@namespace Oqtane.Modules.Admin.Users @inherits ModuleBase @inject IUserRoleService UserRoleService @inject IUserService UserService @inject ISettingService SettingService @inject ISiteService SiteService @inject IStringLocalizer Localizer @inject IStringLocalizer SharedLocalizer @inject SiteState SiteState @if (users == null) {

@SharedLocalizer["Loading"]

} else {

@SharedLocalizer["Username"] @SharedLocalizer["Email"] @Localizer["LastLoginOn"] @Localizer["LastIPAddress"] @Localizer["CreatedOn"]

@context.User.Username @((MarkupString)string.Format("{1}", @context.User.Email, @context.User.DisplayName)) @string.Format("{0:dd-MMM-yyyy HH:mm}",context.User.LastLoginOn) @context.User.LastIPAddress @string.Format("{0:dd-MMM-yyyy HH:mm}",context.User.CreatedOn)

Allow User Registration?

@if (_providertype != "") {

Allow Login?

} else {

Allow Login?

} @if (UserSecurity.IsAuthorized(PageState.User, RoleNames.Host)) {

Two Factor?

Cookie Name:

}

@if (UserSecurity.IsAuthorized(PageState.User, RoleNames.Host)) {

Minimum Length:

Unique Characters:

Require Digit?

Require Uppercase?

Require Lowercase?

Require Punctuation?

Maximum Failures:

Lockout Duration:

Provider Type:

@if (_providertype != "") {

Provider Name:

} @if (_providertype == AuthenticationProviderTypes.OpenIDConnect) {

Authority:

Metadata Url:

} @if (_providertype == AuthenticationProviderTypes.OAuth2) {

Authorization Url:

Token Url:

User Info Url:

} @if (_providertype != "") {

Client ID:

Client Secret:

Scopes:

Parameters:

Use PKCE?

Redirect Url:

Identifier Claim:

Email Claim:

Domain Filter:

Create New Users?

}

Secret:

Issuer:

Audience:

Lifetime:

Access Token:

