@
 	private string _smtpssl = "False";
 	private string _smtpusername = string.Empty;
 	private string _smtppassword = string.Empty;
+	private string _smtppasswordtype = "password";
+	private string _togglesmtppassword = string.Empty;
 	private string _smtpsender = string.Empty;
+	private string _retention = string.Empty;
 	private string _pwaisenabled;
 	private int _pwaappiconfileid = -1;
 	private FileManager _pwaappiconfilemanager;
@@ -329,7 +341,9 @@
 				_smtpssl = SettingService.GetSetting(settings, "SMTPSSL", "False");
 				_smtpusername = SettingService.GetSetting(settings, "SMTPUsername", string.Empty);
 				_smtppassword = SettingService.GetSetting(settings, "SMTPPassword", string.Empty);
+				_togglesmtppassword = SharedLocalizer["ShowPassword"];
 				_smtpsender = SettingService.GetSetting(settings, "SMTPSender", string.Empty);
+				_retention = SettingService.GetSetting(settings, "NotificationRetention", "30");
 
 				if (UserSecurity.IsAuthorized(PageState.User, RoleNames.Host))
 				{
@@ -393,7 +407,7 @@
 		{
 			try
 			{
-				if (_name != string.Empty && _urls != string.Empty && _themetype != "-" && _containertype != "-")
+				if (_name != string.Empty && _themetype != "-" && _containertype != "-")
 				{
 					var unique = true;
 					if (UserSecurity.IsAuthorized(PageState.User, RoleNames.Host))
@@ -479,12 +493,13 @@
 							site = await SiteService.UpdateSiteAsync(site);
 
 							var settings = await SettingService.GetSiteSettingsAsync(site.SiteId);
-							SettingService.SetSetting(settings, "SMTPHost", _smtphost, true);
+							settings = SettingService.SetSetting(settings, "SMTPHost", _smtphost, true);
-							SettingService.SetSetting(settings, "SMTPPort", _smtpport, true);
+							settings = SettingService.SetSetting(settings, "SMTPPort", _smtpport, true);
-							SettingService.SetSetting(settings, "SMTPSSL", _smtpssl, true);
+							settings = SettingService.SetSetting(settings, "SMTPSSL", _smtpssl, true);
-							SettingService.SetSetting(settings, "SMTPUsername", _smtpusername, true);
+							settings = SettingService.SetSetting(settings, "SMTPUsername", _smtpusername, true);
-							SettingService.SetSetting(settings, "SMTPPassword", _smtppassword, true);
+							settings = SettingService.SetSetting(settings, "SMTPPassword", _smtppassword, true);
-							SettingService.SetSetting(settings, "SMTPSender", _smtpsender, true);
+							settings = SettingService.SetSetting(settings, "SMTPSender", _smtpsender, true);
+							settings = SettingService.SetSetting(settings, "NotificationRetention", _retention, true);
 							await SettingService.UpdateSiteSettingsAsync(settings, site.SiteId);
 
 							if (UserSecurity.IsAuthorized(PageState.User, RoleNames.Host))
@@ -605,8 +620,10 @@
 				await SettingService.UpdateSiteSettingsAsync(settings, PageState.Site.SiteId);
 				await logger.LogInformation("Site SMTP Settings Saved");
 
-				await NotificationService.AddNotificationAsync(new Notification(PageState.Site.SiteId, PageState.User.DisplayName, PageState.User.Email, PageState.User.DisplayName, PageState.User.Email, PageState.Site.Name + " SMTP Configuration Test", "SMTP Server Is Configured Correctly."));
+				await NotificationService.AddNotificationAsync(new Notification(PageState.Site.SiteId, PageState.User, PageState.Site.Name + " SMTP Configuration Test", "SMTP Server Is Configured Correctly."));
 				AddModuleMessage(Localizer["Info.Smtp.SaveSettings"], MessageType.Info);
+				var interop = new Interop(JSRuntime);
+				await interop.ScrollTo(0, 0, "smooth");
 			}
 			catch (Exception ex)
 			{
@@ -616,7 +633,7 @@
 		}
 		else
 		{
-			AddModuleMessage(Localizer["Message.required.Smtp"], MessageType.Warning);
+			AddModuleMessage(Localizer["Message.Required.Smtp"], MessageType.Warning);
 		}
 	}
 
@@ -633,4 +650,18 @@
 		}
 		if (string.IsNullOrEmpty(_defaultalias)) _defaultalias = _aliases.First().Name.Trim();
 	}
+
+	private void ToggleSMTPPassword()
+	{
+		if (_smtppasswordtype == "password")
+		{
+			_smtppasswordtype = "text";
+			_togglesmtppassword = SharedLocalizer["HidePassword"];
+		}
+		else
+		{
+			_smtppasswordtype = "password";
+			_togglesmtppassword = SharedLocalizer["ShowPassword"];
+		}
+	}
 }

Oqtane.Client/Modules/Admin/Sites/Add.razor

@@ -156,7 +156,7 @@ else
                 <div class="row mb-1 align-items-center">
                     <Label Class="col-sm-3" For="hostPassword" HelpText="Enter the password of an existing host user" ResourceKey="HostPassword">Host Password:</Label>
                     <div class="col-sm-9">
-                        <input id="hostPassword" type="password" class="form-control" @bind="@_hostpassword" required />
+                        <input id="hostPassword" type="password" class="form-control" @bind="@_hostpassword" autocomplete="new-password" required />
                     </div>
                 </div>
             }
@@ -307,7 +307,7 @@ else
                             user.SiteId = PageState.Site.SiteId;
                             user.Username = _hostusername;
                             user.Password = _hostpassword;
-                            user = await UserService.LoginUserAsync(user, false, false);
+                            user = await UserService.LoginUserAsync(user);
                             if (user.IsAuthenticated)
                             {
                                 var connectionString = String.Empty;

Oqtane.Client/Modules/Admin/SystemInfo/Index.razor

@@ -27,9 +27,27 @@
                 </div>
             </div>
             <div class="row mb-1 align-items-center">
-                <Label Class="col-sm-3" For="serverpath" HelpText="Server Path" ResourceKey="ServerPath">Server Path: </Label>
+                <Label Class="col-sm-3" For="machinename" HelpText="Machine Name" ResourceKey="MachineName">Machine Name: </Label>
                 <div class="col-sm-9">
-                    <input id="serverpath" class="form-control" @bind="@_serverpath" readonly />
+                    <input id="machinename" class="form-control" @bind="@_machinename" readonly />
+                </div>
+            </div>
+            <div class="row mb-1 align-items-center">
+                <Label Class="col-sm-3" For="ipaddress" HelpText="Server IP Address" ResourceKey="IPAddress">IP Address: </Label>
+                <div class="col-sm-9">
+                    <input id="ipaddress" class="form-control" @bind="@_ipaddress" readonly />
+                </div>
+            </div>
+            <div class="row mb-1 align-items-center">
+                <Label Class="col-sm-3" For="contentrootpath" HelpText="Root Path" ResourceKey="ContentRootPath">Root Path: </Label>
+                <div class="col-sm-9">
+                    <input id="contentrootpath" class="form-control" @bind="@_contentrootpath" readonly />
+                </div>
+            </div>
+            <div class="row mb-1 align-items-center">
+                <Label Class="col-sm-3" For="webrootpath" HelpText="Web Path" ResourceKey="WebRootPath">Web Path: </Label>
+                <div class="col-sm-9">
+                    <input id="webrootpath" class="form-control" @bind="@_webrootpath" readonly />
                 </div>
             </div>
             <div class="row mb-1 align-items-center">
@@ -38,6 +56,18 @@
                     <input id="servertime" class="form-control" @bind="@_servertime" readonly />
                 </div>
             </div>
+            <div class="row mb-1 align-items-center">
+                <Label Class="col-sm-3" For="tickcount" HelpText="Amount Of Time The Service Has Been Available And Operational" ResourceKey="TickCount">Service Uptime: </Label>
+                <div class="col-sm-9">
+                    <input id="tickcount" class="form-control" @bind="@_tickcount" readonly />
+                </div>
+            </div>
+            <div class="row mb-1 align-items-center">
+                <Label Class="col-sm-3" For="workingset" HelpText="Memory Allocation Of Service (in MB)" ResourceKey="WorkingSet">Memory Allocation: </Label>
+                <div class="col-sm-9">
+                    <input id="workingset" class="form-control" @bind="@_workingset" readonly />
+                </div>
+            </div>
             <div class="row mb-1 align-items-center">
                 <Label Class="col-sm-3" For="installationid" HelpText="The Unique Identifier For Your Installation" ResourceKey="InstallationId">Installation ID: </Label>
                 <div class="col-sm-9">
@@ -69,6 +99,21 @@
                         <option value="Warning">@Localizer["Warning"]</option>
                         <option value="Error">@Localizer["Error"]</option>
                         <option value="Critical">@Localizer["Critical"]</option>
+                        <option value="None">@Localizer["None"]</option>
+                    </select>
+                </div>
+            </div>
+            <div class="row mb-1 align-items-center">
+                <Label Class="col-sm-3" For="notificationlevel" HelpText="The Minimum Logging Level For Which Notifications Should Be Sent To Host Users." ResourceKey="NotificationLevel">Notification Level: </Label>
+                <div class="col-sm-9">
+                    <select id="notificationlevel" class="form-select" @bind="@_notificationlevel">
+                        <option value="Trace">@Localizer["Trace"]</option>
+                        <option value="Debug">@Localizer["Debug"]</option>
+                        <option value="Information">@Localizer["Information"]</option>
+                        <option value="Warning">@Localizer["Warning"]</option>
+                        <option value="Error">@Localizer["Error"]</option>
+                        <option value="Critical">@Localizer["Critical"]</option>
+                        <option value="None">@Localizer["None"]</option>
                     </select>
                 </div>
             </div>
@@ -104,12 +149,18 @@
 	private string _version = string.Empty;
 	private string _clrversion = string.Empty;
 	private string _osversion = string.Empty;
-	private string _serverpath = string.Empty;
+	private string _machinename = string.Empty;
+	private string _ipaddress = string.Empty;
+	private string _contentrootpath = string.Empty;
+	private string _webrootpath = string.Empty;
 	private string _servertime = string.Empty;
+	private string _tickcount = string.Empty;
+	private string _workingset = string.Empty;
 	private string _installationid = string.Empty;
 
 	private string _detailederrors = string.Empty;
 	private string _logginglevel = string.Empty;
+	private string _notificationlevel = string.Empty;
 	private string _swagger = string.Empty;
 	private string _packageservice = string.Empty;
 
@@ -117,31 +168,42 @@
 	{
 		_version = Constants.Version;
 
-		Dictionary<string, string> systeminfo = await SystemService.GetSystemInfoAsync();
+		Dictionary<string, object> systeminfo = await SystemService.GetSystemInfoAsync("environment");
 		if (systeminfo != null)
 		{
-			_clrversion = systeminfo["clrversion"];
+			_clrversion = systeminfo["CLRVersion"].ToString();
-			_osversion = systeminfo["osversion"];
+			_osversion = systeminfo["OSVersion"].ToString();
-			_serverpath = systeminfo["serverpath"];
+			_machinename = systeminfo["MachineName"].ToString();
-			_servertime = systeminfo["servertime"] + " UTC";
+			_ipaddress = systeminfo["IPAddress"].ToString();
-			_installationid = systeminfo["installationid"];
+			_contentrootpath = systeminfo["ContentRootPath"].ToString();
+			_webrootpath = systeminfo["WebRootPath"].ToString();
+			_servertime = systeminfo["ServerTime"].ToString() + " UTC";
+			_tickcount = TimeSpan.FromMilliseconds(Convert.ToInt64(systeminfo["TickCount"].ToString())).ToString();
+			_workingset = (Convert.ToInt64(systeminfo["WorkingSet"].ToString()) / 1000000).ToString() + " MB";
+		}
 
-            _detailederrors = systeminfo["detailederrors"];
+		systeminfo = await SystemService.GetSystemInfoAsync();
-            _logginglevel = systeminfo["logginglevel"];
+		if (systeminfo != null)
-            _swagger = systeminfo["swagger"];
+		{
-            _packageservice = systeminfo["packageservice"];
+			_installationid = systeminfo["InstallationId"].ToString();
-        }
+            _detailederrors = systeminfo["DetailedErrors"].ToString();
-    }
+            _logginglevel = systeminfo["Logging:LogLevel:Default"].ToString();
+            _notificationlevel = systeminfo["Logging:LogLevel:Notify"].ToString();
+            _swagger = systeminfo["UseSwagger"].ToString();
+            _packageservice = systeminfo["PackageService"].ToString();
+		}
+	}
 
     private async Task SaveConfig()
     {
         try
         {
-            var settings = new Dictionary<string, string>();
+            var settings = new Dictionary<string, object>();
-            settings.Add("detailederrors", _detailederrors);
+            settings.Add("DetailedErrors", _detailederrors);
-            settings.Add("logginglevel", _logginglevel);
+            settings.Add("Logging:LogLevel:Default", _logginglevel);
-            settings.Add("swagger", _swagger);
+            settings.Add("Logging:LogLevel:Notify", _notificationlevel);
-            settings.Add("packageservice", _packageservice);
+            settings.Add("UseSwagger", _swagger);
+            settings.Add("PackageService", _packageservice);
             await SystemService.UpdateSystemInfoAsync(settings);
             AddModuleMessage(Localizer["Success.UpdateConfig.Restart"], MessageType.Success);
         }

Oqtane.Client/Modules/Admin/Themes/Create.razor

@@ -72,7 +72,7 @@
     private List<Template> _templates;
     private string _template = "-";
     private string[] _versions;
-    private string _reference = Constants.Version;
+    private string _reference = "local";
     private string _minversion = "2.0.0";
     private string _location = string.Empty;
 

Oqtane.Client/Modules/Admin/Themes/Index.razor

@@ -40,9 +40,12 @@ else
                 @((MarkupString)PurchaseLink(context.PackageName))
             </td>
             <td>
-                @if (UpgradeAvailable(context.PackageName, context.Version))
+				@{ 
+					var version = UpgradeAvailable(context.PackageName, context.Version);
+				} 
+                @if (version != context.Version)
                 {
-                    <button type="button" class="btn btn-success" @onclick=@(async () => await DownloadTheme(context.PackageName, context.Version))>@SharedLocalizer["Upgrade"]</button>
+                    <button type="button" class="btn btn-success" @onclick=@(async () => await DownloadTheme(context.PackageName, version))>@SharedLocalizer["Upgrade"]</button>
                 }
             </td>
             <td></td>
@@ -94,18 +97,17 @@ else
         return link;
     }
 
-    private bool UpgradeAvailable(string packagename, string version)
+	private string UpgradeAvailable(string packagename, string version)
-    {
+	{
-        var upgradeavailable = false;
+		if (!string.IsNullOrEmpty(packagename) && _packages != null)
-        if (!string.IsNullOrEmpty(packagename) && _packages != null)
+		{
-        {
+			var package = _packages.Where(item => item.PackageId == packagename).FirstOrDefault();
-            var package = _packages.Where(item => item.PackageId == packagename).FirstOrDefault();
+			if (package != null && Version.Parse(package.Version).CompareTo(Version.Parse(version)) > 0)
-            if (package != null)
+			{
-            {
+				return package.Version;
-                upgradeavailable = (Version.Parse(package.Version).CompareTo(Version.Parse(version)) > 0);
+			}
-            }
         }
-        return upgradeavailable;
+        return version;
     }
 
     private async Task DownloadTheme(string packagename, string version)

Oqtane.Client/Modules/Admin/UserProfile/Add.razor

@@ -49,7 +49,7 @@
             var user = await UserService.GetUserAsync(username, PageState.Site.SiteId);
             if (user != null)
             {
-                var notification = new Notification(PageState.Site.SiteId, PageState.User, user, subject, body, null);
+                var notification = new Notification(PageState.Site.SiteId, PageState.User, user, subject, body);
                 notification = await NotificationService.AddNotificationAsync(notification);
                 await logger.LogInformation("Notification Created {NotificationId}", notification.NotificationId);
                 NavigationManager.NavigateTo(NavigateUrl());

Oqtane.Client/Modules/Admin/UserProfile/Index.razor

@@ -31,16 +31,34 @@ else
                 </div>
                 <div class="row mb-1 align-items-center">
                     <Label Class="col-sm-3" For="password" HelpText="If you wish to change your password you can enter it here. Please choose a sufficiently secure password." ResourceKey="Password"></Label>
-                    <div class="col-sm-9">
+					<div class="col-sm-9">
-                        <input id="password" type="password" class="form-control" @bind="@password" autocomplete="new-password" />
+                        <div class="input-group">
+						    <input id="password" type="@_passwordtype" class="form-control" @bind="@_password" autocomplete="new-password" />
+						    <button type="button" class="btn btn-secondary" @onclick="@TogglePassword">@_togglepassword</button>
+					    </div>
                     </div>
                 </div>
                 <div class="row mb-1 align-items-center">
                     <Label Class="col-sm-3" For="confirm" HelpText="If you are changing your password you must enter it again to confirm it matches" ResourceKey="Confirm"></Label>
                     <div class="col-sm-9">
-                        <input id="confirm" type="password" class="form-control" @bind="@confirm" autocomplete="new-password" />
+                        <div class="input-group">
+							<input id="confirm" type="@_passwordtype" class="form-control" @bind="@confirm" autocomplete="new-password" />
+						    <button type="button" class="btn btn-secondary" @onclick="@TogglePassword">@_togglepassword</button>
+					    </div>
                     </div>
                 </div>
+				@if (allowtwofactor)
+				{
+					<div class="row mb-1 align-items-center">
+						<Label Class="col-sm-3" For="twofactor" HelpText="Indicates if you are using two factor authentication. Two factor authentication requires you to enter a verification code sent via email after you sign in." ResourceKey="TwoFactor"></Label>
+						<div class="col-sm-9">
+							<select id="twofactor" class="form-select" @bind="@twofactor" required>
+								<option value="True">@SharedLocalizer["Yes"]</option>
+								<option value="False">@SharedLocalizer["No"]</option>
+							</select>
+						</div>
+					</div>
+				}
                 <div class="row mb-1 align-items-center">
                     <Label Class="col-sm-3" For="email" HelpText="Your email address where you wish to receive notifications" ResourceKey="Email"></Label>
                     <div class="col-sm-9">
@@ -193,6 +211,8 @@ else
                     </Detail>
                 </Pager>
             }
+            <br />
+            <ActionDialog Header="Clear Notifications" Message="Are You Sure You Wish To Permanently Delete All Notifications ?" Action="Delete All Notifications" Security="SecurityAccessLevel.Admin" Class="btn btn-danger" OnClick="@(async () => await DeleteAllNotifications())" ResourceKey="DeleteAllNotifications" />
             <br /><hr />
             <select class="form-select" @onchange="(e => FilterChanged(e))">
                 <option value="to">@Localizer["Inbox"]</option>
@@ -201,11 +221,16 @@ else
         }
     </TabPanel>
 </TabStrip>
+<br /><br />
 
 @code {
     private string username = string.Empty;
-    private string password = string.Empty;
+    private string _password = string.Empty;
+	private string _passwordtype = "password";
+	private string _togglepassword = string.Empty;
     private string confirm = string.Empty;
+    private bool allowtwofactor = false;
+    private string twofactor = "False";
     private string email = string.Empty;
     private string displayname = string.Empty;
     private FileManager filemanager;
@@ -224,9 +249,17 @@ else
     {
         try
         {
+            _togglepassword = SharedLocalizer["ShowPassword"];
+
+            if (PageState.Site.Settings.ContainsKey("LoginOptions:TwoFactor") && !string.IsNullOrEmpty(PageState.Site.Settings["LoginOptions:TwoFactor"]))
+            {
+                allowtwofactor = (PageState.Site.Settings["LoginOptions:TwoFactor"] == "true");
+            }
+
             if (PageState.User != null)
             {
                 username = PageState.User.Username;
+                twofactor = PageState.User.TwoFactorRequired.ToString();
                 email = PageState.User.Email;
                 displayname = PageState.User.DisplayName;
 
@@ -280,11 +313,12 @@ else
         {
             if (username != string.Empty && email != string.Empty && ValidateProfiles())
             {
-                if (password == confirm)
+                if (_password == confirm)
                 {
                     var user = PageState.User;
                     user.Username = username;
-                    user.Password = password;
+                    user.Password = _password;
+                    user.TwoFactorRequired = bool.Parse(twofactor);
                     user.Email = email;
                     user.DisplayName = (displayname == string.Empty ? username : displayname);
                     user.PhotoFileId = filemanager.GetFileId();
@@ -292,12 +326,23 @@ else
                     {
                         user.PhotoFileId = null;
                     }
+                    if (user.PhotoFileId != null)
+                    {
+                        photofileid = user.PhotoFileId.Value;
+                        photo = await FileService.GetFileAsync(photofileid);
+                    }
+                    else
+                    {
+                        photofileid = -1;
+                        photo = null;
+                    }
 
                     await UserService.UpdateUserAsync(user);
                     await SettingService.UpdateUserSettingsAsync(settings, PageState.User.UserId);
                     await logger.LogInformation("User Profile Saved");
 
-                    NavigationManager.NavigateTo(NavigateUrl());
+                    AddModuleMessage(Localizer["Success.Profile.Update"], MessageType.Success);
+                    StateHasChanged();
                 }
                 else
                 {
@@ -380,4 +425,47 @@ else
         StateHasChanged();
     }
 
+    private async Task DeleteAllNotifications()
+    {
+        try
+        {
+            foreach(var Notification in notifications)
+            {
+                if (!Notification.IsDeleted)
+                {
+                    Notification.IsDeleted = true;
+                    await NotificationService.UpdateNotificationAsync(Notification);
+                }
+                else
+                {
+                    await NotificationService.DeleteNotificationAsync(Notification.NotificationId);
+                }
+                await logger.LogInformation("Notification Deleted {Notification}", Notification);
+            } 
+            await logger.LogInformation("Notifications Permanently Deleted");
+            await LoadNotificationsAsync();
+            StateHasChanged();            
+        }
+        catch (Exception ex)
+        {
+            await logger.LogError(ex, "Error Deleting Notifications {Error}", ex.Message);
+            AddModuleMessage(ex.Message, MessageType.Error);
+        }
+    
+    }
+
+    private void TogglePassword()
+	{
+		if (_passwordtype == "password")
+		{
+			_passwordtype = "text";
+			_togglepassword = SharedLocalizer["HidePassword"];
+		}
+		else
+		{
+			_passwordtype = "password";
+			_togglepassword = SharedLocalizer["ShowPassword"];
+		}
+	}
+
 }

Oqtane.Client/Modules/Admin/Users/Add.razor

@@ -20,14 +20,20 @@
                 </div>
                 <div class="row mb-1 align-items-center">
                     <Label Class="col-sm-3" For="password" HelpText="The user's password. Please choose a password which is sufficiently secure." ResourceKey="Password"></Label>
-                    <div class="col-sm-9">
+					<div class="col-sm-9">
-                        <input id="password" type="password" class="form-control" @bind="@password" />
+                        <div class="input-group">
+						    <input id="password" type="@_passwordtype" class="form-control" @bind="@_password" autocomplete="new-password" required />
+						    <button type="button" class="btn btn-secondary" @onclick="@TogglePassword">@_togglepassword</button>
+					    </div>
                     </div>
                 </div>
                 <div class="row mb-1 align-items-center">
                     <Label Class="col-sm-3" For="confirm" HelpText="Please enter the password again to confirm it matches with the value above" ResourceKey="Confirm"></Label>
                     <div class="col-sm-9">
-                        <input id="confirm" type="password" class="form-control" @bind="@confirm" />
+                        <div class="input-group">
+							<input id="confirm" type="@_passwordtype" class="form-control" @bind="@confirm" autocomplete="new-password" required />
+						    <button type="button" class="btn btn-secondary" @onclick="@TogglePassword">@_togglepassword</button>
+					    </div>
                     </div>
                 </div>
                 <div class="row mb-1 align-items-center">
@@ -88,7 +94,9 @@
 
 @code {
     private string username = string.Empty;
-    private string password = string.Empty;
+    private string _password = string.Empty;
+	private string _passwordtype = "password";
+	private string _togglepassword = string.Empty;
     private string confirm = string.Empty;
     private string email = string.Empty;
     private string displayname = string.Empty;
@@ -102,6 +110,7 @@
     {
         try
         {
+            _togglepassword = SharedLocalizer["ShowPassword"];
             profiles = await ProfileService.GetProfilesAsync(ModuleState.SiteId);
             settings = new Dictionary<string, string>();
         }
@@ -119,9 +128,9 @@
     {
         try
         {
-            if (username != string.Empty && password != string.Empty && confirm != string.Empty && email != string.Empty && ValidateProfiles())
+            if (username != string.Empty && _password != string.Empty && confirm != string.Empty && email != string.Empty && ValidateProfiles())
             {
-                if (password == confirm)
+                if (_password == confirm)
                 {
                     var user = await UserService.GetUserAsync(username, PageState.Site.SiteId);
                     if (user == null)
@@ -129,7 +138,7 @@
                         user = new User();
                         user.SiteId = PageState.Site.SiteId;
                         user.Username = username;
-                        user.Password = password;
+                        user.Password = _password;
                         user.Email = email;
                         user.DisplayName = string.IsNullOrWhiteSpace(displayname) ? username : displayname;
                         user.PhotoFileId = null;
@@ -193,4 +202,17 @@
         settings = SettingService.SetSetting(settings, SettingName, value);
     }
 
+    private void TogglePassword()
+	{
+		if (_passwordtype == "password")
+		{
+			_passwordtype = "text";
+			_togglepassword = SharedLocalizer["HidePassword"];
+		}
+		else
+		{
+			_passwordtype = "password";
+			_togglepassword = SharedLocalizer["ShowPassword"];
+		}
+	}
 }

Oqtane.Client/Modules/Admin/Users/Edit.razor

@@ -29,14 +29,20 @@ else
                 </div>
                 <div class="row mb-1 align-items-center">
                     <Label Class="col-sm-3" For="password" HelpText="The user's password. Please choose a password which is sufficiently secure." ResourceKey="Password"></Label>
-                    <div class="col-sm-9">
+					<div class="col-sm-9">
-                        <input id="password" type="password" class="form-control" @bind="@password" />
+                        <div class="input-group">
+						    <input id="password" type="@_passwordtype" class="form-control" @bind="@_password" autocomplete="new-password" />
+						    <button type="button" class="btn btn-secondary" @onclick="@TogglePassword">@_togglepassword</button>
+					    </div>
                     </div>
                 </div>
                 <div class="row mb-1 align-items-center">
                     <Label Class="col-sm-3" For="confirm" HelpText="Please enter the password again to confirm it matches with the value above" ResourceKey="Confirm"></Label>
                     <div class="col-sm-9">
-                        <input id="confirm" type="password" class="form-control" @bind="@confirm" />
+                        <div class="input-group">
+							<input id="confirm" type="@_passwordtype" class="form-control" @bind="@confirm" autocomplete="new-password" />
+						    <button type="button" class="btn btn-secondary" @onclick="@TogglePassword">@_togglepassword</button>
+					    </div>
                     </div>
                 </div>
                 <div class="row mb-1 align-items-center">
@@ -133,7 +139,9 @@ else
 @code {
     private int userid;
     private string username = string.Empty;
-    private string password = string.Empty;
+    private string _password = string.Empty;
+	private string _passwordtype = "password";
+	private string _togglepassword = string.Empty;
     private string confirm = string.Empty;
     private string email = string.Empty;
     private string displayname = string.Empty;
@@ -157,9 +165,9 @@ else
     {
         try
         {
-            // OnParametersSetAsync is called when the edit modal is closed - in which case there is no id parameter
             if (PageState.QueryString.ContainsKey("id"))
             {
+                _togglepassword = SharedLocalizer["ShowPassword"];
                 profiles = await ProfileService.GetProfilesAsync(PageState.Site.SiteId);
                 userid = Int32.Parse(PageState.QueryString["id"]);
                 var user = await UserService.GetUserAsync(userid, PageState.Site.SiteId);
@@ -205,12 +213,12 @@ else
         {
             if (username != string.Empty && email != string.Empty && ValidateProfiles())
             {
-                if (password == confirm)
+                if (_password == confirm)
                 {
                     var user = await UserService.GetUserAsync(userid, PageState.Site.SiteId);
                     user.SiteId = PageState.Site.SiteId;
                     user.Username = username;
-                    user.Password = password;
+                    user.Password = _password;
                     user.Email = email;
                     user.DisplayName = string.IsNullOrWhiteSpace(displayname) ? username : displayname;
                     user.PhotoFileId = null;
@@ -268,4 +276,17 @@ else
         settings = SettingService.SetSetting(settings, SettingName, value);
     }
 
+    private void TogglePassword()
+	{
+		if (_passwordtype == "password")
+		{
+			_passwordtype = "text";
+			_togglepassword = SharedLocalizer["HidePassword"];
+		}
+		else
+		{
+			_passwordtype = "password";
+			_togglepassword = SharedLocalizer["ShowPassword"];
+		}
+	}
 }

Oqtane.Client/Modules/Admin/Users/Index.razor

@@ -6,8 +6,9 @@
 @inject ISiteService SiteService
 @inject IStringLocalizer<Index> Localizer
 @inject IStringLocalizer<SharedResources> SharedLocalizer
+@inject SiteState SiteState
 
-@if (userroles == null)
+@if (users == null)
 {
     <p>
         <em>@SharedLocalizer["Loading"]</em>
@@ -30,13 +31,16 @@ else
 					</div>
 				</div>
 			</div>
-			<Pager Items="@userroles">
+			<Pager Items="@users" RowClass="align-middle">
 				<Header>
 				<th style="width: 1px;">&nbsp;</th>
 				<th style="width: 1px;">&nbsp;</th>
 				<th style="width: 1px;">&nbsp;</th>
 				<th>@SharedLocalizer["Name"]</th>
 				<th>@SharedLocalizer["Username"]</th>
+				<th>@Localizer["LastLoginOn"]</th>
+				<th>@Localizer["LastIPAddress"]</th>
+				<th>@Localizer["CreatedOn"]</th>
 				</Header>
 				<Row>
 					<td>
@@ -50,20 +54,294 @@ else
 					</td>
 					<td>@context.User.DisplayName</td>
 					<td>@context.User.Username</td>
+					<td>@string.Format("{0:dd-MMM-yyyy HH:mm:ss}",context.User.LastLoginOn)</td>
+                    <td>@context.User.LastIPAddress</td>
+                    <td>@string.Format("{0:dd-MMM-yyyy HH:mm:ss}",context.User.CreatedOn)</td>
+
 				</Row>
 			</Pager>
 	</TabPanel>
         <TabPanel Name="Settings" Heading="Settings" ResourceKey="Settings">
 			<div class="container">
-				<div class="row mb-1 align-items-center">
+				<Section Name="User" Heading="User Settings" ResourceKey="UserSettings">
-					<Label Class="col-sm-3" For="allowregistration" HelpText="Do you want to allow visitors to be able to register for a user account on the site" ResourceKey="AllowRegistration">Allow User Registration? </Label>
+					<div class="row mb-1 align-items-center">
-					<div class="col-sm-9">
+						<Label Class="col-sm-3" For="allowregistration" HelpText="Do you want anonymous visitors to be able to register for an account on the site" ResourceKey="AllowRegistration">Allow User Registration?</Label>
-						<select id="allowregistration" class="form-select" @bind="@_allowregistration" required>
+						<div class="col-sm-9">
-							<option value="True">@SharedLocalizer["Yes"]</option>
+							<select id="allowregistration" class="form-select" @bind="@_allowregistration">
-							<option value="False">@SharedLocalizer["No"]</option>
+								<option value="True">@SharedLocalizer["Yes"]</option>
-						</select>
+								<option value="False">@SharedLocalizer["No"]</option>
+							</select>
+						</div>
 					</div>
-				</div>
+					@if (_providertype != "")
+					{
+						<div class="row mb-1 align-items-center">
+							<Label Class="col-sm-3" For="allowsitelogin" HelpText="Do you want to allow users to sign in using a username and password that is managed locally on this site? Note that you should only disable this option if you have already sucessfully configured an external login provider, or else you may lock yourself out of the site." ResourceKey="AllowSiteLogin">Allow Login?</Label>
+							<div class="col-sm-9">
+								<select id="allowsitelogin" class="form-select" @bind="@_allowsitelogin">
+									<option value="true">@SharedLocalizer["Yes"]</option>
+									<option value="false">@SharedLocalizer["No"]</option>
+								</select>
+							</div>
+						</div>
+					}
+					else
+					{
+						<div class="row mb-1 align-items-center">
+							<Label Class="col-sm-3" For="allowsitelogin" HelpText="Do you want to allow users to sign in using a username and password that is managed locally on this site? Note that you should only disable this option if you have already sucessfully configured an external login provider, or else you may lock yourself out of the site." ResourceKey="AllowSiteLogin">Allow Login?</Label>
+							<div class="col-sm-9">
+								<input id="allowsitelogin" class="form-control" value="@SharedLocalizer["Yes"]" readonly />
+							</div>
+						</div>						
+					}
+					@if (UserSecurity.IsAuthorized(PageState.User, RoleNames.Host))
+					{
+						<div class="row mb-1 align-items-center">
+							<Label Class="col-sm-3" For="twofactor" HelpText="Do you want users to use two factor authentication? Note that you should use the Disabled option until you have successfully verified that the Notification Job in Scheduled Jobs is enabled and your SMTP options in Site Settings are configured or else you will lock yourself out." ResourceKey="TwoFactor">Two Factor?</Label>
+							<div class="col-sm-9">
+								<select id="twofactor" class="form-select" @bind="@_twofactor">
+									<option value="false">@Localizer["Disabled"]</option>
+									<option value="true">@Localizer["Optional"]</option>
+									<option value="required">@Localizer["Required"]</option>
+								</select>
+							</div>
+						</div>
+						<div class="row mb-1 align-items-center">
+							<Label Class="col-sm-3" For="cookiename" HelpText="You can choose to use a custom authentication cookie name for each site. However please be aware that if you want to share an authentication cookie between sites on the same domain they need to use a consistent cookie name. Also be aware that changing the authentication cookie name will logout all current users." ResourceKey="CookieName">Cookie Name:</Label>
+							<div class="col-sm-9">
+								<input id="cookiename" class="form-control" @bind="@_cookiename" />
+							</div>
+						</div>
+					}
+				</Section>
+				@if (UserSecurity.IsAuthorized(PageState.User, RoleNames.Host))
+				{
+					<Section Name="Password" Heading="Password Settings" ResourceKey="PasswordSettings">
+						<div class="row mb-1 align-items-center">
+							<Label Class="col-sm-3" For="minimumlength" HelpText="The Minimum Length For A Password" ResourceKey="RequiredLength">Minimum Length:</Label>
+							<div class="col-sm-9">
+								<input id="minimumlength" class="form-control" @bind="@_minimumlength" required />
+							</div>
+						</div>					
+						<div class="row mb-1 align-items-center">
+							<Label Class="col-sm-3" For="uniquecharacters" HelpText="The Minimum Number Of Unique Characters Which A Password Must Contain" ResourceKey="UniqueCharacters">Unique Characters:</Label>
+							<div class="col-sm-9">
+								<input id="uniquecharacters" class="form-control" @bind="@_uniquecharacters" required />
+							</div>
+						</div>					
+						<div class="row mb-1 align-items-center">
+							<Label Class="col-sm-3" For="requiredigit" HelpText="Indicate If Passwords Must Contain A Digit" ResourceKey="RequireDigit">Require Digit?</Label>
+							<div class="col-sm-9">
+								<select id="requiredigit" class="form-select" @bind="@_requiredigit" required>
+									<option value="true">@SharedLocalizer["Yes"]</option>
+									<option value="false">@SharedLocalizer["No"]</option>
+								</select>
+							</div>
+						</div>					
+						<div class="row mb-1 align-items-center">
+							<Label Class="col-sm-3" For="requireupper" HelpText="Indicate If Passwords Must Contain An Upper Case Character" ResourceKey="RequireUpper">Require Uppercase?</Label>
+							<div class="col-sm-9">
+								<select id="requireupper" class="form-select" @bind="@_requireupper" required>
+									<option value="true">@SharedLocalizer["Yes"]</option>
+									<option value="false">@SharedLocalizer["No"]</option>
+								</select>
+							</div>
+						</div>					
+						<div class="row mb-1 align-items-center">
+							<Label Class="col-sm-3" For="requirelower" HelpText="Indicate If Passwords Must Contain A Lower Case Character" ResourceKey="RequireLower">Require Lowercase?</Label>
+							<div class="col-sm-9">
+								<select id="requirelower" class="form-select" @bind="@_requirelower" required>
+									<option value="true">@SharedLocalizer["Yes"]</option>
+									<option value="false">@SharedLocalizer["No"]</option>
+								</select>
+							</div>
+						</div>
+						<div class="row mb-1 align-items-center">
+							<Label Class="col-sm-3" For="requirepunctuation" HelpText="Indicate if Passwords Must Contain A Non-alphanumeric Character (ie. Punctuation)" ResourceKey="RequirePunctuation">Require Punctuation?</Label>
+							<div class="col-sm-9">
+								<select id="requirepunctuation" class="form-select" @bind="@_requirepunctuation" required>
+									<option value="true">@SharedLocalizer["Yes"]</option>
+									<option value="false">@SharedLocalizer["No"]</option>
+								</select>
+							</div>
+						</div>					
+					</Section>
+					<Section Name="Lockout" Heading="Lockout Settings" ResourceKey="LockoutSettings">
+						<div class="row mb-1 align-items-center">
+							<Label Class="col-sm-3" For="maximum" HelpText="The Maximum Number Of Sign In Attempts Before A User Is Locked Out" ResourceKey="MaximumFailures">Maximum Failures:</Label>
+							<div class="col-sm-9">
+								<input id="maximum" class="form-control" @bind="@_maximumfailures" required />
+							</div>
+						</div>					
+						<div class="row mb-1 align-items-center">
+							<Label Class="col-sm-3" For="lockoutduration" HelpText="The Number Of Minutes A User Should Be Locked Out" ResourceKey="LockoutDuration">Lockout Duration:</Label>
+							<div class="col-sm-9">
+								<input id="lockoutduration" class="form-control" @bind="@_lockoutduration" required />
+							</div>
+						</div>					
+					</Section>
+					<Section Name="ExternalLogin" Heading="External Login Settings" ResourceKey="ExternalLoginSettings">
+						<div class="row mb-1 align-items-center">
+							<Label Class="col-sm-3" For="providertype" HelpText="Select the external login provider type" ResourceKey="ProviderType">Provider Type:</Label>
+							<div class="col-sm-9">
+								<select id="providertype" class="form-select" value="@_providertype" @onchange="(e => ProviderTypeChanged(e))">
+									<option value="" selected>@Localizer["Not Specified"]</option>
+									<option value="@AuthenticationProviderTypes.OpenIDConnect">@Localizer["OpenID Connect"]</option>
+									<option value="@AuthenticationProviderTypes.OAuth2">@Localizer["OAuth 2.0"]</option>
+								</select>
+							</div>
+						</div>		
+						@if (_providertype != "")
+						{
+							<div class="row mb-1 align-items-center">
+								<Label Class="col-sm-3" For="providername" HelpText="The external login provider name which will be displayed on the login page" ResourceKey="ProviderName">Provider Name:</Label>
+								<div class="col-sm-9">
+									<input id="providername" class="form-control" @bind="@_providername" />
+								</div>
+							</div>
+						}
+						@if (_providertype == AuthenticationProviderTypes.OpenIDConnect)
+						{
+							<div class="row mb-1 align-items-center">
+								<Label Class="col-sm-3" For="authority" HelpText="The Authority Url or Issuer Url associated with the OpenID Connect provider" ResourceKey="Authority">Authority:</Label>
+								<div class="col-sm-9">
+									<input id="authority" class="form-control" @bind="@_authority" />
+								</div>
+							</div>
+							<div class="row mb-1 align-items-center">
+								<Label Class="col-sm-3" For="metadataurl" HelpText="The discovery endpoint for obtaining metadata for this provider. Only specify if the OpenID Connect provider does not use the standard approach (ie. /.well-known/openid-configuration)" ResourceKey="MetadataUrl">Metadata Url:</Label>
+								<div class="col-sm-9">
+									<input id="metadataurl" class="form-control" @bind="@_metadataurl" />
+								</div>
+							</div>
+						}
+						@if (_providertype == AuthenticationProviderTypes.OAuth2)
+						{
+							<div class="row mb-1 align-items-center">
+								<Label Class="col-sm-3" For="authorizationurl" HelpText="The endpoint for obtaining an Authorization Code" ResourceKey="AuthorizationUrl">Authorization Url:</Label>
+								<div class="col-sm-9">
+									<input id="authorizationurl" class="form-control" @bind="@_authorizationurl" />
+								</div>
+							</div>
+							<div class="row mb-1 align-items-center">
+								<Label Class="col-sm-3" For="tokenurl" HelpText="The endpoint for obtaining an Auth Token" ResourceKey="TokenUrl">Token Url:</Label>
+								<div class="col-sm-9">
+									<input id="tokenurl" class="form-control" @bind="@_tokenurl" />
+								</div>
+							</div>
+							<div class="row mb-1 align-items-center">
+								<Label Class="col-sm-3" For="userinfourl" HelpText="The endpoint for obtaining user information. This should be an API or Page Url which contains the users email address." ResourceKey="UserInfoUrl">User Info Url:</Label>
+								<div class="col-sm-9">
+									<input id="userinfourl" class="form-control" @bind="@_userinfourl" />
+								</div>
+							</div>
+						}
+						@if (_providertype != "")
+						{
+							<div class="row mb-1 align-items-center">
+								<Label Class="col-sm-3" For="clientid" HelpText="The Client ID from the provider" ResourceKey="ClientID">Client ID:</Label>
+								<div class="col-sm-9">
+									<input id="clientid" class="form-control" @bind="@_clientid" />
+								</div>
+							</div>
+							<div class="row mb-1 align-items-center">
+								<Label Class="col-sm-3" For="clientsecret" HelpText="The Client Secret from the provider" ResourceKey="ClientSecret">Client Secret:</Label>
+								<div class="col-sm-9">
+									<div class="input-group">
+										<input type="@_clientsecrettype" id="clientsecret" class="form-control" @bind="@_clientsecret" />
+										<button type="button" class="btn btn-secondary" @onclick="@ToggleClientSecret">@_toggleclientsecret</button>
+									</div>
+								</div>
+							</div>
+							<div class="row mb-1 align-items-center">
+								<Label Class="col-sm-3" For="scopes" HelpText="A list of Scopes to request from the provider (separated by commas). If none are specified, standard Scopes will be used by default." ResourceKey="Scopes">Scopes:</Label>
+								<div class="col-sm-9">
+									<input id="scopes" class="form-control" @bind="@_scopes" />
+								</div>
+							</div>
+							<div class="row mb-1 align-items-center">
+								<Label Class="col-sm-3" For="pkce" HelpText="Indicate if the provider supports Proof Key for Code Exchange (PKCE)" ResourceKey="PKCE">Use PKCE?</Label>
+								<div class="col-sm-9">
+									<select id="pkce" class="form-select" @bind="@_pkce" required>
+										<option value="true">@SharedLocalizer["Yes"]</option>
+										<option value="false">@SharedLocalizer["No"]</option>
+									</select>
+								</div>
+							</div>					
+							<div class="row mb-1 align-items-center">
+								<Label Class="col-sm-3" For="redirecturl" HelpText="The Redirect Url (or Callback Url) which usually needs to be registered with the provider" ResourceKey="RedirectUrl">Redirect Url:</Label>
+								<div class="col-sm-9">
+									<input id="redirecturl" class="form-control" @bind="@_redirecturl" readonly />
+								</div>
+							</div>
+							<div class="row mb-1 align-items-center">
+								<Label Class="col-sm-3" For="identifierclaimtype" HelpText="The name of the unique user identifier claim provided by the provider" ResourceKey="IdentifierClaimType">Identifier Claim:</Label>
+								<div class="col-sm-9">
+									<input id="identifierclaimtype" class="form-control" @bind="@_identifierclaimtype" />
+								</div>
+							</div>
+							<div class="row mb-1 align-items-center">
+								<Label Class="col-sm-3" For="emailclaimtype" HelpText="The name of the email address claim provided by the provider" ResourceKey="EmailClaimType">Email Claim:</Label>
+								<div class="col-sm-9">
+									<input id="emailclaimtype" class="form-control" @bind="@_emailclaimtype" />
+								</div>
+							</div>
+							<div class="row mb-1 align-items-center">
+								<Label Class="col-sm-3" For="domainfilter" HelpText="Provide any email domain filter criteria (separated by commas). Domains to exclude should be prefixed with an exclamation point (!). For example 'microsoft.com,!hotmail.com' would include microsoft.com email addresses but not hotmail.com email addresses." ResourceKey="DomainFilter">Domain Filter:</Label>
+								<div class="col-sm-9">
+									<input id="domainfilter" class="form-control" @bind="@_domainfilter" />
+								</div>
+							</div>
+							<div class="row mb-1 align-items-center">
+								<Label Class="col-sm-3" For="createusers" HelpText="Do you want new users to be created automatically? If you disable this option, users must already be registered on the site in order to sign in with their external login." ResourceKey="CreateUsers">Create New Users?</Label>
+								<div class="col-sm-9">
+									<select id="createusers" class="form-select" @bind="@_createusers">
+										<option value="true">@SharedLocalizer["Yes"]</option>
+										<option value="false">@SharedLocalizer["No"]</option>
+									</select>
+								</div>
+							</div>
+						}
+					</Section>
+					<Section Name="Token" Heading="Token Settings" ResourceKey="TokenSettings">
+						<div class="row mb-1 align-items-center">
+							<Label Class="col-sm-3" For="secret" HelpText="If you want to want to provide API access, please specify a secret which will be used to encrypt your tokens. The secret should be 16 characters or more to ensure optimal security. Please note that if you change this secret, all existing tokens will become invalid and will need to be regenerated." ResourceKey="Secret">Secret:</Label>
+							<div class="col-sm-9">
+								<div class="input-group">
+									<input type="@_secrettype" id="secret" class="form-control" @bind="@_secret" />
+									<button type="button" class="btn btn-secondary" @onclick="@ToggleSecret">@_togglesecret</button>
+								</div>
+							</div>
+						</div>					
+						<div class="row mb-1 align-items-center">
+							<Label Class="col-sm-3" For="issuer" HelpText="Optionally provide the issuer of the token" ResourceKey="Issuer">Issuer:</Label>
+							<div class="col-sm-9">
+								<input id="issuer" class="form-control" @bind="@_issuer" />
+							</div>
+						</div>					
+						<div class="row mb-1 align-items-center">
+							<Label Class="col-sm-3" For="audience" HelpText="Optionally provide the audience for the token" ResourceKey="Audience">Audience:</Label>
+							<div class="col-sm-9">
+								<input id="audience" class="form-control" @bind="@_audience" />
+							</div>
+						</div>					
+						<div class="row mb-1 align-items-center">
+							<Label Class="col-sm-3" For="lifetime" HelpText="The number of minutes for which a token should be valid" ResourceKey="Lifetime">Lifetime:</Label>
+							<div class="col-sm-9">
+								<input id="lifetime" class="form-control" @bind="@_lifetime" />
+							</div>
+						</div>					
+						<div class="row mb-1 align-items-center">
+							<Label Class="col-sm-3" For="token" HelpText="Select the Create Token button to generate a long-lived access token (valid for 1 year). Be sure to store this token in a safe location as you will not be able to access it in the future." ResourceKey="Token">Access Token:</Label>
+							<div class="col-sm-9">
+								<div class="input-group">
+									<input id="token" class="form-control" @bind="@_token" />
+									<button type="button" class="btn btn-secondary" @onclick="@CreateToken">@Localizer["CreateToken"]</button>
+								</div>
+							</div>
+						</div>					
+					</Section>
+				}
 			</div>
 			<br />
 			<button type="button" class="btn btn-success" @onclick="SaveSiteSettings">@SharedLocalizer["Save"]</button>
@@ -72,79 +350,168 @@ else
 }
 