}

} @code { private List allusers; private List users; private string _search = ""; private string _allowregistration; private string _allowsitelogin; private string _twofactor; private string _cookiename; private string _minimumlength; private string _uniquecharacters; private string _requiredigit; private string _requireupper; private string _requirelower; private string _requirepunctuation; private string _maximumfailures; private string _lockoutduration; private string _providertype; private string _providername; private string _authority; private string _metadataurl; private string _authorizationurl; private string _tokenurl; private string _userinfourl; private string _clientid; private string _clientsecret; private string _clientsecrettype = "password"; private string _toggleclientsecret = string.Empty; private string _scopes; private string _parameters; private string _pkce; private string _redirecturl; private string _identifierclaimtype; private string _emailclaimtype; private string _domainfilter; private string _createusers; private string _secret; private string _secrettype = "password"; private string _togglesecret = string.Empty; private string _issuer; private string _audience; private string _lifetime; private string _token; public override SecurityAccessLevel SecurityAccessLevel => SecurityAccessLevel.Admin; protected override async Task OnInitializedAsync() { await LoadUserSettingsAsync(); await LoadUsersAsync(true); var settings = await SettingService.GetSiteSettingsAsync(PageState.Site.SiteId); _allowregistration = PageState.Site.AllowRegistration.ToString(); _allowsitelogin = SettingService.GetSetting(settings, "LoginOptions:AllowSiteLogin", "true"); if (UserSecurity.IsAuthorized(PageState.User, RoleNames.Host)) { _twofactor = SettingService.GetSetting(settings, "LoginOptions:TwoFactor", "false"); _cookiename = SettingService.GetSetting(settings, "LoginOptions:CookieName", ".AspNetCore.Identity.Application"); _minimumlength = SettingService.GetSetting(settings, "IdentityOptions:Password:RequiredLength", "6"); _uniquecharacters = SettingService.GetSetting(settings, "IdentityOptions:Password:RequiredUniqueChars", "1"); _requiredigit = SettingService.GetSetting(settings, "IdentityOptions:Password:RequireDigit", "true"); _requireupper = SettingService.GetSetting(settings, "IdentityOptions:Password:RequireUppercase", "true"); _requirelower = SettingService.GetSetting(settings, "IdentityOptions:Password:RequireLowercase", "true"); _requirepunctuation = SettingService.GetSetting(settings, "IdentityOptions:Password:RequireNonAlphanumeric", "true"); _maximumfailures = SettingService.GetSetting(settings, "IdentityOptions:Lockout:MaxFailedAccessAttempts", "5"); _lockoutduration = TimeSpan.Parse(SettingService.GetSetting(settings, "IdentityOptions:Lockout:DefaultLockoutTimeSpan", "00:05:00")).TotalMinutes.ToString(); _providertype = SettingService.GetSetting(settings, "ExternalLogin:ProviderType", ""); _providername = SettingService.GetSetting(settings, "ExternalLogin:ProviderName", ""); _authority = SettingService.GetSetting(settings, "ExternalLogin:Authority", ""); _metadataurl = SettingService.GetSetting(settings, "ExternalLogin:MetadataUrl", ""); _authorizationurl = SettingService.GetSetting(settings, "ExternalLogin:AuthorizationUrl", ""); _tokenurl = SettingService.GetSetting(settings, "ExternalLogin:TokenUrl", ""); _userinfourl = SettingService.GetSetting(settings, "ExternalLogin:UserInfoUrl", ""); _clientid = SettingService.GetSetting(settings, "ExternalLogin:ClientId", ""); _clientsecret = SettingService.GetSetting(settings, "ExternalLogin:ClientSecret", ""); _toggleclientsecret = SharedLocalizer["ShowPassword"]; _scopes = SettingService.GetSetting(settings, "ExternalLogin:Scopes", ""); _parameters = SettingService.GetSetting(settings, "ExternalLogin:Parameters", ""); _pkce = SettingService.GetSetting(settings, "ExternalLogin:PKCE", "false"); _redirecturl = PageState.Uri.Scheme + "://" + PageState.Alias.Name + "/signin-" + _providertype; _identifierclaimtype = SettingService.GetSetting(settings, "ExternalLogin:IdentifierClaimType", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier"); _emailclaimtype = SettingService.GetSetting(settings, "ExternalLogin:EmailClaimType", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"); _domainfilter = SettingService.GetSetting(settings, "ExternalLogin:DomainFilter", ""); _createusers = SettingService.GetSetting(settings, "ExternalLogin:CreateUsers", "true"); _secret = SettingService.GetSetting(settings, "JwtOptions:Secret", ""); _togglesecret = SharedLocalizer["ShowPassword"]; _issuer = SettingService.GetSetting(settings, "JwtOptions:Issuer", PageState.Uri.Scheme + "://" + PageState.Alias.Name); _audience = SettingService.GetSetting(settings, "JwtOptions:Audience", ""); _lifetime = SettingService.GetSetting(settings, "JwtOptions:Lifetime", "20"); } } private async Task LoadUsersAsync(bool load) { if (load) { allusers = await UserRoleService.GetUserRolesAsync(PageState.Site.SiteId, RoleNames.Registered); if (UserSecurity.IsAuthorized(PageState.User, RoleNames.Host)) { var hosts = await UserRoleService.GetUserRolesAsync(PageState.Site.SiteId, RoleNames.Host); allusers.AddRange(hosts); allusers = allusers.OrderBy(u => u.User.DisplayName).ToList(); } } users = allusers; if (!string.IsNullOrEmpty(_search)) { users = users.Where(item => ( item.User.Username.Contains(_search, StringComparison.OrdinalIgnoreCase) || item.User.Email.Contains(_search, StringComparison.OrdinalIgnoreCase) || item.User.DisplayName.Contains(_search, StringComparison.OrdinalIgnoreCase) ) ).ToList(); } } private async Task OnSearch() { await UpdateUserSettingsAsync(); await LoadUsersAsync(false); } private async Task DeleteUser(UserRole UserRole) { try { var user = await UserService.GetUserAsync(UserRole.UserId, PageState.Site.SiteId); if (user != null) { await UserService.DeleteUserAsync(user.UserId, PageState.Site.SiteId); await logger.LogInformation("User Deleted {User}", UserRole.User); await LoadUsersAsync(true); StateHasChanged(); } } catch (Exception ex) { await logger.LogError(ex, "Error Deleting User {User} {Error}", UserRole.User, ex.Message); AddModuleMessage(ex.Message, MessageType.Error); } } private string settingSearch = "AU-search"; private async Task LoadUserSettingsAsync() { Dictionary settings = await SettingService.GetUserSettingsAsync(PageState.User.UserId); _search = SettingService.GetSetting(settings, settingSearch, ""); } private async Task UpdateUserSettingsAsync() { Dictionary settings = await SettingService.GetUserSettingsAsync(PageState.User.UserId); SettingService.SetSetting(settings, settingSearch, _search); await SettingService.UpdateUserSettingsAsync(settings, PageState.User.UserId); } private async Task SaveSiteSettings() { try { var site = PageState.Site; site.AllowRegistration = bool.Parse(_allowregistration); await SiteService.UpdateSiteAsync(site); var settings = await SettingService.GetSiteSettingsAsync(site.SiteId); settings = SettingService.SetSetting(settings, "LoginOptions:AllowSiteLogin", _allowsitelogin, false); if (UserSecurity.IsAuthorized(PageState.User, RoleNames.Host)) { settings = SettingService.SetSetting(settings, "LoginOptions:TwoFactor", _twofactor, false); settings = SettingService.SetSetting(settings, "LoginOptions:CookieName", _cookiename, true); settings = SettingService.SetSetting(settings, "IdentityOptions:Password:RequiredLength", _minimumlength, true); settings = SettingService.SetSetting(settings, "IdentityOptions:Password:RequiredUniqueChars", _uniquecharacters, true); settings = SettingService.SetSetting(settings, "IdentityOptions:Password:RequireDigit", _requiredigit, true); settings = SettingService.SetSetting(settings, "IdentityOptions:Password:RequireUppercase", _requireupper, true); settings = SettingService.SetSetting(settings, "IdentityOptions:Password:RequireLowercase", _requirelower, true); settings = SettingService.SetSetting(settings, "IdentityOptions:Password:RequireNonAlphanumeric", _requirepunctuation, true); settings = SettingService.SetSetting(settings, "IdentityOptions:Lockout:MaxFailedAccessAttempts", _maximumfailures, true); settings = SettingService.SetSetting(settings, "IdentityOptions:Lockout:DefaultLockoutTimeSpan", TimeSpan.FromMinutes(Convert.ToInt64(_lockoutduration)).ToString(), true); settings = SettingService.SetSetting(settings, "ExternalLogin:ProviderType", _providertype, false); settings = SettingService.SetSetting(settings, "ExternalLogin:ProviderName", _providername, false); settings = SettingService.SetSetting(settings, "ExternalLogin:Authority", _authority, true); settings = SettingService.SetSetting(settings, "ExternalLogin:MetadataUrl", _metadataurl, true); settings = SettingService.SetSetting(settings, "ExternalLogin:AuthorizationUrl", _authorizationurl, true); settings = SettingService.SetSetting(settings, "ExternalLogin:TokenUrl", _tokenurl, true); settings = SettingService.SetSetting(settings, "ExternalLogin:UserInfoUrl", _userinfourl, true); settings = SettingService.SetSetting(settings, "ExternalLogin:ClientId", _clientid, true); settings = SettingService.SetSetting(settings, "ExternalLogin:ClientSecret", _clientsecret, true); settings = SettingService.SetSetting(settings, "ExternalLogin:Scopes", _scopes, true); settings = SettingService.SetSetting(settings, "ExternalLogin:Parameters", _parameters, true); settings = SettingService.SetSetting(settings, "ExternalLogin:PKCE", _pkce, true); settings = SettingService.SetSetting(settings, "ExternalLogin:IdentifierClaimType", _identifierclaimtype, true); settings = SettingService.SetSetting(settings, "ExternalLogin:EmailClaimType", _emailclaimtype, true); settings = SettingService.SetSetting(settings, "ExternalLogin:DomainFilter", _domainfilter, true); settings = SettingService.SetSetting(settings, "ExternalLogin:CreateUsers", _createusers, true); if (!string.IsNullOrEmpty(_secret) && _secret.Length < 16) _secret = (_secret + "????????????????").Substring(0, 16); settings = SettingService.SetSetting(settings, "JwtOptions:Secret", _secret, true); settings = SettingService.SetSetting(settings, "JwtOptions:Issuer", _issuer, true); settings = SettingService.SetSetting(settings, "JwtOptions:Audience", _audience, true); settings = SettingService.SetSetting(settings, "JwtOptions:Lifetime", _lifetime, true); } await SettingService.UpdateSiteSettingsAsync(settings, site.SiteId); await SettingService.ClearSiteSettingsCacheAsync(); if (!string.IsNullOrEmpty(_secret)) { SiteState.AuthorizationToken = await UserService.GetTokenAsync(); } AddModuleMessage(Localizer["Success.SaveSiteSettings"], MessageType.Success); } catch (Exception ex) { await logger.LogError(ex, "Error Saving Site Settings {Error}", ex.Message); AddModuleMessage(Localizer["Error.SaveSiteSettings"], MessageType.Error); } } private void ProviderTypeChanged(ChangeEventArgs e) { _providertype = (string)e.Value; if (string.IsNullOrEmpty(_providername)) { if (_providertype == AuthenticationProviderTypes.OpenIDConnect) { _scopes = "openid,profile,email"; _identifierclaimtype = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier"; _emailclaimtype = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"; } else { _scopes = ""; _identifierclaimtype = "sub"; _emailclaimtype = "email"; } } _redirecturl = PageState.Uri.Scheme + "://" + PageState.Alias.Name + "/signin-" + _providertype; StateHasChanged(); } private async Task CreateToken() { _token = await UserService.GetPersonalAccessTokenAsync(); } private void ToggleClientSecret() { if (_clientsecrettype == "password") { _clientsecrettype = "text"; _toggleclientsecret = SharedLocalizer["HidePassword"]; } else { _clientsecrettype = "password"; _toggleclientsecret = SharedLocalizer["ShowPassword"]; } } private void ToggleSecret() { if (_secrettype == "password") { _secrettype = "text"; _togglesecret = SharedLocalizer["HidePassword"]; } else { _secrettype = "password"; _togglesecret = SharedLocalizer["ShowPassword"]; } } }