 @code {
-    private List<UserRole> allroles;
+	private List<UserRole> allusers;
-    private List<UserRole> userroles;
+	private List<UserRole> users;
-    private string _search;
+	private string _search = "";
+
 	private string _allowregistration;
+	private string _allowsitelogin;
+	private string _twofactor;
+	private string _cookiename;
 
-    public override SecurityAccessLevel SecurityAccessLevel => SecurityAccessLevel.Admin;
+	private string _minimumlength;
+	private string _uniquecharacters;
+	private string _requiredigit;
+	private string _requireupper;
+	private string _requirelower;
+	private string _requirepunctuation;
+	private string _maximumfailures;
+	private string _lockoutduration;
 
-    protected override async Task OnInitializedAsync()
+	private string _providertype;
-    {
+	private string _providername;
-        allroles = await UserRoleService.GetUserRolesAsync(PageState.Site.SiteId);
+	private string _authority;
-        await LoadSettingsAsync();
+	private string _metadataurl;
-        userroles = Search(_search);
+	private string _authorizationurl;
+	private string _tokenurl;
+	private string _userinfourl;
+	private string _clientid;
+	private string _clientsecret;
+	private string _clientsecrettype = "password";
+	private string _toggleclientsecret = string.Empty;
+	private string _scopes;
+	private string _pkce;
+	private string _redirecturl;
+	private string _identifierclaimtype;
+	private string _emailclaimtype;
+	private string _domainfilter;
+	private string _createusers;
+
+	private string _secret;
+	private string _secrettype = "password";
+	private string _togglesecret = string.Empty;
+	private string _issuer;
+	private string _audience;
+	private string _lifetime;
+	private string _token;
+
+	public override SecurityAccessLevel SecurityAccessLevel => SecurityAccessLevel.Admin;
+
+	protected override async Task OnInitializedAsync()
+	{
+		await LoadUserSettingsAsync();
+		await LoadUsersAsync(true);
+
+		var settings = await SettingService.GetSiteSettingsAsync(PageState.Site.SiteId);
 		_allowregistration = PageState.Site.AllowRegistration.ToString();
-    }
+		_allowsitelogin = SettingService.GetSetting(settings, "LoginOptions:AllowSiteLogin", "true");
 
-    private List<UserRole> Search(string search)
+		if (UserSecurity.IsAuthorized(PageState.User, RoleNames.Host))
-    {
+		{
-        var results = allroles.Where(item => item.Role.Name == RoleNames.Registered || (item.Role.Name == RoleNames.Host && UserSecurity.IsAuthorized(PageState.User, RoleNames.Host)));
+			_twofactor = SettingService.GetSetting(settings, "LoginOptions:TwoFactor", "false");
+			_cookiename = SettingService.GetSetting(settings, "LoginOptions:CookieName", ".AspNetCore.Identity.Application");
 
-        if (!string.IsNullOrEmpty(_search))
+			_minimumlength = SettingService.GetSetting(settings, "IdentityOptions:Password:RequiredLength", "6");
-        {
+			_uniquecharacters = SettingService.GetSetting(settings, "IdentityOptions:Password:RequiredUniqueChars", "1");
-            results = results.Where(item =>
+			_requiredigit = SettingService.GetSetting(settings, "IdentityOptions:Password:RequireDigit", "true");
-                (
+			_requireupper = SettingService.GetSetting(settings, "IdentityOptions:Password:RequireUppercase", "true");
-                    item.User.Username.Contains(search, StringComparison.OrdinalIgnoreCase) ||
+			_requirelower = SettingService.GetSetting(settings, "IdentityOptions:Password:RequireLowercase", "true");
-                    item.User.Email.Contains(search, StringComparison.OrdinalIgnoreCase) ||
+			_requirepunctuation = SettingService.GetSetting(settings, "IdentityOptions:Password:RequireNonAlphanumeric", "true");
-                    item.User.DisplayName.Contains(search, StringComparison.OrdinalIgnoreCase)
-                )
-            );
-        }
-        return results.ToList();
-    }
 
-    private async Task OnSearch()
+			_maximumfailures = SettingService.GetSetting(settings, "IdentityOptions:Lockout:MaxFailedAccessAttempts", "5");
-    {
+			_lockoutduration = TimeSpan.Parse(SettingService.GetSetting(settings, "IdentityOptions:Lockout:DefaultLockoutTimeSpan", "00:05:00")).TotalMinutes.ToString();
-        userroles = Search(_search);
-        await UpdateSettingsAsync();
-    }
 
-    private async Task DeleteUser(UserRole UserRole)
+			_providertype = SettingService.GetSetting(settings, "ExternalLogin:ProviderType", "");
-    {
+			_providername = SettingService.GetSetting(settings, "ExternalLogin:ProviderName", "");
-        try
+			_authority = SettingService.GetSetting(settings, "ExternalLogin:Authority", "");
-        {
+			_metadataurl = SettingService.GetSetting(settings, "ExternalLogin:MetadataUrl", "");
-            var user = await UserService.GetUserAsync(UserRole.UserId, PageState.Site.SiteId);
+			_authorizationurl = SettingService.GetSetting(settings, "ExternalLogin:AuthorizationUrl", "");
-            if (user != null)
+			_tokenurl = SettingService.GetSetting(settings, "ExternalLogin:TokenUrl", "");
-            {
+			_userinfourl = SettingService.GetSetting(settings, "ExternalLogin:UserInfoUrl", "");
-                await UserService.DeleteUserAsync(user.UserId, PageState.Site.SiteId);
+			_clientid = SettingService.GetSetting(settings, "ExternalLogin:ClientId", "");
-                await logger.LogInformation("User Deleted {User}", UserRole.User);
+			_clientsecret = SettingService.GetSetting(settings, "ExternalLogin:ClientSecret", "");
-                allroles = await UserRoleService.GetUserRolesAsync(PageState.Site.SiteId);
+			_toggleclientsecret = SharedLocalizer["ShowPassword"];
-                userroles = Search(_search);
+			_scopes = SettingService.GetSetting(settings, "ExternalLogin:Scopes", "");
-                StateHasChanged();
+			_pkce = SettingService.GetSetting(settings, "ExternalLogin:PKCE", "false");
-            }
+			_redirecturl = PageState.Uri.Scheme + "://" + PageState.Alias.Name + "/signin-" + _providertype;
-        }
+			_identifierclaimtype = SettingService.GetSetting(settings, "ExternalLogin:IdentifierClaimType", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier");
-        catch (Exception ex)
+			_emailclaimtype = SettingService.GetSetting(settings, "ExternalLogin:EmailClaimType", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress");
-        {
+			_domainfilter = SettingService.GetSetting(settings, "ExternalLogin:DomainFilter", "");
-            await logger.LogError(ex, "Error Deleting User {User} {Error}", UserRole.User, ex.Message);
+			_createusers = SettingService.GetSetting(settings, "ExternalLogin:CreateUsers", "true");
-            AddModuleMessage(ex.Message, MessageType.Error);
-        }
-    }
 
-    private string settingSearch = "AU-search";
+			_secret = SettingService.GetSetting(settings, "JwtOptions:Secret", "");
+			_togglesecret = SharedLocalizer["ShowPassword"];
+			_issuer = SettingService.GetSetting(settings, "JwtOptions:Issuer", PageState.Uri.Scheme + "://" + PageState.Alias.Name);
+			_audience = SettingService.GetSetting(settings, "JwtOptions:Audience", "");
+			_lifetime = SettingService.GetSetting(settings, "JwtOptions:Lifetime", "20");		}
+	}
 
-    private async Task LoadSettingsAsync()
+	private async Task LoadUsersAsync(bool load)
-    {
+	{
-        Dictionary<string, string> settings = await SettingService.GetUserSettingsAsync(PageState.User.UserId);
+		if (load)
-        _search = SettingService.GetSetting(settings, settingSearch, "");
+		{
-    }
+			allusers = await UserRoleService.GetUserRolesAsync(PageState.Site.SiteId, RoleNames.Registered);
+			if (UserSecurity.IsAuthorized(PageState.User, RoleNames.Host))
+			{
+				var hosts = await UserRoleService.GetUserRolesAsync(PageState.Site.SiteId, RoleNames.Host);
+				allusers.AddRange(hosts);
+				allusers = allusers.OrderBy(u => u.User.DisplayName).ToList();
+			}			
+		}
 
-    private async Task UpdateSettingsAsync()
+		users = allusers;
-    {
+		if (!string.IsNullOrEmpty(_search))
-        Dictionary<string, string> settings = await SettingService.GetUserSettingsAsync(PageState.User.UserId);
+		{
-        SettingService.SetSetting(settings, settingSearch, _search);
+			users = users.Where(item =>
-        await SettingService.UpdateUserSettingsAsync(settings, PageState.User.UserId);
+				(
-    }
+					item.User.Username.Contains(_search, StringComparison.OrdinalIgnoreCase) ||
+					item.User.Email.Contains(_search, StringComparison.OrdinalIgnoreCase) ||
+					item.User.DisplayName.Contains(_search, StringComparison.OrdinalIgnoreCase)
+				)
+			).ToList();
+		}
+	}
+
+	private async Task OnSearch()
+	{
+		await UpdateUserSettingsAsync();
+		await LoadUsersAsync(false);
+	}
+
+	private async Task DeleteUser(UserRole UserRole)
+	{
+		try
+		{
+			var user = await UserService.GetUserAsync(UserRole.UserId, PageState.Site.SiteId);
+			if (user != null)
+			{
+				await UserService.DeleteUserAsync(user.UserId, PageState.Site.SiteId);
+				await logger.LogInformation("User Deleted {User}", UserRole.User);
+				await LoadUsersAsync(true);
+				StateHasChanged();
+			}
+		}
+		catch (Exception ex)
+		{
+			await logger.LogError(ex, "Error Deleting User {User} {Error}", UserRole.User, ex.Message);
+			AddModuleMessage(ex.Message, MessageType.Error);
+		}
+	}
+
+	private string settingSearch = "AU-search";
+
+	private async Task LoadUserSettingsAsync()
+	{
+		Dictionary<string, string> settings = await SettingService.GetUserSettingsAsync(PageState.User.UserId);
+		_search = SettingService.GetSetting(settings, settingSearch, "");
+	}
+
+	private async Task UpdateUserSettingsAsync()
+	{
+		Dictionary<string, string> settings = await SettingService.GetUserSettingsAsync(PageState.User.UserId);
+		SettingService.SetSetting(settings, settingSearch, _search);
+		await SettingService.UpdateUserSettingsAsync(settings, PageState.User.UserId);
+	}
 
 	private async Task SaveSiteSettings()
 	{
@@ -153,6 +520,56 @@ else
 			var site = PageState.Site;
 			site.AllowRegistration = bool.Parse(_allowregistration);
 			await SiteService.UpdateSiteAsync(site);
+
+			var settings = await SettingService.GetSiteSettingsAsync(site.SiteId);
+			settings = SettingService.SetSetting(settings, "LoginOptions:AllowSiteLogin", _allowsitelogin, false);
+
+			if (UserSecurity.IsAuthorized(PageState.User, RoleNames.Host))
+			{
+				settings = SettingService.SetSetting(settings, "LoginOptions:TwoFactor", _twofactor, false);
+				settings = SettingService.SetSetting(settings, "LoginOptions:CookieName", _cookiename, true);
+
+				settings = SettingService.SetSetting(settings, "IdentityOptions:Password:RequiredLength", _minimumlength, true);
+				settings = SettingService.SetSetting(settings, "IdentityOptions:Password:RequiredUniqueChars", _uniquecharacters, true);
+				settings = SettingService.SetSetting(settings, "IdentityOptions:Password:RequireDigit", _requiredigit, true);
+				settings = SettingService.SetSetting(settings, "IdentityOptions:Password:RequireUppercase", _requireupper, true);
+				settings = SettingService.SetSetting(settings, "IdentityOptions:Password:RequireLowercase", _requirelower, true);
+				settings = SettingService.SetSetting(settings, "IdentityOptions:Password:RequireNonAlphanumeric", _requirepunctuation, true);
+
+				settings = SettingService.SetSetting(settings, "IdentityOptions:Lockout:MaxFailedAccessAttempts", _maximumfailures, true);
+				settings = SettingService.SetSetting(settings, "IdentityOptions:Lockout:DefaultLockoutTimeSpan", TimeSpan.FromMinutes(Convert.ToInt64(_lockoutduration)).ToString(), true);
+
+				settings = SettingService.SetSetting(settings, "ExternalLogin:ProviderType", _providertype, false);
+				settings = SettingService.SetSetting(settings, "ExternalLogin:ProviderName", _providername, false);
+				settings = SettingService.SetSetting(settings, "ExternalLogin:Authority", _authority, true);
+				settings = SettingService.SetSetting(settings, "ExternalLogin:MetadataUrl", _metadataurl, true);
+				settings = SettingService.SetSetting(settings, "ExternalLogin:AuthorizationUrl", _authorizationurl, true);
+				settings = SettingService.SetSetting(settings, "ExternalLogin:TokenUrl", _tokenurl, true);
+				settings = SettingService.SetSetting(settings, "ExternalLogin:UserInfoUrl", _userinfourl, true);
+				settings = SettingService.SetSetting(settings, "ExternalLogin:ClientId", _clientid, true);
+				settings = SettingService.SetSetting(settings, "ExternalLogin:ClientSecret", _clientsecret, true);
+				settings = SettingService.SetSetting(settings, "ExternalLogin:Scopes", _scopes, true);
+				settings = SettingService.SetSetting(settings, "ExternalLogin:PKCE", _pkce, true);
+				settings = SettingService.SetSetting(settings, "ExternalLogin:IdentifierClaimType", _identifierclaimtype, true);
+				settings = SettingService.SetSetting(settings, "ExternalLogin:EmailClaimType", _emailclaimtype, true);
+				settings = SettingService.SetSetting(settings, "ExternalLogin:DomainFilter", _domainfilter, true);
+				settings = SettingService.SetSetting(settings, "ExternalLogin:CreateUsers", _createusers, true);
+
+				if (!string.IsNullOrEmpty(_secret) && _secret.Length < 16) _secret = (_secret + "????????????????").Substring(0, 16);
+				settings = SettingService.SetSetting(settings, "JwtOptions:Secret", _secret, true);
+				settings = SettingService.SetSetting(settings, "JwtOptions:Issuer", _issuer, true);
+				settings = SettingService.SetSetting(settings, "JwtOptions:Audience", _audience, true);
+				settings = SettingService.SetSetting(settings, "JwtOptions:Lifetime", _lifetime, true);
+			}
+
+			await SettingService.UpdateSiteSettingsAsync(settings, site.SiteId);
+			await SettingService.ClearSiteSettingsCacheAsync();
+
+			if (!string.IsNullOrEmpty(_secret))
+			{
+				SiteState.AuthorizationToken = await UserService.GetTokenAsync();
+			}
+
 			AddModuleMessage(Localizer["Success.SaveSiteSettings"], MessageType.Success);				
 		}
 		catch (Exception ex)
@@ -162,4 +579,58 @@ else
 		}
 	}
 
+	private void ProviderTypeChanged(ChangeEventArgs e)
+	{
+		_providertype = (string)e.Value;
+		if (string.IsNullOrEmpty(_providername))
+		{
+			if (_providertype == AuthenticationProviderTypes.OpenIDConnect)
+			{
+				_scopes = "openid,profile,email";
+				_identifierclaimtype = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier";
+				_emailclaimtype = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress";
+			}
+			else
+			{
+				_scopes = "";
+				_identifierclaimtype = "sub";
+				_emailclaimtype = "email";
+			}			
+		}
+		_redirecturl = PageState.Uri.Scheme + "://" + PageState.Alias.Name + "/signin-" + _providertype;
+		StateHasChanged();
+	}
+
+	private async Task CreateToken()
+	{
+		_token = await UserService.GetPersonalAccessTokenAsync();
+	}
+
+	private void ToggleClientSecret()
+	{
+		if (_clientsecrettype == "password")
+		{
+			_clientsecrettype = "text";
+			_toggleclientsecret = SharedLocalizer["HidePassword"];
+		}
+		else
+		{
+			_clientsecrettype = "password";
+			_toggleclientsecret = SharedLocalizer["ShowPassword"];
+		}
+	}
+
+	private void ToggleSecret()
+	{
+		if (_secrettype == "password")
+		{
+			_secrettype = "text";
+			_togglesecret = SharedLocalizer["HidePassword"];
+		}
+		else
+		{
+			_secrettype = "password";
+			_togglesecret = SharedLocalizer["ShowPassword"];
+		}
+	}
 }

Oqtane.Client/Modules/Admin/Users/Roles.razor

@@ -110,8 +110,7 @@ else
     {
         try
         {
-            userroles = await UserRoleService.GetUserRolesAsync(PageState.Site.SiteId);
+            userroles = await UserRoleService.GetUserRolesAsync(PageState.Site.SiteId, userid);
-            userroles = userroles.Where(item => item.UserId == userid).ToList();
         }
         catch (Exception ex)
         {

Oqtane.Client/Modules/Controls/FileManager.razor

@@ -52,7 +52,7 @@
                                     <input type="file" id="@_fileinputid" name="file" accept="@_filter" />
                                 }
                             </div>
-                            <div class="col mt-2 text-center">
+                            <div class="col mt-2 text-end">
                                 <button type="button" class="btn btn-success" @onclick="UploadFile">@SharedLocalizer["Upload"]</button>
                                 @if (ShowFiles && GetFileId() != -1)
                                 {

Oqtane.Client/Modules/Controls/PermissionGrid.razor

@@ -252,7 +252,7 @@
 		for (int i = 0; i < _permissions.Count; i++)
 		{
 			permission = _permissions[i];
-			List<string> ids = permission.Permissions.Split(';').ToList();
+			List<string> ids = permission.Permissions.Split(';', StringSplitOptions.RemoveEmptyEntries).ToList();
 			ids.Remove("!" + RoleNames.Everyone); // remove deny all users
 			ids.Remove("!" + RoleNames.Registered); // remove deny registered users
 			if (UserSecurity.IsAuthorized(PageState.User, RoleNames.Host))

Oqtane.Client/Modules/ModuleBase.cs

@@ -53,9 +53,9 @@ namespace Oqtane.Modules
                 if (Resources != null && Resources.Exists(item => item.ResourceType == ResourceType.Script))
                 {
                     var scripts = new List<object>();
-                    foreach (Resource resource in Resources.Where(item => item.ResourceType == ResourceType.Script && item.Declaration != ResourceDeclaration.Global))
+                    foreach (Resource resource in Resources.Where(item => item.ResourceType == ResourceType.Script))
                     {
-                        scripts.Add(new { href = resource.Url, bundle = resource.Bundle ?? "", integrity = resource.Integrity ?? "", crossorigin = resource.CrossOrigin ?? "" });
+                        scripts.Add(new { href = resource.Url, bundle = resource.Bundle ?? "", integrity = resource.Integrity ?? "", crossorigin = resource.CrossOrigin ?? "", es6module = resource.ES6Module });
                     }
                     if (scripts.Any())
                     {

Oqtane.Client/Oqtane.Client.csproj

@@ -5,7 +5,7 @@
     <OutputType>Exe</OutputType>
     <RazorLangVersion>3.0</RazorLangVersion>
     <Configurations>Debug;Release</Configurations>
-    <Version>3.0.3</Version>
+    <Version>3.1.1</Version>
     <Product>Oqtane</Product>
     <Authors>Shaun Walker</Authors>
     <Company>.NET Foundation</Company>
@@ -13,7 +13,7 @@
     <Copyright>.NET Foundation</Copyright>
     <PackageProjectUrl>https://www.oqtane.org</PackageProjectUrl>
     <PackageLicenseUrl>https://github.com/oqtane/oqtane.framework/blob/dev/LICENSE</PackageLicenseUrl>
-    <PackageReleaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.0.3</PackageReleaseNotes>
+    <PackageReleaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.1.1</PackageReleaseNotes>
     <RepositoryUrl>https://github.com/oqtane/oqtane.framework</RepositoryUrl>
     <RepositoryType>Git</RepositoryType>
     <RootNamespace>Oqtane</RootNamespace>
@@ -22,11 +22,12 @@
   </PropertyGroup>
   
   <ItemGroup>
-    <PackageReference Include="Microsoft.AspNetCore.Components.WebAssembly" Version="6.0.0" />
+    <PackageReference Include="Microsoft.AspNetCore.Components.WebAssembly" Version="6.0.3" />
-    <PackageReference Include="Microsoft.AspNetCore.Components.WebAssembly.DevServer" Version="6.0.0" PrivateAssets="all" />
+    <PackageReference Include="Microsoft.AspNetCore.Components.WebAssembly.DevServer" Version="6.0.3" PrivateAssets="all" />
-    <PackageReference Include="Microsoft.AspNetCore.Components.WebAssembly.Authentication" Version="6.0.0" />
+    <PackageReference Include="Microsoft.AspNetCore.Components.WebAssembly.Authentication" Version="6.0.3" />
     <PackageReference Include="Microsoft.AspNetCore.Localization" Version="2.2.0" />
-    <PackageReference Include="Microsoft.Extensions.Localization" Version="6.0.0" />
+    <PackageReference Include="Microsoft.Extensions.Http" Version="6.0.0" />
+    <PackageReference Include="Microsoft.Extensions.Localization" Version="6.0.3" />
     <PackageReference Include="System.Net.Http.Json" Version="6.0.0" />
   </ItemGroup>
 

Oqtane.Client/Program.cs

@@ -28,8 +28,9 @@ namespace Oqtane.Client
             var builder = WebAssemblyHostBuilder.CreateDefault(args);
 
             var httpClient = new HttpClient {BaseAddress = new Uri(builder.HostEnvironment.BaseAddress)};
-
             builder.Services.AddSingleton(httpClient);            
+            builder.Services.AddHttpClient(); // IHttpClientFactory for calling remote services via RemoteServiceBase
+
             builder.Services.AddOptions();
 
             // Register localization services

Oqtane.Client/Resources/Installer/Installer.resx

@@ -130,12 +130,15 @@
     <value>Install Now</value>
   </data>
   <data name="Error.DbConfig.Load" xml:space="preserve">
-    <value>Error loading Database Configuration Control</value>
+    <value>Error Loading Database Configuration Control</value>
   </data>
   <data name="Message.Require.DbInfo" xml:space="preserve">
-    <value>Please Enter All Required Fields. Ensure Passwords Match And Are Greater Than 5 Characters In Length. Ensure Email Address Provided Is Valid.</value>
+    <value>Please Enter All Required Fields. Ensure Passwords Match And Email Address Provided Is Valid.</value>
   </data>
-  <data name="Register" xml:space="preserve">
+    <data name="Message.Password.Invalid" xml:space="preserve">
+    <value>The Password Provided Does Not Meet The Password Policy. Please Verify The Minimum Password Length And Complexity Requirements.</value>
+  </data>
+    <data name="Register" xml:space="preserve">
     <value>Please Register Me For Major Product Updates And Security Bulletins</value>
   </data>
   <data name="Confirm.HelpText" xml:space="preserve">

Oqtane.Client/Resources/Modules/Admin/Login/Index.resx

@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <root>
   <!-- 
     Microsoft ResX Schema 
@@ -117,23 +117,26 @@
   <resheader name="writer">
     <value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
   </resheader>
-  <data name="RememberMe" xml:space="preserve">
-    <value>Remember Me?</value>
-  </data>
   <data name="ForgotPassword" xml:space="preserve">
     <value>Forgot Password</value>
   </data>
   <data name="Success.Account.Verified" xml:space="preserve">
     <value>User Account Verified Successfully. You Can Now Login With Your Username And Password Below.</value>
   </data>
-  <data name="Message.Account.NotVerfied" xml:space="preserve">
+  <data name="Message.Account.NotVerified" xml:space="preserve">
     <value>User Account Could Not Be Verified. Please Contact Your Administrator For Further Instructions.</value>
   </data>
+  <data name="Success.Account.Linked" xml:space="preserve">
+    <value>User Account Linked Successfully. You Can Now Login With Your External Login Below.</value>
+  </data>
+  <data name="Message.Account.NotLinked" xml:space="preserve">
+    <value>External Login Could Not Be Linked. Please Contact Your Administrator For Further Instructions.</value>
+  </data>
   <data name="Error.Login.Fail" xml:space="preserve">
-    <value>Login Failed. Please Remember That Passwords Are Case Sensitive And User Accounts Require Verification When They Are Initially Created So You May Wish To Check Your Email.</value>
+    <value>Login Failed. Please Remember That Passwords Are Case Sensitive. If You Have Attempted To Sign In Multiple Times Unsuccessfully, Your Account Will Be Locked Out For A Period Of Time. Note That User Accounts Require Verification When They Are Initially Created So You May Wish To Check Your Email If You Are A New User.</value>
   </data>
   <data name="Message.Required.UserInfo" xml:space="preserve">
-    <value>Please Provide Your Username And Password</value>
+    <value>Please Provide All Required Fields</value>
   </data>
   <data name="Info.SignedIn" xml:space="preserve">
     <value>You Are Already Signed In</value>
@@ -147,4 +150,79 @@
   <data name="Message.UserDoesNotExist" xml:space="preserve">
     <value>User Does Not Exist</value>
   </data>
+  <data name="Code.HelpText" xml:space="preserve">
+    <value>Please Enter The Secure Verification Code Which Was Sent To You By Email.</value>
+  </data>
+  <data name="Code.Placeholder" xml:space="preserve">
+    <value>Verification Code</value>
+  </data>
+  <data name="Code.Text" xml:space="preserve">
+    <value>Verification Code:</value>
+  </data>
+  <data name="Error.TwoFactor.Fail" xml:space="preserve">
+    <value>Verification Failed. Please Ensure You Entered The Code Exactly In The Form Provided In Your Email. If You Wish To Request A New Verification Code Please Select The Cancel Option And Sign In Again. </value>
+  </data>
+  <data name="Message.TwoFactor" xml:space="preserve">
+    <value>A Secure Verification Code Has Been Sent To Your Email Address. Please Enter The Code That You Received. If You Do Not Receive The Code Or You Have Lost Access To Your Email, Please Contact Your Administrator.</value>
+  </data>
+  <data name="Password.HelpText" xml:space="preserve">
+    <value>Please Enter The Password Related To Your Account. Remember That Passwords Are Case Sensitive. If You Attempt Unsuccessfully To Log In To Your Account Multiple Times, You Will Be Locked Out For A Period Of Time.</value>
+  </data>
+  <data name="Password.Placeholder" xml:space="preserve">
+    <value>Password</value>
+  </data>
+  <data name="Password.Text" xml:space="preserve">
+    <value>Password:</value>
+  </data>
+  <data name="Remember.HelpText" xml:space="preserve">
+    <value>Specify If You Would Like To Be Signed Back In Automatically The Next Time You Visit This Site</value>
+  </data>
+  <data name="Remember.Text" xml:space="preserve">
+    <value>Remember Me?</value>
+  </data>
+  <data name="Username.HelpText" xml:space="preserve">
+    <value>Please Enter The Username Related To Your Account</value>
+  </data>
+  <data name="Username.Placeholder" xml:space="preserve">
+    <value>Username</value>
+  </data>
+  <data name="Username.Text" xml:space="preserve">
+    <value>Username:</value>
+  </data>
+  <data name="Use" xml:space="preserve">
+    <value>Use</value>
+  </data>
+  <data name="Error.LoadLogin" xml:space="preserve">
+    <value>Error Loading Login</value>
+  </data>
+  <data name="Error.Login" xml:space="preserve">
+    <value>Error Performing Login</value>
+  </data>
+  <data name="Error.ResetPassword" xml:space="preserve">
+    <value>Error Resetting Password</value>
+  </data>
+  <data name="ExternalLoginStatus.DuplicateEmail" xml:space="preserve">
+    <value>Multiple User Accounts Already Exist With The Email Address Of Your External Login. Please Contact Your Administrator For Further Instructions.</value>
+  </data>
+  <data name="ExternalLoginStatus.InvalidEmail" xml:space="preserve">
+    <value>The External Login Provider Did Not Provide A Valid Email Address For Your Account. Please Contact Your Administrator For Further Instructions.</value>
+  </data>
+  <data name="ExternalLoginStatus.ProviderKeyMismatch" xml:space="preserve">
+    <value>An Error Occurred Verifying Your External Login. Please Contact Your Administrator For Further Instructions.</value>
+  </data>
+  <data name="ExternalLoginStatus.UserDoesNotExist" xml:space="preserve">
+    <value>A User Account Matching The Email Address Of Your External Login Does Not Exist. Please Contact Your Administrator For Further Instructions.</value>
+  </data>
+  <data name="ExternalLoginStatus.UserNotCreated" xml:space="preserve">
+    <value>A User Account Could Not Be Created For Your External Login. Please Contact Your Administrator For Further Instructions.</value>
+  </data>
+  <data name="ExternalLoginStatus.VerificationRequired" xml:space="preserve">
+    <value>In Order To Link Your External Login With Your User Account You Must Verify Your Identity. Please Check Your Email For Further Instructions.</value>
+  </data>
+  <data name="ExternalLoginStatus.AccessDenied" xml:space="preserve">
+    <value>Your External Login Was Denied Access. Please Contact Your Administrator For Further Instructions.</value>
+  </data>
+  <data name="ExternalLoginStatus.RemoteFailure" xml:space="preserve">
+    <value>Your External Login Failed. Please Contact Your Administrator For Further Instructions.</value>
+  </data>
 </root>

Oqtane.Client/Resources/Modules/Admin/Site/Index.resx

@@ -318,7 +318,7 @@
   <data name="DefaultAlias.HelpText" xml:space="preserve">
     <value>The default alias for the site. Requests for non-default aliases will be redirected to the default alias.</value>
   </data>
-    <data name="DefaultAlias.Text" xml:space="preserve">
+  <data name="DefaultAlias.Text" xml:space="preserve">
     <value>Default Alias: </value>
   </data>
   <data name="Aliases.Heading" xml:space="preserve">

Oqtane.Client/Resources/Modules/Admin/SystemInfo/Index.resx

@@ -129,8 +129,8 @@
   <data name="OSVersion.HelpText" xml:space="preserve">
     <value>Operating System Version</value>
   </data>
-  <data name="ServerPath.HelpText" xml:space="preserve">
+  <data name="ContentRootPath.HelpText" xml:space="preserve">
-    <value>Server Path</value>
+    <value>Server Root Path</value>
   </data>
   <data name="ServerTime.HelpText" xml:space="preserve">
     <value>Server Date/Time (in UTC)</value>
@@ -144,8 +144,8 @@
   <data name="OSVersion.Text" xml:space="preserve">
     <value>OS Version: </value>
   </data>
-  <data name="ServerPath.Text" xml:space="preserve">
+  <data name="ContentRootPath.Text" xml:space="preserve">
-    <value>Server Path: </value>
+    <value>Root Path: </value>
   </data>
   <data name="ServerTime.Text" xml:space="preserve">
     <value>Server Date/Time: </value>
@@ -231,4 +231,43 @@
   <data name="RestartApplication.Text" xml:space="preserve">
     <value>Restart Application</value>
   </data>
+  <data name="None" xml:space="preserve">
+    <value>None</value>
+  </data>
+  <data name="NotificationLevel.HelpText" xml:space="preserve">
+    <value>The Minimum Logging Level For Which Notifications Should Be Sent To Host Users.</value>
+  </data>
+  <data name="NotificationLevel.Text" xml:space="preserve">
+    <value>Notification Level:</value>
+  </data>
+  <data name="IPAddress.HelpText" xml:space="preserve">
+    <value>Server IP Address</value>
+  </data>
+  <data name="IPAddress.Text" xml:space="preserve">
+    <value>IP Address:</value>
+  </data>
+  <data name="MachineName.HelpText" xml:space="preserve">
+    <value>Server Machine Name</value>
+  </data>
+  <data name="MachineName.Text" xml:space="preserve">
+    <value>Machine Name:</value>
+  </data>
+  <data name="TickCount.HelpText" xml:space="preserve">
+    <value>Amount Of Time The Service Has Been Available And Operational</value>
+  </data>
+  <data name="TickCount.Text" xml:space="preserve">
+    <value>Service Uptime:</value>
+  </data>
+  <data name="WebRootPath.HelpText" xml:space="preserve">
+    <value>Server Web Root Path</value>
+  </data>
+  <data name="WebRootPath.Text" xml:space="preserve">
+    <value>Web Path:</value>
+  </data>
+  <data name="WorkingSet.HelpText" xml:space="preserve">
+    <value>Memory Allocation Of Service (in MB)</value>
+  </data>
+  <data name="WorkingSet.Text" xml:space="preserve">
+    <value>Memory Allocation:</value>
+  </data>
 </root>

Oqtane.Client/Resources/Modules/Admin/UserProfile/Index.resx

@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <root>
   <!-- 
     Microsoft ResX Schema 
@@ -169,10 +169,10 @@
     <value>Identity</value>
   </data>
   <data name="Confirm.HelpText" xml:space="preserve">
-    <value>If you are changing your password you must enter it again to confirm it matches</value>
+    <value>If you are changing your password you must enter it again to confirm it matches the value entered above</value>
   </data>
   <data name="Confirm.Text" xml:space="preserve">
-    <value>Confirm Password:</value>
+    <value>Confirmation:</value>
   </data>
   <data name="DisplayName.HelpText" xml:space="preserve">
     <value>Your full name</value>
@@ -204,4 +204,19 @@
   <data name="Username.Text" xml:space="preserve">
     <value>Username:</value>
   </data>
+  <data name="TwoFactor.HelpText" xml:space="preserve">
+    <value>Indicates if you are using two factor authentication. Two factor authentication requires you to enter a verification code sent via email after you sign in.</value>
+  </data>
+  <data name="TwoFactor.Text" xml:space="preserve">
+    <value>Two Factor?</value>
+  </data>
+  <data name="DeleteAllNotifications.Header" xml:space="preserve">
+    <value>Clear Notifications</value>
+  </data>
+  <data name="DeleteAllNotifications.Message" xml:space="preserve">
+    <value>Are You Sure You Wish To Permanently Delete All Notifications?</value>
+  </data>
+  <data name="DeleteAllNotifications.Text" xml:space="preserve">
+    <value>Delete ALL Notifications</value>
+  </data>
 </root>

Oqtane.Client/Resources/Modules/Admin/Users/Add.resx

@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <root>
   <!-- 
     Microsoft ResX Schema 
@@ -168,4 +168,7 @@
   <data name="Username.Text" xml:space="preserve">
     <value>Username:</value>
   </data>
+  <data name="Password.Placeholder" xml:space="preserve">
+    <value>Password</value>
+  </data>
 </root>

Oqtane.Client/Resources/Modules/Admin/Users/Edit.resx

@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <root>
   <!-- 
     Microsoft ResX Schema 
@@ -183,4 +183,7 @@
   <data name="Profile.Heading" xml:space="preserve">
     <value>Profile</value>
   </data>
+  <data name="Password.Placeholder" xml:space="preserve">
+    <value>Password</value>
+  </data>
 </root>

Oqtane.Client/Resources/Modules/Admin/Users/Index.resx

@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <root>
   <!-- 
     Microsoft ResX Schema 
@@ -127,10 +127,10 @@
     <value>Delete User</value>
   </data>
   <data name="AllowRegistration.HelpText" xml:space="preserve">
-    <value>Do you want the users to be able to register for an account on the site</value>
+    <value>Do you want anonymous visitors to be able to register for an account on the site</value>
   </data>
   <data name="AllowRegistration.Text" xml:space="preserve">
-    <value>Allow User Registration? </value>
+    <value>Allow Registration? </value>
   </data>
   <data name="Error.SaveSiteSettings" xml:space="preserve">
     <value>Error Saving Settings</value>
@@ -153,4 +153,235 @@
   <data name="Roles.Text" xml:space="preserve">
     <value>Roles</value>
   </data>
+  <data name="LockoutDuration.HelpText" xml:space="preserve">
+    <value>The number of minutes a user should be locked out</value>
+  </data>
+  <data name="LockoutDuration.Text" xml:space="preserve">
+    <value>Lockout Duration:</value>
+  </data>
+  <data name="MaximumFailures.HelpText" xml:space="preserve">
+    <value>The maximum number of sign in attempts before a user is locked out</value>
+  </data>
+  <data name="MaximumFailures.Text" xml:space="preserve">
+    <value>Maximum Failures:</value>
+  </data>
+  <data name="RequireDigit.HelpText" xml:space="preserve">
+    <value>Indicate if passwords must contain a digit</value>
+  </data>
+  <data name="RequireDigit.Text" xml:space="preserve">
+    <value>Require Digit?</value>
+  </data>
+  <data name="RequiredLength.HelpText" xml:space="preserve">
+    <value>The minimum length for a password</value>
+  </data>
+  <data name="RequiredLength.Text" xml:space="preserve">
+    <value>Minimum Length:</value>
+  </data>
+  <data name="RequireLower.HelpText" xml:space="preserve">
+    <value>Indicate if passwords must contain a lower case character</value>
+  </data>
+  <data name="RequireLower.Text" xml:space="preserve">
+    <value>Require Lowercase?</value>
+  </data>
+  <data name="RequirePunctuation.HelpText" xml:space="preserve">
+    <value>Indicate if passwords must contain a non-alphanumeric character (ie. punctuation)</value>
+  </data>
+  <data name="RequirePunctuation.Text" xml:space="preserve">
+    <value>Require Punctuation?</value>
+  </data>
+  <data name="RequireUpper.HelpText" xml:space="preserve">
+    <value>Indicate if passwords must contain an upper case character</value>
+  </data>
+  <data name="RequireUpper.Text" xml:space="preserve">
+    <value>Require Uppercase?</value>
+  </data>
+  <data name="Success.UpdateConfig.Restart" xml:space="preserve">
+    <value>Configuration Updated. Please Select Restart Application For These Changes To Be Activated.</value>
+  </data>
+  <data name="UniqueCharacters.HelpText" xml:space="preserve">
+    <value>The minimum number of unique characters which a password must contain</value>
+  </data>
+  <data name="UniqueCharacters.Text" xml:space="preserve">
+    <value>Unique Characters:</value>
+  </data>
+  <data name="AllowSiteLogin.HelpText" xml:space="preserve">
+    <value>Do you want to allow users to sign in using a username and password that is managed locally on this site? Note that you should only disable this option if you have already sucessfully configured an external login provider, or else you may lock yourself out of the site.</value>
+  </data>
+  <data name="AllowSiteLogin.Text" xml:space="preserve">
+    <value>Allow Login?</value>
+  </data>
+  <data name="Authority.HelpText" xml:space="preserve">
+    <value>The Authority Url or Issuer Url associated with the OpenID Connect provider</value>
+  </data>
+  <data name="Authority.Text" xml:space="preserve">
+    <value>Authority:</value>
+  </data>
+  <data name="AuthorizationUrl.HelpText" xml:space="preserve">
+    <value>The endpoint for obtaining an Authorization Code</value>
+  </data>
+  <data name="AuthorizationUrl.Text" xml:space="preserve">
+    <value>Authorization Url:</value>
+  </data>
+  <data name="ClientID.HelpText" xml:space="preserve">
+    <value>The Client ID from the provider</value>
+  </data>
+  <data name="ClientID.Text" xml:space="preserve">
+    <value>Client ID:</value>
+  </data>
+  <data name="ClientSecret.HelpText" xml:space="preserve">
+    <value>The Client Secret from the provider</value>
+  </data>
+  <data name="ClientSecret.Text" xml:space="preserve">
+    <value>Client Secret:</value>
+  </data>
+  <data name="CreateUsers.HelpText" xml:space="preserve">
+    <value>Do you want new users to be created automatically? If you disable this option, users must already be registered on the site in order to sign in with their external login.</value>
+  </data>
+  <data name="CreateUsers.Text" xml:space="preserve">
+    <value>Create New Users?</value>
+  </data>
+  <data name="DomainFilter.HelpText" xml:space="preserve">
+    <value>Provide any email domain filter criteria (separated by commas). Domains to exclude should be prefixed with an exclamation point (!). For example 'microsoft.com,!hotmail.com' would include microsoft.com email addresses but not hotmail.com email addresses.</value>
+  </data>
+  <data name="DomainFilter.Text" xml:space="preserve">
+    <value>Domain Filter:</value>
+  </data>
+  <data name="EmailClaimType.HelpText" xml:space="preserve">
+    <value>The name of the email address claim provided by the provider</value>
+  </data>
+  <data name="EmailClaimType.Text" xml:space="preserve">
+    <value>Email Claim:</value>
+  </data>
+  <data name="ExternalLoginSettings.Heading" xml:space="preserve">
+    <value>External Login Settings</value>
+  </data>
+  <data name="LockoutSettings.Heading" xml:space="preserve">
+    <value>Lockout Settings</value>
+  </data>
+  <data name="MetadataUrl.HelpText" xml:space="preserve">
+    <value>The discovery endpoint for obtaining metadata for this provider. Only specify if the OpenID Connect provider does not use the standard approach (ie. /.well-known/openid-configuration)</value>
+  </data>
+  <data name="MetadataUrl.Text" xml:space="preserve">
+    <value>Metadata Url:</value>
+  </data>
+  <data name="PasswordSettings.Heading" xml:space="preserve">
+    <value>Password Settings</value>
+  </data>
+  <data name="PKCE.HelpText" xml:space="preserve">
+    <value>Indicate if the provider supports Proof Key for Code Exchange (PKCE)</value>
+  </data>
+  <data name="PKCE.Text" xml:space="preserve">
+    <value>Use PKCE?</value>
+  </data>
+  <data name="ProviderName.HelpText" xml:space="preserve">
+    <value>The external login provider name which will be displayed on the login page</value>
+  </data>
+  <data name="ProviderName.Text" xml:space="preserve">
+    <value>Provider Name:</value>
+  </data>
+  <data name="ProviderType.HelpText" xml:space="preserve">
+    <value>Select the external login provider type</value>
+  </data>
+  <data name="ProviderType.Text" xml:space="preserve">
+    <value>Provider Type:</value>
+  </data>
+  <data name="RedirectUrl.HelpText" xml:space="preserve">
+    <value>The Redirect Url (or Callback Url) which usually needs to be registered with the provider</value>
+  </data>
+  <data name="RedirectUrl.Text" xml:space="preserve">
+    <value>Redirect Url:</value>
+  </data>
+  <data name="Scopes.HelpText" xml:space="preserve">
+    <value>A list of Scopes to request from the provider (separated by commas). If none are specified, standard Scopes will be used by default.</value>
+  </data>
+  <data name="Scopes.Text" xml:space="preserve">
+    <value>Scopes:</value>
+  </data>
+  <data name="TokenUrl.HelpText" xml:space="preserve">
+    <value>The endpoint for obtaining an Auth Token</value>
+  </data>
+  <data name="TokenUrl.Text" xml:space="preserve">
+    <value>Token Url:</value>
+  </data>
+  <data name="UserInfoUrl.HelpText" xml:space="preserve">
+    <value>The endpoint for obtaining user information. This should be an API or Page Url which contains the users email address.</value>
+  </data>
+  <data name="UserInfoUrl.Text" xml:space="preserve">
+    <value>User Info Url:</value>
+  </data>
+  <data name="Audience.HelpText" xml:space="preserve">
+    <value>Optionally provide the audience for the token</value>
+  </data>
+  <data name="Audience.Text" xml:space="preserve">
+    <value>Audience:</value>
+  </data>
+  <data name="UserSettings.Heading" xml:space="preserve">
+    <value>User Settings</value>
+  </data>
+  <data name="CookieName.HelpText" xml:space="preserve">
+    <value>You can choose to use a custom authentication cookie name for each site. However please be aware that if you want to share an authentication cookie between sites on the same domain they need to use a consistent cookie name. Also be aware that changing the authentication cookie name will logout all current users.</value>
+  </data>
+  <data name="CookieName.Text" xml:space="preserve">
+    <value>Cookie Name:</value>
+  </data>
+  <data name="CreateToken" xml:space="preserve">
+    <value>Create Token</value>
+  </data>
+  <data name="Issuer.HelpText" xml:space="preserve">
+    <value>Optionally provide the issuer of the token</value>
+  </data>
+  <data name="Issuer.Text" xml:space="preserve">
+    <value>Issuer:</value>
+  </data>
+  <data name="Lifetime.HelpText" xml:space="preserve">
+    <value>The number of minutes for which a token should be valid</value>
+  </data>
+  <data name="Lifetime.Text" xml:space="preserve">
+    <value>Lifetime:</value>
+  </data>
+  <data name="Secret.HelpText" xml:space="preserve">
+    <value>If you want to want to provide API access, please specify a secret which will be used to encrypt your tokens. The secret should be 16 characters or more to ensure optimal security. Please note that if you change this secret, all existing tokens will become invalid and will need to be regenerated.</value>
+  </data>
+  <data name="Secret.Text" xml:space="preserve">
+    <value>Secret:</value>
+  </data>
+  <data name="Token.HelpText" xml:space="preserve">
+    <value>Select the Create Token button to generate a long-lived access token (valid for 1 year). Be sure to store this token in a safe location as you will not be able to access it in the future.</value>
+  </data>
+  <data name="Token.Text" xml:space="preserve">
+    <value>Token:</value>
+  </data>
+  <data name="TokenSettings.Heading" xml:space="preserve">
+    <value>Token Settings</value>
+  </data>
+  <data name="TwoFactor.HelpText" xml:space="preserve">
+    <value>Do you want users to use two factor authentication? Note that you should use the Disabled option until you have successfully verified that the Notification Job in Scheduled Jobs is enabled and your SMTP options in Site Settings are configured or else you will lock yourself out.</value>
+  </data>
+  <data name="TwoFactor.Text" xml:space="preserve">
+    <value>Two Factor?</value>
+  </data>
+  <data name="Disabled" xml:space="preserve">
+    <value>Disabled</value>
+  </data>
+  <data name="Optional" xml:space="preserve">
+    <value>Optional</value>
+  </data>
+  <data name="Required" xml:space="preserve">
+    <value>Required</value>
+  </data>
+  <data name="CreatedOn" xml:space="preserve">
+    <value>Created On</value>
+  </data>
+  <data name="LastIPAddress" xml:space="preserve">
+    <value>Last IP Address</value>
+  </data>
+  <data name="LastLoginOn" xml:space="preserve">
+    <value>Last Login</value>
+  </data>
+  <data name="IdentifierClaimType.HelpText" xml:space="preserve">
+    <value>The name of the unique user identifier claim provided by the provider</value>
+  </data>
+  <data name="IdentifierClaimType.Text" xml:space="preserve">
+    <value>Identifier Claim:</value>
+  </data>
 </root>

Oqtane.Client/Resources/SharedResources.resx

@@ -274,7 +274,7 @@
     <value>Full Name:</value>
   </data>
   <data name="LocalVersion" xml:space="preserve">
-    <value>Local Version</value>
+    <value>Installed Version</value>
   </data>
   <data name="Search.Source" xml:space="preserve">
     <value>source</value>
@@ -321,4 +321,10 @@
   <data name="Settings" xml:space="preserve">
     <value>Settings</value>
   </data>
+  <data name="HidePassword" xml:space="preserve">
+    <value>Hide</value>
+  </data>
+  <data name="ShowPassword" xml:space="preserve">
+    <value>Show</value>
+  </data>
 </root>

Oqtane.Client/Services/AliasService.cs

@@ -12,18 +12,12 @@ namespace Oqtane.Services
     [PrivateApi("Don't show in the documentation, as everything should use the Interface")]
     public class AliasService : ServiceBase, IAliasService
     {
-
-        private readonly SiteState _siteState;
-
         /// <summary>
         /// Constructor - should only be used by Dependency Injection
         /// </summary>
-        public AliasService(HttpClient http, SiteState siteState) : base(http)
+        public AliasService(HttpClient http, SiteState siteState) : base(http, siteState) { }
-        {
-            _siteState = siteState;
-        }
 
-        private string ApiUrl => CreateApiUrl("Alias", _siteState.Alias);
+        private string ApiUrl => CreateApiUrl("Alias");
 
         /// <inheritdoc />
         public async Task<List<Alias>> GetAliasesAsync()

Oqtane.Client/Services/DatabaseService.cs

@@ -11,15 +11,9 @@ namespace Oqtane.Services
     [PrivateApi("Don't show in the documentation, as everything should use the Interface")]
     public class DatabaseService : ServiceBase, IDatabaseService
     {
+        public DatabaseService(HttpClient http, SiteState siteState) : base(http, siteState) { }
 
-        private readonly SiteState _siteState;
+        private string Apiurl => CreateApiUrl("Database");
-
-        public DatabaseService(HttpClient http, SiteState siteState) : base(http)
-        {
-            _siteState = siteState;
-        }
-
-        private string Apiurl => CreateApiUrl("Database", _siteState.Alias);
 
         public async Task<List<Database>> GetDatabasesAsync()
         {

Oqtane.Client/Services/FileService.cs

@@ -14,16 +14,14 @@ namespace Oqtane.Services
     [PrivateApi("Don't show in the documentation, as everything should use the Interface")]
     public class FileService : ServiceBase, IFileService
     {
-        private readonly SiteState _siteState;
         private readonly IJSRuntime _jsRuntime;
 
-        public FileService(HttpClient http, SiteState siteState, IJSRuntime jsRuntime) : base(http)
+        public FileService(HttpClient http, SiteState siteState, IJSRuntime jsRuntime) : base(http, siteState)
         {
-            _siteState = siteState;
             _jsRuntime = jsRuntime;
         }
 
-        private string Apiurl => CreateApiUrl("File", _siteState.Alias);
+        private string Apiurl => CreateApiUrl("File");
 
         public async Task<List<File>> GetFilesAsync(int folderId)
         {

Oqtane.Client/Services/FolderService.cs

@@ -14,14 +14,9 @@ namespace Oqtane.Services
     [PrivateApi("Don't show in the documentation, as everything should use the Interface")]
     public class FolderService : ServiceBase, IFolderService
     {
-        private readonly SiteState _siteState;
+        public FolderService(HttpClient http, SiteState siteState) : base(http, siteState) { }
 
-        public FolderService(HttpClient http, SiteState siteState) : base(http)
+        private string ApiUrl => CreateApiUrl("Folder");
-        {
-            _siteState = siteState;
-        }
-
-        private string ApiUrl => CreateApiUrl("Folder", _siteState.Alias);
 
         public async Task<List<Folder>> GetFoldersAsync(int siteId)
         {

Oqtane.Client/Services/InstallationService.cs

@@ -15,13 +15,15 @@ namespace Oqtane.Services
         private readonly NavigationManager _navigationManager;
         private readonly SiteState _siteState;
 
-        public InstallationService(HttpClient http, NavigationManager navigationManager, SiteState siteState) : base(http)
+        public InstallationService(HttpClient http, SiteState siteState, NavigationManager navigationManager) : base(http, siteState)
         {
             _navigationManager = navigationManager;
             _siteState = siteState;
         }
 
-        private string ApiUrl => CreateApiUrl("Installation", null, ControllerRoutes.ApiRoute); // tenant agnostic
+        private string ApiUrl => (_siteState.Alias == null)
+            ? CreateApiUrl("Installation", null, ControllerRoutes.ApiRoute) // tenant agnostic needed for initial installation
+            : CreateApiUrl("Installation", _siteState.Alias); 
 
         public async Task<Installation> IsInstalled()
         {
@@ -48,14 +50,5 @@ namespace Oqtane.Services
         {
             await PostJsonAsync($"{ApiUrl}/register?email={WebUtility.UrlEncode(email)}", true);
         }
-
-        public void SetAntiForgeryTokenHeader(string antiforgerytokenvalue)
-        {
-            if (!string.IsNullOrEmpty(antiforgerytokenvalue))
-            {
-                AddRequestHeader(Constants.AntiForgeryTokenHeaderName, antiforgerytokenvalue);
-            }
-        }
-
     }
 }

Oqtane.Client/Services/Interfaces/IInstallationService.cs

@@ -42,10 +42,5 @@ namespace Oqtane.Services
         /// <returns></returns>
         Task RegisterAsync(string email);
 
-        /// <summary>
-        /// Sets the antiforgerytoken header so that it is included on all HttpClient calls for the lifetime of the app 
-        /// </summary>
-        /// <returns></returns>
-        void SetAntiForgeryTokenHeader(string antiforgerytokenvalue);
     }
 }

Oqtane.Client/Services/Interfaces/ISettingService.cs

@@ -38,6 +38,12 @@ namespace Oqtane.Services
         /// <returns></returns>
         Task UpdateSiteSettingsAsync(Dictionary<string, string> siteSettings, int siteId);
 
+        /// <summary>
+        /// Clears site option cache
+        /// </summary>
+        /// <returns></returns>
+        Task ClearSiteSettingsCacheAsync();
+
         /// <summary>
         /// Returns a key-value dictionary of all page settings for the given page
         /// </summary>
@@ -149,7 +155,6 @@ namespace Oqtane.Services
         /// <returns></returns>
         Task<Dictionary<string, string>> GetSettingsAsync(string entityName, int entityId);
 
-
         /// <summary>
         /// Updates settings for a given entityName and Id
         /// </summary>
@@ -166,7 +171,6 @@ namespace Oqtane.Services
         /// <returns></returns>
         Task<Setting> GetSettingAsync(string entityName, int settingId);
 
-
         /// <summary>
         /// Creates a new setting
         /// </summary>

Oqtane.Client/Services/Interfaces/ISystemService.cs

@@ -9,16 +9,34 @@ namespace Oqtane.Services
     public interface ISystemService
     {
         /// <summary>
-        /// returns a key-value directory with the current system information (os-version, clr-version, etc.)
+        /// returns a key-value directory with the current system configuration information
         /// </summary>
         /// <returns></returns>
-        Task<Dictionary<string, string>> GetSystemInfoAsync();
+        Task<Dictionary<string, object>> GetSystemInfoAsync();
+
+        /// <summary>
+        /// returns a key-value directory with the current system information - "environment" or "configuration"
+        /// </summary>
+        /// <returns></returns>
+        Task<Dictionary<string, object>> GetSystemInfoAsync(string type);
+
+        /// <summary>
+        /// returns a config value
+        /// </summary>
+        /// <returns></returns>
+        Task<object> GetSystemInfoAsync(string settingKey, object defaultValue);
 
         /// <summary>
         /// Updates system information
         /// </summary>
         /// <param name="settings"></param>
         /// <returns></returns>
-        Task UpdateSystemInfoAsync(Dictionary<string, string> settings);
+        Task UpdateSystemInfoAsync(Dictionary<string, object> settings);
+
+        /// <summary>
+        /// updates a config value
+        /// </summary>
+        /// <returns></returns>
+        Task UpdateSystemInfoAsync(string settingKey, object settingValue);
     }
 }

Oqtane.Client/Services/Interfaces/IUserRoleService.cs

@@ -16,6 +16,31 @@ namespace Oqtane.Services
         /// <returns></returns>
         Task<List<UserRole>> GetUserRolesAsync(int siteId);
 
+        /// <summary>
+        /// Get all <see cref="UserRole"/>s on a <see cref="Site"/>
+        /// </summary>
+        /// <param name="siteId">ID-reference to a <see cref="Site"/></param>
+        /// <param name="userId">ID-reference to a <see cref="User"/></param>
+        /// <returns></returns>
+        Task<List<UserRole>> GetUserRolesAsync(int siteId, int userId);
+
+        /// <summary>
+        /// Get all <see cref="UserRole"/>s on a <see cref="Site"/>
+        /// </summary>
+        /// <param name="siteId">ID-reference to a <see cref="Site"/></param>
+        /// <param name="roleName">Name reference a <see cref="Role"/></param>
+        /// <returns></returns>
+        Task<List<UserRole>> GetUserRolesAsync(int siteId, string roleName);
+
+        /// <summary>
+        /// Get all <see cref="UserRole"/>s on a <see cref="Site"/>
+        /// </summary>
+        /// <param name="siteId">ID-reference to a <see cref="Site"/></param>
+        /// <param name="userId">ID-reference to a <see cref="User"/></param>
+        /// <param name="roleName">Name reference a <see cref="Role"/></param>
+        /// <returns></returns>
+        Task<List<UserRole>> GetUserRolesAsync(int siteId, int userId, string roleName);
+
         /// <summary>
         /// Get one specific <see cref="UserRole"/>
         /// </summary>

Oqtane.Client/Services/Interfaces/IUserService.cs

@@ -54,10 +54,8 @@ namespace Oqtane.Services
         /// Note that this will probably not be a real User, but a user object where the `Username` and `Password` have been filled.
         /// </summary>
         /// <param name="user">A <see cref="User"/> object which should have at least the <see cref="User.Username"/> and <see cref="User.Password"/> set.</param>
-        /// <param name="setCookie">Determines if the login should be stored in the cookie.</param>
-        /// <param name="isPersistent">Determines if the login should be persisted in the cookie for a long time.</param>
         /// <returns></returns>
-        Task<User> LoginUserAsync(User user, bool setCookie, bool isPersistent);
+        Task<User> LoginUserAsync(User user);
 
         /// <summary>
         /// Logout a <see cref="User"/>
@@ -88,5 +86,45 @@ namespace Oqtane.Services
         /// <param name="token"></param>
         /// <returns></returns>
         Task<User> ResetPasswordAsync(User user, string token);
+
+        /// <summary>
+        /// Verify the two factor verification code <see cref="User"/>
+        /// </summary>
+        /// <param name="user"></param>
+        /// <param name="token"></param>
+        /// <returns></returns>
+        Task<User> VerifyTwoFactorAsync(User user, string token);
+
+        /// <summary>
+        /// Validate a users password against the password policy 
+        /// </summary>
+        /// <param name="password"></param>
+        /// <returns></returns>
+        Task<bool> ValidatePasswordAsync(string password);
+
+        /// <summary>
+        /// Get token for current user
+        /// </summary>
+        /// <returns></returns>
+        Task<string> GetTokenAsync();
+
+        /// <summary>
+        /// Get personal access token for current user (administrators only)
+        /// </summary>
+        /// <returns></returns>
+        Task<string> GetPersonalAccessTokenAsync();
+
+        /// <summary>
+        /// Link an external login with a local user account
+        /// </summary>
+        /// <param name="user">The <see cref="User"/> we're verifying</param>
+        /// <param name="token">A Hash value in the URL which verifies this user got the e-mail (containing this token)</param>
+        /// <param name="type">External Login provider type</param>
+        /// <param name="key">External Login provider key</param>
+        /// <param name="name">External Login provider display name</param>
+        /// <returns></returns>
+        Task<User> LinkUserAsync(User user, string token, string type, string key, string name);
+
+
     }
 }

Oqtane.Client/Services/JobLogService.cs

@@ -11,14 +11,9 @@ namespace Oqtane.Services
     [PrivateApi("Don't show in the documentation, as everything should use the Interface")]
     public class JobLogService : ServiceBase, IJobLogService
     {
-        private readonly SiteState _siteState;
+        public JobLogService(HttpClient http, SiteState siteState) : base(http, siteState) { }
 
-        public JobLogService(HttpClient http, SiteState siteState) : base(http)
+        private string Apiurl => CreateApiUrl("JobLog");
-        {
-            _siteState = siteState;
-        }
-
-        private string Apiurl => CreateApiUrl("JobLog", _siteState.Alias);
 
         public async Task<List<JobLog>> GetJobLogsAsync()
         {

Oqtane.Client/Services/JobService.cs

@@ -11,14 +11,9 @@ namespace Oqtane.Services
     [PrivateApi("Don't show in the documentation, as everything should use the Interface")]
     public class JobService : ServiceBase, IJobService
     {
-        private readonly SiteState _siteState;
+        public JobService(HttpClient http, SiteState siteState) : base(http, siteState) { }
 
-        public JobService(HttpClient http, SiteState siteState) : base(http)
+        private string Apiurl => CreateApiUrl("Job");
-        {
-            _siteState = siteState;
-        }
-
-        private string Apiurl => CreateApiUrl("Job", _siteState.Alias);
         
         public async Task<List<Job>> GetJobsAsync()
         {

Oqtane.Client/Services/LanguageService.cs

@@ -11,15 +11,9 @@ namespace Oqtane.Services
     [PrivateApi("Don't show in the documentation, as everything should use the Interface")]
     public class LanguageService : ServiceBase, ILanguageService
     {        
+        public LanguageService(HttpClient http, SiteState siteState) : base(http, siteState) { }
 
-        private readonly SiteState _siteState;
+        private string Apiurl => CreateApiUrl("Language");
-
-        public LanguageService(HttpClient http, SiteState siteState) : base(http)
-        {
-            _siteState = siteState;
-        }
-
-        private string Apiurl => CreateApiUrl("Language", _siteState.Alias);
 
         public async Task<List<Language>> GetLanguagesAsync(int siteId)
         {

Oqtane.Client/Services/LocalizationService.cs

@@ -10,14 +10,9 @@ namespace Oqtane.Services
     [PrivateApi("Don't show in the documentation, as everything should use the Interface")]
     public class LocalizationService : ServiceBase, ILocalizationService
     {
-        private readonly SiteState _siteState;
+        public LocalizationService(HttpClient http, SiteState siteState) : base(http, siteState) { }
 
-        public LocalizationService(HttpClient http, SiteState siteState) : base(http)
+        private string Apiurl => CreateApiUrl("Localization");
-        {
-            _siteState = siteState;
-        }
-
-        private string Apiurl => CreateApiUrl("Localization", _siteState.Alias);
 
         public async Task<IEnumerable<Culture>> GetCulturesAsync() => await GetJsonAsync<IEnumerable<Culture>>(Apiurl);
     }

Oqtane.Client/Services/LogService.cs

@@ -14,18 +14,16 @@ namespace Oqtane.Services
     [PrivateApi("Don't show in the documentation, as everything should use the Interface")]
     public class LogService : ServiceBase, ILogService
     {
-        
         private readonly SiteState _siteState;
         private readonly NavigationManager _navigationManager;
 
-        public LogService(HttpClient http, SiteState siteState, NavigationManager navigationManager) : base(http)
+        public LogService(HttpClient http, SiteState siteState, NavigationManager navigationManager) : base(http, siteState)
         {
-            
             _siteState = siteState;
             _navigationManager = navigationManager;
         }
 
-        private string Apiurl => CreateApiUrl("Log", _siteState.Alias);
+        private string Apiurl => CreateApiUrl("Log");
 
         public async Task<List<Log>> GetLogsAsync(int siteId, string level, string function, int rows)
         {

Oqtane.Client/Services/ModuleDefinitionService.cs

@@ -14,16 +14,9 @@ namespace Oqtane.Services
     [PrivateApi("Don't show in the documentation, as everything should use the Interface")]
     public class ModuleDefinitionService : ServiceBase, IModuleDefinitionService
     {
-        private readonly HttpClient _http;
+        public ModuleDefinitionService(HttpClient http, SiteState siteState) : base(http, siteState) { }
-        private readonly SiteState _siteState;
 
-        public ModuleDefinitionService(HttpClient http, SiteState siteState) : base(http)
+        private string Apiurl => CreateApiUrl("ModuleDefinition");
-        {
-            _http = http;
-            _siteState = siteState;
-        }
-
-        private string Apiurl => CreateApiUrl("ModuleDefinition", _siteState.Alias);
 
         public async Task<List<ModuleDefinition>> GetModuleDefinitionsAsync(int siteId)
         {

Oqtane.Client/Services/ModuleService.cs

@@ -11,15 +11,9 @@ namespace Oqtane.Services
     [PrivateApi("Don't show in the documentation, as everything should use the Interface")]
     public class ModuleService : ServiceBase, IModuleService
     {
+        public ModuleService(HttpClient http, SiteState siteState) : base(http, siteState) { }
 
-        private readonly SiteState _siteState;
+        private string Apiurl => CreateApiUrl("Module");
-
-        public ModuleService(HttpClient http, SiteState siteState) : base(http)
-        {
-            _siteState = siteState;
-        }
-
-        private string Apiurl => CreateApiUrl("Module", _siteState.Alias);
 
         public async Task<List<Module>> GetModulesAsync(int siteId)
         {

Oqtane.Client/Services/NotificationService.cs

@@ -11,14 +11,9 @@ namespace Oqtane.Services
     [PrivateApi("Don't show in the documentation, as everything should use the Interface")]
     public class NotificationService : ServiceBase, INotificationService
     {
-        private readonly SiteState _siteState;
+        public NotificationService(HttpClient http, SiteState siteState) : base(http, siteState) { }
 
-        public NotificationService(HttpClient http, SiteState siteState) : base(http)
+        private string Apiurl => CreateApiUrl("Notification");
-        {
-            _siteState = siteState;
-        }
-
-        private string Apiurl => CreateApiUrl("Notification", _siteState.Alias);
 
         public async Task<List<Notification>> GetNotificationsAsync(int siteId, string direction, int userId)
         {

Oqtane.Client/Services/PackageService.cs

@@ -12,13 +12,9 @@ namespace Oqtane.Services
     [PrivateApi("Don't show in the documentation, as everything should use the Interface")]
     public class PackageService : ServiceBase, IPackageService
     {
-        private readonly SiteState _siteState;
+        public PackageService(HttpClient http, SiteState siteState) : base(http, siteState) { }
 
-        public PackageService(HttpClient http, SiteState siteState) : base(http)
+        private string Apiurl => CreateApiUrl("Package");
-        {
-            _siteState = siteState;
-        }
-        private string Apiurl => CreateApiUrl("Package", _siteState.Alias);
 
         public async Task<List<Package>> GetPackagesAsync(string type)
         {

Oqtane.Client/Services/PageModuleService.cs

@@ -9,15 +9,9 @@ namespace Oqtane.Services
     [PrivateApi("Don't show in the documentation, as everything should use the Interface")]
     public class PageModuleService : ServiceBase, IPageModuleService
     {
+        public PageModuleService(HttpClient http, SiteState siteState) : base(http, siteState) { }
 
-        private readonly SiteState _siteState;
+        private string Apiurl => CreateApiUrl("PageModule");
-
-        public PageModuleService(HttpClient http, SiteState siteState) : base(http)
-        {            
-            _siteState = siteState;
-        }
-
-        private string Apiurl => CreateApiUrl("PageModule", _siteState.Alias);
 
         public async Task<PageModule> GetPageModuleAsync(int pageModuleId)
         {

Oqtane.Client/Services/PageService.cs

@@ -13,16 +13,9 @@ namespace Oqtane.Services
     [PrivateApi("Don't show in the documentation, as everything should use the Interface")]
     public class PageService : ServiceBase, IPageService
     {
+        public PageService(HttpClient http, SiteState siteState) : base(http, siteState) { }
 
-        private readonly SiteState _siteState;
+        private string Apiurl => CreateApiUrl("Page");
-
-        public PageService(HttpClient http, SiteState siteState) : base(http)
-        {
-            
-            _siteState = siteState;
-        }
-
-        private string Apiurl => CreateApiUrl("Page", _siteState.Alias);
 
         public async Task<List<Page>> GetPagesAsync(int siteId)
         {

Oqtane.Client/Services/ProfileService.cs

@@ -11,15 +11,9 @@ namespace Oqtane.Services
     [PrivateApi("Don't show in the documentation, as everything should use the Interface")]
     public class ProfileService : ServiceBase, IProfileService
     {
+        public ProfileService(HttpClient http, SiteState siteState) : base(http, siteState) { }
 
-        private readonly SiteState _siteState;
+        private string Apiurl => CreateApiUrl("Profile");
-
-        public ProfileService(HttpClient http, SiteState siteState) : base(http)
-        {            
-            _siteState = siteState;
-        }
-
-        private string Apiurl => CreateApiUrl("Profile", _siteState.Alias);
 
         public async Task<List<Profile>> GetProfilesAsync(int siteId)
         {

Oqtane.Client/Services/RemoteServiceBase.cs

@@ -0,0 +1,152 @@
+using System;
+using System.Net;
+using System.Net.Http;
+using System.Net.Http.Json;
+using System.Threading;
+using System.Threading.Tasks;
+using Microsoft.Net.Http.Headers;
+using Oqtane.Shared;
+
+namespace Oqtane.Services
+{
+    public class RemoteServiceBase
+    {
+        private readonly SiteState _siteState;
+        private readonly IHttpClientFactory _httpClientFactory;
+
+        protected RemoteServiceBase(IHttpClientFactory httpClientFactory, SiteState siteState)
+        {
+            _siteState = siteState;
+            _httpClientFactory = httpClientFactory;
+        }
+
+        private HttpClient GetHttpClient()
+        {
+            return GetHttpClient(_siteState?.AuthorizationToken);
+        }
+
+        private HttpClient GetHttpClient(string AuthorizationToken)
+        {
+            var httpClient = _httpClientFactory.CreateClient("Remote");
+            if (!httpClient.DefaultRequestHeaders.Contains(HeaderNames.Authorization) && !string.IsNullOrEmpty(AuthorizationToken))
+            {
+                httpClient.DefaultRequestHeaders.Add(HeaderNames.Authorization, "Bearer " + AuthorizationToken);
+            }
+            return httpClient;
+        }
+
+        protected async Task GetAsync(string uri)
+        {
+            var response = await GetHttpClient().GetAsync(uri);
+            CheckResponse(response);
+        }
+
+        protected async Task<string> GetStringAsync(string uri)
+        {
+            try
+            {
+                return await GetHttpClient().GetStringAsync(uri);
+            }
+            catch (Exception e)
+            {
+                Console.WriteLine(e);
+            }
+
+            return default;
+        }
+
+        protected async Task<byte[]> GetByteArrayAsync(string uri)
+        {
+            try
+            {
+                return await GetHttpClient().GetByteArrayAsync(uri);
+            }
+            catch (Exception e)
+            {
+                Console.WriteLine(e);
+            }
+
+            return default;
+        }
+
+        protected async Task<T> GetJsonAsync<T>(string uri)
+        {
+            var response = await GetHttpClient().GetAsync(uri, HttpCompletionOption.ResponseHeadersRead, CancellationToken.None);
+            if (CheckResponse(response) && ValidateJsonContent(response.Content))
+            {
+                return await response.Content.ReadFromJsonAsync<T>();
+            }
+
+            return default;
+        }
+
+        protected async Task PutAsync(string uri)
+        {
+            var response = await GetHttpClient().PutAsync(uri, null);
+            CheckResponse(response);
+        }
+
+        protected async Task<T> PutJsonAsync<T>(string uri, T value)
+        {
+            return await PutJsonAsync<T, T>(uri, value);
+        }
+
+        protected async Task<TResult> PutJsonAsync<TValue, TResult>(string uri, TValue value)
+        {
+            var response = await GetHttpClient().PutAsJsonAsync(uri, value);
+            if (CheckResponse(response) && ValidateJsonContent(response.Content))
+            {
+                var result = await response.Content.ReadFromJsonAsync<TResult>();
+                return result;
+            }
+            return default;
+        }
+
+        protected async Task PostAsync(string uri)
+        {
+            var response = await GetHttpClient().PostAsync(uri, null);
+            CheckResponse(response);
+        }
+
+        protected async Task<T> PostJsonAsync<T>(string uri, T value)
+        {
+            return await PostJsonAsync<T, T>(uri, value);
+        }
+
+        protected async Task<TResult> PostJsonAsync<TValue, TResult>(string uri, TValue value)
+        {
+            var response = await GetHttpClient().PostAsJsonAsync(uri, value);
+            if (CheckResponse(response) && ValidateJsonContent(response.Content))
+            {
+                var result = await response.Content.ReadFromJsonAsync<TResult>();
+                return result;
+            }
+
+            return default;
+        }
+
+        protected async Task DeleteAsync(string uri)
+        {
+            var response = await GetHttpClient().DeleteAsync(uri);
+            CheckResponse(response);
+        }
+
+        private bool CheckResponse(HttpResponseMessage response)
+        {
+            if (response.IsSuccessStatusCode) return true;
+            if (response.StatusCode != HttpStatusCode.NoContent && response.StatusCode != HttpStatusCode.NotFound)
+            {
+                Console.WriteLine($"Request: {response.RequestMessage.RequestUri}");
+                Console.WriteLine($"Response status: {response.StatusCode} {response.ReasonPhrase}");
+            }
+
+            return false;
+        }
+
+        private static bool ValidateJsonContent(HttpContent content)
+        {
+            var mediaType = content?.Headers.ContentType?.MediaType;
+            return mediaType != null && mediaType.Equals("application/json", StringComparison.OrdinalIgnoreCase);
+        }
+    }
+}

Oqtane.Client/Services/RoleService.cs

@@ -11,16 +11,9 @@ namespace Oqtane.Services
     [PrivateApi("Don't show in the documentation, as everything should use the Interface")]
     public class RoleService : ServiceBase, IRoleService
     {
+        public RoleService(HttpClient http, SiteState siteState) : base(http, siteState) { }
 
-        private readonly SiteState _siteState;
+        private string Apiurl => CreateApiUrl("Role");
-
-        public RoleService(HttpClient http, SiteState siteState) : base(http)
-        {
-            
-            _siteState = siteState;
-        }
-
-        private string Apiurl => CreateApiUrl("Role", _siteState.Alias);
 
         public async Task<List<Role>> GetRolesAsync(int siteId)
         {

Oqtane.Client/Services/ServiceBase.cs

@@ -5,24 +5,31 @@ using System.Net.Http;
 using System.Net.Http.Json;
 using System.Threading;
 using System.Threading.Tasks;
-using Oqtane.Documentation;
 using Oqtane.Models;
 using Oqtane.Shared;
 
 namespace Oqtane.Services
 {
-    [PrivateApi("Don't show in the documentation, as everything should use the Interface")]
     public class ServiceBase
     {
-        private readonly HttpClient _http;
+        private readonly HttpClient _httpClient;
         private readonly SiteState _siteState;
 
-        protected ServiceBase(HttpClient client, SiteState siteState)
+        protected ServiceBase(HttpClient httpClient, SiteState siteState)
         {
-            _http = client;
+            _httpClient = httpClient;
             _siteState = siteState;
         }
 
+        private HttpClient GetHttpClient()
+        {
+            if (!_httpClient.DefaultRequestHeaders.Contains(Constants.AntiForgeryTokenHeaderName) && _siteState != null && !string.IsNullOrEmpty(_siteState.AntiForgeryToken))
+            {
+                _httpClient.DefaultRequestHeaders.Add(Constants.AntiForgeryTokenHeaderName, _siteState.AntiForgeryToken);
+            }
+            return _httpClient;
+        }
+
         // should be used with new constructor
         public string CreateApiUrl(string serviceName)
         {
@@ -95,24 +102,9 @@ namespace Oqtane.Services
             }
         }
 
-        // note that HttpClient is registered as a Scoped(shared) service and therefore you should not use request headers whose value can vary over the lifetime of the service
-        protected void AddRequestHeader(string name, string value)
-        {
-            RemoveRequestHeader(name);
-            _http.DefaultRequestHeaders.Add(name, value);
-        }
-
-        protected void RemoveRequestHeader(string name)
-        {
-            if (_http.DefaultRequestHeaders.Contains(name))
-            {
-                _http.DefaultRequestHeaders.Remove(name);
-            }
-        }
-
         protected async Task GetAsync(string uri)
         {
-            var response = await _http.GetAsync(uri);
+            var response = await GetHttpClient().GetAsync(uri);
             CheckResponse(response);
         }
 
@@ -120,7 +112,7 @@ namespace Oqtane.Services
         {
             try
             {
-                return await _http.GetStringAsync(uri);
+                return await GetHttpClient().GetStringAsync(uri);
             }
             catch (Exception e)
             {
@@ -134,7 +126,7 @@ namespace Oqtane.Services
         {
             try
             {
-                return await _http.GetByteArrayAsync(uri);
+                return await GetHttpClient().GetByteArrayAsync(uri);
             }
             catch (Exception e)
             {
@@ -146,7 +138,7 @@ namespace Oqtane.Services
 
         protected async Task<T> GetJsonAsync<T>(string uri)
         {
-            var response = await _http.GetAsync(uri, HttpCompletionOption.ResponseHeadersRead, CancellationToken.None);
+            var response = await GetHttpClient().GetAsync(uri, HttpCompletionOption.ResponseHeadersRead, CancellationToken.None);
             if (CheckResponse(response) && ValidateJsonContent(response.Content))
             {
                 return await response.Content.ReadFromJsonAsync<T>();
@@ -157,7 +149,7 @@ namespace Oqtane.Services
 
         protected async Task PutAsync(string uri)
         {
-            var response = await _http.PutAsync(uri, null);
+            var response = await GetHttpClient().PutAsync(uri, null);
             CheckResponse(response);
         }
 
@@ -168,7 +160,7 @@ namespace Oqtane.Services
 
         protected async Task<TResult> PutJsonAsync<TValue, TResult>(string uri, TValue value)
         {
-            var response = await _http.PutAsJsonAsync(uri, value);
+            var response = await GetHttpClient().PutAsJsonAsync(uri, value);
             if (CheckResponse(response) && ValidateJsonContent(response.Content))
             {
                 var result = await response.Content.ReadFromJsonAsync<TResult>();
@@ -179,7 +171,7 @@ namespace Oqtane.Services
 
         protected async Task PostAsync(string uri)
         {
-            var response = await _http.PostAsync(uri, null);
+            var response = await GetHttpClient().PostAsync(uri, null);
             CheckResponse(response);
         }
 
@@ -190,7 +182,7 @@ namespace Oqtane.Services
 
         protected async Task<TResult> PostJsonAsync<TValue, TResult>(string uri, TValue value)
         {
-            var response = await _http.PostAsJsonAsync(uri, value);
+            var response = await GetHttpClient().PostAsJsonAsync(uri, value);
             if (CheckResponse(response) && ValidateJsonContent(response.Content))
             {
                 var result = await response.Content.ReadFromJsonAsync<TResult>();
@@ -202,7 +194,7 @@ namespace Oqtane.Services
 
         protected async Task DeleteAsync(string uri)
         {
-            var response = await _http.DeleteAsync(uri);
+            var response = await GetHttpClient().DeleteAsync(uri);
             CheckResponse(response);
         }
 
@@ -228,7 +220,7 @@ namespace Oqtane.Services
         // This constructor is obsolete. Use ServiceBase(HttpClient client, SiteState siteState) : base(http, siteState) {} instead.
         protected ServiceBase(HttpClient client)
         {
-            _http = client;
+            _httpClient = client;
         }
 
         [Obsolete("This method is obsolete. Use CreateApiUrl(string serviceName, Alias alias) in conjunction with ControllerRoutes.ApiRoute in Controllers instead.", false)]
@@ -240,7 +232,7 @@ namespace Oqtane.Services
         [Obsolete("This property of ServiceBase is deprecated. Cross tenant service calls are not supported.", false)]
         public Alias Alias { get; set; }
 
-        [Obsolete("This method is obsolete. Use CreateApiUrl(string entityName, int entityId) instead.", false)]
+        [Obsolete("This method is obsolete. Use CreateAuthorizationPolicyUrl(string url, string entityName, int entityId) where entityName = EntityNames.Module instead.", false)]
         public string CreateAuthorizationPolicyUrl(string url, int entityId)
         {
             return url + ((url.Contains("?")) ? "&" : "?") + "entityid=" + entityId.ToString();

Oqtane.Client/Services/SettingService.cs

@@ -12,15 +12,9 @@ namespace Oqtane.Services
     [PrivateApi("Don't show in the documentation, as everything should use the Interface")]
     public class SettingService : ServiceBase, ISettingService
     {
+        public SettingService(HttpClient http, SiteState siteState) : base(http, siteState) { }
 
-        private readonly SiteState _siteState;
+        private string Apiurl => CreateApiUrl("Setting");
-
-        public SettingService(HttpClient http, SiteState siteState) : base(http)
-        {            
-            _siteState = siteState;
-        }
-
-        private string Apiurl => CreateApiUrl("Setting", _siteState.Alias);
 
         public async Task<Dictionary<string, string>> GetTenantSettingsAsync()
         {
@@ -42,6 +36,11 @@ namespace Oqtane.Services
             await UpdateSettingsAsync(siteSettings, EntityNames.Site, siteId);
         }
 
+        public async Task ClearSiteSettingsCacheAsync()
+        {
+            await DeleteAsync($"{Apiurl}/clear");
+        }
+
         public async Task<Dictionary<string, string>> GetPageSettingsAsync(int pageId)
         {
             return await GetSettingsAsync(EntityNames.Page, pageId);

Oqtane.Client/Services/SiteService.cs

@@ -12,16 +12,9 @@ namespace Oqtane.Services
     [PrivateApi("Don't show in the documentation, as everything should use the Interface")]
     public class SiteService : ServiceBase, ISiteService
     {
+        public SiteService(HttpClient http, SiteState siteState) : base(http, siteState) { }
 
-        private readonly SiteState _siteState;
+        private string Apiurl => CreateApiUrl("Site");
-
-        public SiteService(HttpClient http, SiteState siteState) : base(http)
-        {
-            
-            _siteState = siteState;
-        }
-
-        private string Apiurl => CreateApiUrl("Site", _siteState.Alias);
 
         public async Task<List<Site>> GetSitesAsync()
         {

Oqtane.Client/Services/SiteTemplateService.cs

@@ -11,13 +11,9 @@ namespace Oqtane.Services
     [PrivateApi("Don't show in the documentation, as everything should use the Interface")]
     public class SiteTemplateService : ServiceBase, ISiteTemplateService
     {
-        private readonly SiteState _siteState;
+        public SiteTemplateService(HttpClient http, SiteState siteState) : base(http, siteState) { }
 
-        public SiteTemplateService(HttpClient http, SiteState siteState) : base(http)
+        private string Apiurl => CreateApiUrl("SiteTemplate");
-        {
-            _siteState = siteState;
-        }
-        private string Apiurl => CreateApiUrl("SiteTemplate", _siteState.Alias);
 
         public async Task<List<SiteTemplate>> GetSiteTemplatesAsync()
         {

Oqtane.Client/Services/SqlService.cs

@@ -9,14 +9,9 @@ namespace Oqtane.Services
     [PrivateApi("Don't show in the documentation, as everything should use the Interface")]
     public class SqlService : ServiceBase, ISqlService
     {
-        private readonly SiteState _siteState;
+        public SqlService(HttpClient http, SiteState siteState) : base(http, siteState) { }
 
-        public SqlService(HttpClient http, SiteState siteState) : base(http)
+        private string Apiurl => CreateApiUrl("Sql");
-        {
-            _siteState = siteState;
-        }
-
-        private string Apiurl => CreateApiUrl("Sql", _siteState.Alias);
 
         public async Task<SqlQuery> ExecuteQueryAsync(SqlQuery sqlquery)
         {

Oqtane.Client/Services/SyncService.cs

@@ -11,18 +11,9 @@ namespace Oqtane.Services
     [PrivateApi("Don't show in the documentation, as everything should use the Interface")]
     public class SyncService : ServiceBase, ISyncService
     {
+        public SyncService(HttpClient http, SiteState siteState) : base(http, siteState) { }
 
-        private readonly SiteState _siteState;
+        private string ApiUrl => CreateApiUrl("Sync");
-
-        /// <summary>
-        /// Constructor - should only be used by Dependency Injection
-        /// </summary>
-        public SyncService(HttpClient http, SiteState siteState) : base(http)
-        {
-            _siteState = siteState;
-        }
-
-        private string ApiUrl => CreateApiUrl("Sync", _siteState.Alias);
 
         /// <inheritdoc />
         public async Task<Sync> GetSyncAsync(DateTime lastSyncDate)

Oqtane.Client/Services/SystemService.cs

@@ -9,23 +9,32 @@ namespace Oqtane.Services
     [PrivateApi("Don't show in the documentation, as everything should use the Interface")]
     public class SystemService : ServiceBase, ISystemService
     {
-        private readonly SiteState _siteState;
+        public SystemService(HttpClient http, SiteState siteState) : base(http, siteState) { }
 
-        public SystemService(HttpClient http, SiteState siteState) : base(http)
+        private string Apiurl => CreateApiUrl("System");
+
+        public async Task<Dictionary<string, object>> GetSystemInfoAsync()
         {
-            _siteState = siteState;
+            return await GetSystemInfoAsync("configuration");
         }
 
-        private string Apiurl => CreateApiUrl("System", _siteState.Alias);
+        public async Task<Dictionary<string, object>> GetSystemInfoAsync(string type)
-
-        public async Task<Dictionary<string, string>> GetSystemInfoAsync()
         {
-            return await GetJsonAsync<Dictionary<string, string>>(Apiurl);
+            return await GetJsonAsync<Dictionary<string, object>>($"{Apiurl}?type={type}");
         }
 
-        public async Task UpdateSystemInfoAsync(Dictionary<string, string> settings)
+        public async Task<object> GetSystemInfoAsync(string settingKey, object defaultValue)
+        {
+            return await GetJsonAsync<object>($"{Apiurl}/{settingKey}/{defaultValue}");
+        }
+
+        public async Task UpdateSystemInfoAsync(Dictionary<string, object> settings)
         {
             await PostJsonAsync(Apiurl, settings);
         }
+        public async Task UpdateSystemInfoAsync(string settingKey, object settingValue)
+        {
+            await PutJsonAsync($"{Apiurl}/{settingKey}/{settingValue}", "");
+        }
     }
 }

Oqtane.Client/Services/TenantService.cs

@@ -11,14 +11,9 @@ namespace Oqtane.Services
     [PrivateApi("Don't show in the documentation, as everything should use the Interface")]
     public class TenantService : ServiceBase, ITenantService
     {
-        private readonly SiteState _siteState;
+        public TenantService(HttpClient http, SiteState siteState) : base(http, siteState) { }
 
-        public TenantService(HttpClient http, SiteState siteState) : base(http)
+        private string Apiurl => CreateApiUrl("Tenant");
-        {
-            _siteState = siteState;
-        }
-
-        private string Apiurl => CreateApiUrl("Tenant", _siteState.Alias);
 
         public async Task<List<Tenant>> GetTenantsAsync()
         {

Oqtane.Client/Services/ThemeService.cs

@@ -11,14 +11,9 @@ namespace Oqtane.Services
     [PrivateApi("Don't show in the documentation, as everything should use the Interface")]
     public class ThemeService : ServiceBase, IThemeService
     {
-        private readonly SiteState _siteState;
+        public ThemeService(HttpClient http, SiteState siteState) : base(http, siteState) { }
 
-        public ThemeService(HttpClient http, SiteState siteState) : base(http)
+        private string ApiUrl => CreateApiUrl("Theme");
-        {
-            _siteState = siteState;
-        }
-
-        private string ApiUrl => CreateApiUrl("Theme", _siteState.Alias);
 
         public async Task<List<Theme>> GetThemesAsync()
         {

Oqtane.Client/Services/UrlMappingService.cs

@@ -12,16 +12,9 @@ namespace Oqtane.Services
     [PrivateApi("Don't show in the documentation, as everything should use the Interface")]
     public class UrlMappingService : ServiceBase, IUrlMappingService
     {
+        public UrlMappingService(HttpClient http, SiteState siteState) : base(http, siteState) { }
 
-        private readonly SiteState _siteState;
+        private string Apiurl => CreateApiUrl("UrlMapping");
-
-        public UrlMappingService(HttpClient http, SiteState siteState) : base(http)
-        {
-            
-            _siteState = siteState;
-        }
-
-        private string Apiurl => CreateApiUrl("UrlMapping", _siteState.Alias);
 
         public async Task<List<UrlMapping>> GetUrlMappingsAsync(int siteId, bool isMapped)
         {

Oqtane.Client/Services/UserRoleService.cs

@@ -10,19 +10,37 @@ namespace Oqtane.Services
     [PrivateApi("Don't show in the documentation, as everything should use the Interface")]
     public class UserRoleService : ServiceBase, IUserRoleService
     {
+        public UserRoleService(HttpClient http, SiteState siteState) : base(http, siteState) { }
 
-        private readonly SiteState _siteState;
+        private string Apiurl => CreateApiUrl("UserRole");
-
-        public UserRoleService(HttpClient http, SiteState siteState) : base(http)
-        {            
-            _siteState = siteState;
-        }
-
-        private string Apiurl => CreateApiUrl("UserRole", _siteState.Alias);
 
         public async Task<List<UserRole>> GetUserRolesAsync(int siteId)
         {
-            return await GetJsonAsync<List<UserRole>>($"{Apiurl}?siteid={siteId}");
+            return await GetUserRolesAsync(siteId, -1, "");
+        }
+
+        public async Task<List<UserRole>> GetUserRolesAsync(int siteId, int userId)
+        {
+            return await GetUserRolesAsync(siteId, userId, "");
+        }
+
+        public async Task<List<UserRole>> GetUserRolesAsync(int siteId, string roleName)
+        {
+            return await GetUserRolesAsync(siteId, -1, roleName);
+        }
+
+        public async Task<List<UserRole>> GetUserRolesAsync(int siteId, int userId, string roleName)
+        {
+            var url = $"{Apiurl}?siteid={siteId}";
+            if (userId != -1)
+            {
+                url += $"&userid={userId}";
+            }
+            if (roleName != "")
+            {
+                url += $"&rolename={roleName}";
+            }
+            return await GetJsonAsync<List<UserRole>>(url);
         }
 
         public async Task<UserRole> GetUserRoleAsync(int userRoleId)

Oqtane.Client/Services/UserService.cs

@@ -3,20 +3,16 @@ using Oqtane.Models;
 using System.Net.Http;
 using System.Threading.Tasks;
 using Oqtane.Documentation;
+using System.Net;
 
 namespace Oqtane.Services
 {
     [PrivateApi("Don't show in the documentation, as everything should use the Interface")]
     public class UserService : ServiceBase, IUserService
     {
-        private readonly SiteState _siteState;
+        public UserService(HttpClient http, SiteState siteState) : base(http, siteState) { }
 
-        public UserService(HttpClient http, SiteState siteState) : base(http)
+        private string Apiurl => CreateApiUrl("User");
-        {
-            _siteState = siteState;
-        }
-
-        private string Apiurl => CreateApiUrl("User", _siteState.Alias);
 
         public async Task<User> GetUserAsync(int userId, int siteId)
         {
@@ -43,9 +39,9 @@ namespace Oqtane.Services
             await DeleteAsync($"{Apiurl}/{userId}?siteid={siteId}");
         }
 
-        public async Task<User> LoginUserAsync(User user, bool setCookie, bool isPersistent)
+        public async Task<User> LoginUserAsync(User user)
         {
-            return await PostJsonAsync<User>($"{Apiurl}/login?setcookie={setCookie}&persistent={isPersistent}", user);
+            return await PostJsonAsync<User>($"{Apiurl}/login", user);
         }
 
         public async Task LogoutUserAsync(User user)
@@ -68,5 +64,31 @@ namespace Oqtane.Services
         {
             return await PostJsonAsync<User>($"{Apiurl}/reset?token={token}", user);
         }
+
+        public async Task<User> VerifyTwoFactorAsync(User user, string token)
+        {
+            return await PostJsonAsync<User>($"{Apiurl}/twofactor?token={token}", user);
+        }
+
+        public async Task<bool> ValidatePasswordAsync(string password)
+        {
+            return await GetJsonAsync<bool>($"{Apiurl}/validate/{WebUtility.UrlEncode(password)}");
+        }
+
+        public async Task<string> GetTokenAsync()
+        {
+            return await GetStringAsync($"{Apiurl}/token");
+        }
+
+        public async Task<string> GetPersonalAccessTokenAsync()
+        {
+            return await GetStringAsync($"{Apiurl}/personalaccesstoken");
+        }
+
+        public async Task<User> LinkUserAsync(User user, string token, string type, string key, string name)
+        {
+            return await PostJsonAsync<User>($"{Apiurl}/link?token={token}&type={type}&key={key}&name={name}", user);
+        }
+
     }
 }

Oqtane.Client/Services/VisitorService.cs

@@ -12,16 +12,9 @@ namespace Oqtane.Services
     [PrivateApi("Don't show in the documentation, as everything should use the Interface")]
     public class VisitorService : ServiceBase, IVisitorService
     {
+        public VisitorService(HttpClient http, SiteState siteState) : base(http, siteState) { }
 
-        private readonly SiteState _siteState;
+        private string Apiurl => CreateApiUrl("Visitor");
-
-        public VisitorService(HttpClient http, SiteState siteState) : base(http)
-        {
-            
-            _siteState = siteState;
-        }
-
-        private string Apiurl => CreateApiUrl("Visitor", _siteState.Alias);
 
         public async Task<List<Visitor>> GetVisitorsAsync(int siteId, DateTime fromDate)
         {

Oqtane.Client/Themes/Controls/Theme/ControlPanel.razor

@@ -333,9 +333,8 @@
 		if (PageId != "-")
 		{
 			_modules = PageState.Modules
-				.Where(module => module.PageId == int.Parse(PageId)
+				.Where(module => module.PageId == int.Parse(PageId) &&
-									&& !module.IsDeleted
+				UserSecurity.IsAuthorized(PageState.User, PermissionNames.View, module.Permissions))
-									&& UserSecurity.IsAuthorized(PageState.User, PermissionNames.View, module.Permissions))
 				.ToList();
 		}
 		ModuleId = "-";

Oqtane.Client/Themes/Controls/Theme/LoginBase.cs

@@ -3,7 +3,6 @@ using System.Threading.Tasks;
 using Microsoft.AspNetCore.Components;
 using Microsoft.JSInterop;
 using Oqtane.Enums;
-using Oqtane.Providers;
 using Oqtane.Security;
 using Oqtane.Services;
 using Oqtane.Shared;
@@ -32,27 +31,19 @@ namespace Oqtane.Themes.Controls
 
         protected async Task LogoutUser()
         {
-            await UserService.LogoutUserAsync(PageState.User);
+            await LoggingService.Log(PageState.Alias, PageState.Page.PageId, null, PageState.User.UserId, GetType().AssemblyQualifiedName, "Logout", LogFunction.Security, LogLevel.Information, null, "User Logout For Username {Username}", PageState.User.Username);
-            await LoggingService.Log(PageState.Alias, PageState.Page.PageId, PageState.ModuleId, PageState.User.UserId, GetType().AssemblyQualifiedName, "Logout", LogFunction.Security, LogLevel.Information, null, "User Logout For Username {Username}", PageState.User.Username);
 
-            PageState.User = null;
+            // check if anonymous user can access page
-            bool authorizedtoviewpage = UserSecurity.IsAuthorized(PageState.User, PermissionNames.View, PageState.Page.Permissions);
+            var url = PageState.Alias.Path + "/" + PageState.Page.Path;
+            if (!UserSecurity.IsAuthorized(null, PermissionNames.View, PageState.Page.Permissions))
+            {
+                url = PageState.Alias.Path;
+            }            
 
-            if (PageState.Runtime == Oqtane.Shared.Runtime.Server)
+            // post to the Logout page to complete the logout process
-            {
+            var fields = new { __RequestVerificationToken = SiteState.AntiForgeryToken, returnurl = url };
-                // server-side Blazor needs to post to the Logout page
+            var interop = new Interop(jsRuntime);
-                var fields = new { __RequestVerificationToken = SiteState.AntiForgeryToken, returnurl = !authorizedtoviewpage ? PageState.Alias.Path : PageState.Alias.Path + "/" + PageState.Page.Path };
+            await interop.SubmitForm(Utilities.TenantUrl(PageState.Alias, "/pages/logout/"), fields);
-                string url = Utilities.TenantUrl(PageState.Alias, "/pages/logout/");
-                var interop = new Interop(jsRuntime);
-                await interop.SubmitForm(url, fields);
-            }
-            else
-            {
-                // client-side Blazor
-                var authstateprovider = (IdentityAuthenticationStateProvider)ServiceProvider.GetService(typeof(IdentityAuthenticationStateProvider));
-                authstateprovider.NotifyAuthenticationChanged();
-                NavigationManager.NavigateTo(NavigateUrl(!authorizedtoviewpage ? PageState.Alias.Path : PageState.Page.Path, true));
-            }
         }
     }
 }

Oqtane.Client/Themes/Controls/Theme/MenuBase.cs

@@ -30,7 +30,7 @@ namespace Oqtane.Themes.Controls
         private IEnumerable<Page> GetMenuPages()
         {
             var securityLevel = int.MaxValue;
-            foreach (Page p in PageState.Pages.Where(item => item.IsNavigation && !item.IsDeleted))
+            foreach (Page p in PageState.Pages.Where(item => item.IsNavigation))
             {
                 if (p.Level <= securityLevel && UserSecurity.IsAuthorized(PageState.User, PermissionNames.View, p.Permissions))
                 {

Oqtane.Client/Themes/ThemeBase.cs

@@ -32,9 +32,9 @@ namespace Oqtane.Themes
                 if (Resources != null && Resources.Exists(item => item.ResourceType == ResourceType.Script))
                 {
                     var scripts = new List<object>();
-                    foreach (Resource resource in Resources.Where(item => item.ResourceType == ResourceType.Script && item.Declaration != ResourceDeclaration.Global))
+                    foreach (Resource resource in Resources.Where(item => item.ResourceType == ResourceType.Script))
                     {
-                        scripts.Add(new { href = resource.Url, bundle = resource.Bundle ?? "", integrity = resource.Integrity ?? "", crossorigin = resource.CrossOrigin ?? "" });
+                        scripts.Add(new { href = resource.Url, bundle = resource.Bundle ?? "", integrity = resource.Integrity ?? "", crossorigin = resource.CrossOrigin ?? "", es6module = resource.ES6Module });
                     }
                     if (scripts.Any())
                     {

Oqtane.Client/UI/Interop.cs

@@ -72,13 +72,13 @@ namespace Oqtane.UI
             }
         }
 
-        public Task IncludeLink(string id, string rel, string href, string type, string integrity, string crossorigin, string key)
+        public Task IncludeLink(string id, string rel, string href, string type, string integrity, string crossorigin, string includebefore)
         {
             try
             {
                 _jsRuntime.InvokeVoidAsync(
                     "Oqtane.Interop.includeLink",
-                    id, rel, href, type, integrity, crossorigin, key);
+                    id, rel, href, type, integrity, crossorigin, includebefore);
                 return Task.CompletedTask;
             }
             catch
@@ -102,13 +102,13 @@ namespace Oqtane.UI
             }
         }
 
-        public Task IncludeScript(string id, string src, string integrity, string crossorigin, string content, string location, string key)
+        public Task IncludeScript(string id, string src, string integrity, string crossorigin, string content, string location)
         {
             try
             {
                 _jsRuntime.InvokeVoidAsync(
                     "Oqtane.Interop.includeScript",
-                    id, src, integrity, crossorigin, content, location, key);
+                    id, src, integrity, crossorigin, content, location);
                 return Task.CompletedTask;
             }
             catch

Oqtane.Client/UI/Pane.razor

@@ -48,7 +48,7 @@ else
                 if (Name.ToLower() == PaneNames.Admin.ToLower())
                 {
                     Module module = PageState.Modules.FirstOrDefault(item => item.ModuleId == PageState.ModuleId);
-                    if (module != null && !module.IsDeleted)
+                    if (module != null)
                     {
                         var moduleType = Type.GetType(module.ModuleType);
                         if (moduleType != null)
@@ -97,7 +97,7 @@ else
                 if (PageState.ModuleId != -1)
                 {
                     Module module = PageState.Modules.FirstOrDefault(item => item.ModuleId == PageState.ModuleId);
-                    if (module != null && module.Pane.ToLower() == Name.ToLower() && !module.IsDeleted)
+                    if (module != null && module.Pane.ToLower() == Name.ToLower())
                     {
                         // check if user is authorized to view module
                         if (UserSecurity.IsAuthorized(PageState.User, PermissionNames.View, module.Permissions))
@@ -108,7 +108,7 @@ else
                 }
                 else
                 {
-                    foreach (Module module in PageState.Modules.Where(item => item.PageId == PageState.Page.PageId && item.Pane.ToLower() == Name.ToLower() && !item.IsDeleted).OrderBy(x => x.Order).ToArray())
+                    foreach (Module module in PageState.Modules.Where(item => item.PageId == PageState.Page.PageId && item.Pane.ToLower() == Name.ToLower()).OrderBy(x => x.Order).ToArray())
                     {
                         // check if user is authorized to view module
                         if (UserSecurity.IsAuthorized(PageState.User, PermissionNames.View, module.Permissions))

Oqtane.Client/UI/SiteRouter.razor

@@ -80,23 +80,33 @@
 		var runtime = (Shared.Runtime)Enum.Parse(typeof(Shared.Runtime), Runtime);
 
 		Route route = new Route(_absoluteUri, SiteState.Alias.Path);
-		var moduleid = (int.TryParse(route.ModuleId, out int mid)) ? mid : -1;
+		int moduleid = (int.TryParse(route.ModuleId, out moduleid)) ? moduleid : -1;
 		var action = (!string.IsNullOrEmpty(route.Action)) ? route.Action : Constants.DefaultAction; 
 		var querystring = ParseQueryString(route.Query);
 
-		// reload the client application if there is a forced reload or the user navigated to a site with a different alias 
+		// reload the client application from the server if there is a forced reload or the user navigated to a site with a different alias 
-		if (querystring.ContainsKey("reload") || (!route.AbsolutePath.Substring(1).ToLower().StartsWith(SiteState.Alias.Path.ToLower()) && !string.IsNullOrEmpty(SiteState.Alias.Path)))
+		if (querystring.ContainsKey("reload") || (!NavigationManager.ToBaseRelativePath(_absoluteUri).ToLower().StartsWith(SiteState.Alias.Path.ToLower()) && !string.IsNullOrEmpty(SiteState.Alias.Path)))
 		{
-			NavigationManager.NavigateTo(_absoluteUri.Replace("?reload", ""), true);
+			if (querystring["reload"] == "post")
-			return;
-		}
-		else
-		{
-			// the refresh parameter is used to refresh the PageState
-			if (querystring.ContainsKey("refresh"))
 			{
-				refresh = UI.Refresh.Site;
+				// post back so that the cookies are set correctly - required on any change to the principal 
+				var interop = new Interop(JSRuntime);
+				var fields = new { returnurl = "/" + NavigationManager.ToBaseRelativePath(_absoluteUri) };
+				string url = Utilities.TenantUrl(SiteState.Alias, "/pages/external/");
+				await interop.SubmitForm(url, fields);
+				return;
 			}
+			else
+			{
+				NavigationManager.NavigateTo(_absoluteUri.Replace("?reload", ""), true);
+				return;				
+			}
+		}
+		
+		// the refresh parameter is used to refresh the client-side PageState
+		if (querystring.ContainsKey("refresh"))
+		{
+			refresh = UI.Refresh.Site;
 		}
 
 		if (PageState != null)
@@ -164,6 +174,7 @@
 			if (PageState == null || refresh == UI.Refresh.Site)
 			{
 				pages = await PageService.GetPagesAsync(site.SiteId);
+				pages = pages.Where(item => !item.IsDeleted).ToList();
 			}
 			else
 			{
@@ -206,6 +217,7 @@
 					if (PageState == null || refresh == UI.Refresh.Site)
 					{
 						modules = await ModuleService.GetModulesAsync(site.SiteId);
+						modules = modules.Where(item => !item.IsDeleted).ToList();
 					}
 					else
 					{
@@ -256,10 +268,14 @@
 					}
 					else
 					{
-						await LogService.Log(null, null, user.UserId, GetType().AssemblyQualifiedName, Utilities.GetTypeNameLastSegment(GetType().AssemblyQualifiedName, 1), LogFunction.Security, LogLevel.Error, null, "Page Does Not Exist Or User Is Not Authorized To View Page {Path}", route.PagePath);
+						if (route.PagePath != "404")
-						if (route.PagePath != "")
 						{
-							// redirect to home page
+							// redirect to 404 page
+							NavigationManager.NavigateTo(Utilities.NavigateUrl(SiteState.Alias.Path, "404", ""));
+						}
+						else
+						{
+							// redirect to home page as a fallback
 							NavigationManager.NavigateTo(Utilities.NavigateUrl(SiteState.Alias.Path, "", ""));
 						}
 					}
@@ -268,7 +284,7 @@
 		}
 		else
 		{
-		// site does not exist
+			// site does not exist
 		}
 	}
 
@@ -322,7 +338,7 @@
 		{
 			if (page.IsPersonalizable && user != null)
 			{
-			// load the personalized page
+				// load the personalized page
 				page = await PageService.GetPageAsync(page.PageId, user.UserId);
 			}
 
@@ -338,7 +354,7 @@
 			Type themetype = Type.GetType(page.ThemeType);
 			if (themetype == null)
 			{
-			// fallback
+				// fallback
 				page.ThemeType = Constants.DefaultTheme;
 				themetype = Type.GetType(Constants.DefaultTheme);
 			}
@@ -351,14 +367,14 @@
 					{
 						panes = themeobject.Panes;
 					}
-					page.Resources = ManagePageResources(page.Resources, themeobject.Resources);
+					page.Resources = ManagePageResources(page.Resources, themeobject.Resources, ResourceLevel.Page);
 				}
 			}
 			page.Panes = panes.Replace(";", ",").Split(new[] { ',' }, StringSplitOptions.RemoveEmptyEntries).ToList();
 		}
 		catch
 		{
-		// error loading theme or layout
+			// error loading theme or layout
 		}
 
 		return page;
@@ -369,7 +385,7 @@
 		var paneindex = new Dictionary<string, int>();
 		foreach (Module module in modules)
 		{
-		// initialize module control properties
+			// initialize module control properties
 			module.SecurityAccessLevel = SecurityAccessLevel.Host;
 			module.ControlTitle = "";
 			module.Actions = "";
@@ -422,17 +438,17 @@
 				// get additional metadata from IModuleControl interface
 				if (moduletype != null && module.ModuleType != "")
 				{
-				// retrieve module component resources
+					// retrieve module component resources
 					var moduleobject = Activator.CreateInstance(moduletype) as IModuleControl;
-					page.Resources = ManagePageResources(page.Resources, moduleobject.Resources);
+					page.Resources = ManagePageResources(page.Resources, moduleobject.Resources, ResourceLevel.Module);
 					if (action.ToLower() == "settings" && module.ModuleDefinition != null)
 					{
-					// settings components are embedded within a framework settings module
+						// settings components are embedded within a framework settings module
 						moduletype = Type.GetType(module.ModuleDefinition.ControlTypeTemplate.Replace(Constants.ActionToken, action), false, true);
 						if (moduletype != null)
 						{
 							moduleobject = Activator.CreateInstance(moduletype) as IModuleControl;
-							page.Resources = ManagePageResources(page.Resources, moduleobject.Resources);
+							page.Resources = ManagePageResources(page.Resources, moduleobject.Resources, ResourceLevel.Module);
 						}
 					}
 
@@ -483,15 +499,16 @@
 		return (page, modules);
 	}
 
-	private List<Resource> ManagePageResources(List<Resource> pageresources, List<Resource> resources)
+	private List<Resource> ManagePageResources(List<Resource> pageresources, List<Resource> resources, ResourceLevel level)
 	{
 		if (resources != null)
 		{
 			foreach (var resource in resources)
 			{
-			// ensure resource does not exist already
+				// ensure resource does not exist already
 				if (pageresources.Find(item => item.Url == resource.Url) == null)
 				{
+					resource.Level = level;
 					pageresources.Add(resource);
 				}
 			}

Oqtane.Client/UI/ThemeBuilder.razor

@@ -28,20 +28,22 @@
 
 	protected override async Task OnAfterRenderAsync(bool firstRender)
 	{
-        var interop = new Interop(JsRuntime);
+		var interop = new Interop(JsRuntime);
 
         // manage stylesheets for this page 
-        string batch = DateTime.UtcNow.ToString("yyyyMMddHHmmssfff");
+		string batch = DateTime.UtcNow.ToString("yyyyMMddHHmmssfff");
-        var links = new List<object>();
+		var links = new List<object>();
-        foreach (Resource resource in PageState.Page.Resources.Where(item => item.ResourceType == ResourceType.Stylesheet && item.Declaration != ResourceDeclaration.Global))
+		foreach (Resource resource in PageState.Page.Resources.Where(item => item.ResourceType == ResourceType.Stylesheet))
-        {
+		{
-            links.Add(new { id = "app-stylesheet-" + batch + "-" + (links.Count + 1).ToString("00"), rel = "stylesheet", href = resource.Url, type = "text/css", integrity = resource.Integrity ?? "", crossorigin = resource.CrossOrigin ?? "", key = "" });
+			var prefix = "app-stylesheet-" + resource.Level.ToString().ToLower();
+			links.Add(new { id = prefix + "-" + batch + "-" + (links.Count + 1).ToString("00"), rel = "stylesheet", href = resource.Url, type = "text/css", integrity = resource.Integrity ?? "", crossorigin = resource.CrossOrigin ?? "", insertbefore = prefix });
         }
         if (links.Any())
         {
             await interop.IncludeLinks(links.ToArray());
         }
-		await interop.RemoveElementsById("app-stylesheet", "", "app-stylesheet-" + batch + "-00");
+		await interop.RemoveElementsById("app-stylesheet-page-", "", "app-stylesheet-page-" + batch + "-00");
+		await interop.RemoveElementsById("app-stylesheet-module-", "", "app-stylesheet-module-" + batch + "-00");
 
 		// set page title
 		if (!string.IsNullOrEmpty(PageState.Page.Title))

Oqtane.Database.MySQL/Oqtane.Database.MySQL.csproj

@@ -2,7 +2,7 @@
 
   <PropertyGroup>
     <TargetFramework>net6.0</TargetFramework>
-    <Version>3.0.3</Version>
+    <Version>3.1.1</Version>
     <Product>Oqtane</Product>
     <Authors>Shaun Walker</Authors>
     <Company>.NET Foundation</Company>
@@ -10,7 +10,7 @@
     <Copyright>.NET Foundation</Copyright>
     <PackageProjectUrl>https://www.oqtane.org</PackageProjectUrl>
     <PackageLicenseUrl>https://github.com/oqtane/oqtane.framework/blob/dev/LICENSE</PackageLicenseUrl>
-    <PackageReleaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.0.3</PackageReleaseNotes>
+    <PackageReleaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.1.1</PackageReleaseNotes>
     <RepositoryUrl>https://github.com/oqtane/oqtane.framework</RepositoryUrl>
     <RepositoryType>Git</RepositoryType>
     <CopyLocalLockFileAssemblies>true</CopyLocalLockFileAssemblies>
@@ -29,7 +29,7 @@
   </PropertyGroup>
   
   <ItemGroup>
-    <PackageReference Include="MySql.EntityFrameworkCore" Version="6.0.0-preview3.1" />
+    <PackageReference Include="MySql.EntityFrameworkCore" Version="6.0.0" />
   </ItemGroup>
 
   <ItemGroup>

Oqtane.Database.MySQL/Oqtane.Database.MySQL.nuspec

@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2010/07/nuspec.xsd">
     <metadata>
         <id>Oqtane.Database.MySQL</id>
-        <version>3.0.3</version>
+        <version>3.1.1</version>
         <authors>Shaun Walker</authors>
         <owners>.NET Foundation</owners>
         <title>Oqtane MySQL Provider</title>
@@ -12,7 +12,7 @@
         <requireLicenseAcceptance>false</requireLicenseAcceptance>
         <license type="expression">MIT</license>
         <projectUrl>https://github.com/oqtane/oqtane.framework</projectUrl>
-        <releaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.0.3</releaseNotes>
+        <releaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.1.1</releaseNotes>
         <icon>icon.png</icon>
         <tags>oqtane</tags>
     </metadata>

Oqtane.Database.PostgreSQL/Oqtane.Database.PostgreSQL.csproj

@@ -2,7 +2,7 @@
 
   <PropertyGroup>
     <TargetFramework>net6.0</TargetFramework>
-    <Version>3.0.3</Version>
+    <Version>3.1.1</Version>
     <Product>Oqtane</Product>
     <Authors>Shaun Walker</Authors>
     <Company>.NET Foundation</Company>
@@ -10,7 +10,7 @@
     <Copyright>.NET Foundation</Copyright>
     <PackageProjectUrl>https://www.oqtane.org</PackageProjectUrl>
     <PackageLicenseUrl>https://github.com/oqtane/oqtane.framework/blob/dev/LICENSE</PackageLicenseUrl>
-    <PackageReleaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.0.3</PackageReleaseNotes>
+    <PackageReleaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.1.1</PackageReleaseNotes>
     <RepositoryUrl>https://github.com/oqtane/oqtane.framework</RepositoryUrl>
     <RepositoryType>Git</RepositoryType>
     <CopyLocalLockFileAssemblies>true</CopyLocalLockFileAssemblies>
@@ -29,9 +29,9 @@
   </PropertyGroup>
   
   <ItemGroup>
-    <PackageReference Include="EFCore.NamingConventions" Version="6.0.0-rc.1" />
+    <PackageReference Include="EFCore.NamingConventions" Version="6.0.0" />
-    <PackageReference Include="Microsoft.EntityFrameworkCore.Relational" Version="6.0.0" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.Relational" Version="6.0.3" />
-    <PackageReference Include="Npgsql.EntityFrameworkCore.PostgreSQL" Version="6.0.0" />
+    <PackageReference Include="Npgsql.EntityFrameworkCore.PostgreSQL" Version="6.0.3" />
   </ItemGroup>
 
   <ItemGroup>

Oqtane.Database.PostgreSQL/Oqtane.Database.PostgreSQL.nuspec

@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2010/07/nuspec.xsd">
     <metadata>
         <id>Oqtane.Database.PostgreSQL</id>
-        <version>3.0.3</version>
+        <version>3.1.1</version>
         <authors>Shaun Walker</authors>
         <owners>.NET Foundation</owners>
         <title>Oqtane PostgreSQL Provider</title>
@@ -12,7 +12,7 @@
         <requireLicenseAcceptance>false</requireLicenseAcceptance>
         <license type="expression">MIT</license>
         <projectUrl>https://github.com/oqtane/oqtane.framework</projectUrl>
-        <releaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.0.3</releaseNotes>
+        <releaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.1.1</releaseNotes>
         <icon>icon.png</icon>
         <tags>oqtane</tags>
     </metadata>

Oqtane.Database.SqlServer/Oqtane.Database.SqlServer.csproj

@@ -2,7 +2,7 @@
 
   <PropertyGroup>
     <TargetFramework>net6.0</TargetFramework>
-    <Version>3.0.3</Version>
+    <Version>3.1.1</Version>
     <Product>Oqtane</Product>
     <Authors>Shaun Walker</Authors>
     <Company>.NET Foundation</Company>
@@ -10,7 +10,7 @@
     <Copyright>.NET Foundation</Copyright>
     <PackageProjectUrl>https://www.oqtane.org</PackageProjectUrl>
     <PackageLicenseUrl>https://github.com/oqtane/oqtane.framework/blob/dev/LICENSE</PackageLicenseUrl>
-    <PackageReleaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.0.3</PackageReleaseNotes>
+    <PackageReleaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.1.1</PackageReleaseNotes>
     <RepositoryUrl>https://github.com/oqtane/oqtane.framework</RepositoryUrl>
     <RepositoryType>Git</RepositoryType>
     <CopyLocalLockFileAssemblies>true</CopyLocalLockFileAssemblies>
@@ -29,7 +29,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="6.0.0" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="6.0.3" />
   </ItemGroup>
 
   <ItemGroup>

Oqtane.Database.SqlServer/Oqtane.Database.SqlServer.nuspec

@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2010/07/nuspec.xsd">
     <metadata>
         <id>Oqtane.Database.SqlServer</id>
-        <version>3.0.3</version>
+        <version>3.1.1</version>
         <authors>Shaun Walker</authors>
         <owners>.NET Foundation</owners>
         <title>Oqtane SQL Server Provider</title>
@@ -12,7 +12,7 @@
         <requireLicenseAcceptance>false</requireLicenseAcceptance>
         <license type="expression">MIT</license>
         <projectUrl>https://github.com/oqtane/oqtane.framework</projectUrl>
-        <releaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.0.3</releaseNotes>
+        <releaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.1.1</releaseNotes>
         <icon>icon.png</icon>
         <tags>oqtane</tags>
     </metadata>

Oqtane.Database.Sqlite/Oqtane.Database.Sqlite.csproj

@@ -2,7 +2,7 @@
 
   <PropertyGroup>
     <TargetFramework>net6.0</TargetFramework>
-    <Version>3.0.3</Version>
+    <Version>3.1.1</Version>
     <Product>Oqtane</Product>
     <Authors>Shaun Walker</Authors>
     <Company>.NET Foundation</Company>
@@ -10,7 +10,7 @@
     <Copyright>.NET Foundation</Copyright>
     <PackageProjectUrl>https://www.oqtane.org</PackageProjectUrl>
     <PackageLicenseUrl>https://github.com/oqtane/oqtane.framework/blob/dev/LICENSE</PackageLicenseUrl>
-    <PackageReleaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.0.3</PackageReleaseNotes>
+    <PackageReleaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.1.1</PackageReleaseNotes>
     <RepositoryUrl>https://github.com/oqtane/oqtane.framework</RepositoryUrl>
     <RepositoryType>Git</RepositoryType>
     <CopyLocalLockFileAssemblies>true</CopyLocalLockFileAssemblies>
@@ -29,7 +29,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.EntityFrameworkCore.Sqlite" Version="6.0.0" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.Sqlite" Version="6.0.3" />
   </ItemGroup>
 
   <ItemGroup>

Oqtane.Database.Sqlite/Oqtane.Database.Sqlite.nuspec

@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2010/07/nuspec.xsd">
     <metadata>
         <id>Oqtane.Database.Sqlite</id>
-        <version>3.0.3</version>
+        <version>3.1.1</version>
         <authors>Shaun Walker</authors>
         <owners>.NET Foundation</owners>
         <title>Oqtane SQLite Provider</title>
@@ -12,7 +12,7 @@
         <requireLicenseAcceptance>false</requireLicenseAcceptance>
         <license type="expression">MIT</license>
         <projectUrl>https://github.com/oqtane/oqtane.framework</projectUrl>
-        <releaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.0.3</releaseNotes>
+        <releaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.1.1</releaseNotes>
         <icon>icon.png</icon>
         <tags>oqtane</tags>
     </metadata>

Oqtane.Database.Sqlite/SqliteDatabase.cs

@@ -35,6 +35,11 @@ namespace Oqtane.Database.Sqlite
             // not implemented as SQLite does not support dropping columns
         }
 
+        public override void AlterStringColumn(MigrationBuilder builder, string name, string table, int length, bool nullable, bool unicode)
+        {
+            // not implemented as SQLite does not support altering columns
+        }
+
         public override string ConcatenateSql(params string[] values)
         {
             var returnValue = String.Empty;

Oqtane.Package/Oqtane.Client.nuspec

@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2010/07/nuspec.xsd">
   <metadata>
     <id>Oqtane.Client</id>
-    <version>3.0.3</version>
+    <version>3.1.1</version>
     <authors>Shaun Walker</authors>
     <owners>.NET Foundation</owners>
     <title>Oqtane Framework</title>
@@ -12,7 +12,7 @@
     <requireLicenseAcceptance>false</requireLicenseAcceptance>
     <license type="expression">MIT</license>
     <projectUrl>https://github.com/oqtane/oqtane.framework</projectUrl>
-    <releaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.0.3</releaseNotes>
+    <releaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.1.1</releaseNotes>
     <icon>icon.png</icon>
     <tags>oqtane</tags>
   </metadata>

Oqtane.Package/Oqtane.Framework.nuspec

@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2010/07/nuspec.xsd">
   <metadata>
     <id>Oqtane.Framework</id>
-    <version>3.0.3</version>
+    <version>3.1.1</version>
     <authors>Shaun Walker</authors>
     <owners>.NET Foundation</owners>
     <title>Oqtane Framework</title>
@@ -11,8 +11,8 @@
     <copyright>.NET Foundation</copyright>
     <requireLicenseAcceptance>false</requireLicenseAcceptance>
     <license type="expression">MIT</license>
-    <projectUrl>https://github.com/oqtane/oqtane.framework/releases/download/v3.0.3/Oqtane.Framework.3.0.3.Upgrade.zip</projectUrl>
+    <projectUrl>https://github.com/oqtane/oqtane.framework/releases/download/v3.1.1/Oqtane.Framework.3.1.1.Upgrade.zip</projectUrl>
-    <releaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.0.3</releaseNotes>
+    <releaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.1.1</releaseNotes>
     <icon>icon.png</icon>
     <tags>oqtane framework</tags>
   </metadata>

Oqtane.Package/Oqtane.Server.nuspec

@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2010/07/nuspec.xsd">
   <metadata>
     <id>Oqtane.Server</id>
-    <version>3.0.3</version>
+    <version>3.1.1</version>
     <authors>Shaun Walker</authors>
     <owners>.NET Foundation</owners>
     <title>Oqtane Framework</title>
@@ -12,7 +12,7 @@
     <requireLicenseAcceptance>false</requireLicenseAcceptance>
     <license type="expression">MIT</license>
     <projectUrl>https://github.com/oqtane/oqtane.framework</projectUrl>
-    <releaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.0.3</releaseNotes>
+    <releaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.1.1</releaseNotes>
     <icon>icon.png</icon>
     <tags>oqtane</tags>
   </metadata>

Oqtane.Package/Oqtane.Shared.nuspec

@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2010/07/nuspec.xsd">
   <metadata>
     <id>Oqtane.Shared</id>
-    <version>3.0.3</version>
+    <version>3.1.1</version>
     <authors>Shaun Walker</authors>
     <owners>.NET Foundation</owners>
     <title>Oqtane Framework</title>
@@ -12,7 +12,7 @@
     <requireLicenseAcceptance>false</requireLicenseAcceptance>
     <license type="expression">MIT</license>
     <projectUrl>https://github.com/oqtane/oqtane.framework</projectUrl>
-    <releaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.0.3</releaseNotes>
+    <releaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.1.1</releaseNotes>
     <icon>icon.png</icon>
     <tags>oqtane</tags>
   </metadata>